Jump to content

Security


Steverido

Recommended Posts

Steverido

Hey Guys,

I have my Amazon Fire TV which has Emby on it. The server for Emby is installed on a Windows 10 PC via an ethernet network in my home. Is it possible for someone to hack into the Fire TV and acces my PC? Fire TV only has access to the pC through Emby.

Link to comment
Share on other sites

Gilgamesh_48

If someone could gain total access to your Fire TV and install a browser on the Fire and then discover the address of your PC and if the file system is somewhat open and then break into your PC through the browser including guessing a working password then, maybe, they could use your PC to do things. 

But notice that Emby in no way is involved in that hack.

I would say that the total chances of anyone effectively hacking a PC in that manner is finitely small as in miniscule as in below the limits of any measurable chance. In fact I am not sure I could break in to my own PC using my own Fire stick in that manner.

But few things are impossible so it can't be completely eliminated as a possibility.

  • Like 1
Link to comment
Share on other sites

Steverido

Thanks Guys, good to know.

The strange thing is someone else in my household has installed Fire Stick and installed Emby and immediately gaine access to the server. That is password protected so I am bemused how they did it.

Any ideas?

Link to comment
Share on other sites

rbjtech

Have ALL the local accounts on emby got passwords ?  If yes, then the only realistic way another client can connect to your emby server is knowing the password.    I suggest you change them to something new and known only to you and see if they can still connect ... ;)

On the more technical side - if you are using emby 'out the box' and using HTTP - then it IS very possible to 'snoop' the network and capture the packets - including the password in plain text.    That is another remote possibility - would this other user have the tools & knowledge to do this ?  HTTPS of course will prevent this from happening as all transport is then encrypted - but on your own internal network - this is, imho, not required ... 

Edited by rbjtech
Link to comment
Share on other sites

2 hours ago, Steverido said:

Thanks Guys, good to know.

The strange thing is someone else in my household has installed Fire Stick and installed Emby and immediately gaine access to the server. That is password protected so I am bemused how they did it.

Any ideas?

What user were they logged in with? Did you check user management on your server for that user to ensure there is a password?

Link to comment
Share on other sites

Steverido
On 22/01/2021 at 18:05, rbjtech said:

Have ALL the local accounts on emby got passwords ?  If yes, then the only realistic way another client can connect to your emby server is knowing the password.    I suggest you change them to something new and known only to you and see if they can still connect ... ;)

On the more technical side - if you are using emby 'out the box' and using HTTP - then it IS very possible to 'snoop' the network and capture the packets - including the password in plain text.    That is another remote possibility - would this other user have the tools & knowledge to do this ?  HTTPS of course will prevent this from happening as all transport is then encrypted - but on your own internal network - this is, imho, not required ... 

I had not setup any user accounts beside my own. It is password protected & Local Network Access is set to requires a password.  I have changed my password and created a user profile for the other person. He can't access my profile now. Still unsure how he accessed it without a password though.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...