access 11 Posted April 22, 2021 Posted April 22, 2021 Hello, This looks like a bit of a security issue, where any users on my Emby can see the last used Chrome Cast devices in different house holds. When I click chromecast; I can see the device lists from others users. Is this something I have misconfigured or is this a real security bug? Thanks
Happy2Play 9783 Posted April 22, 2021 Posted April 22, 2021 This will change some in 4.6 but applies to User Remote Control settings also. Dashboard-Users-Select User
access 11 Posted April 23, 2021 Author Posted April 23, 2021 So you say this will change "some" can you explain whether the issue I raised will be solved? The reason I ask is my users find this actually quite scary from a privacy perspective.
Happy2Play 9783 Posted April 23, 2021 Posted April 23, 2021 Will have to find the link but what is their Remote control options?
Guest Posted April 23, 2021 Posted April 23, 2021 LOL.. ever used Window Explorer and went to Network?... You can see every phone TV and device within range and have their MAC Addresses... connected or not. I used it to block everything within else within range.. just to make sure.. Main thing I would advise is implicit pairing on those devices, requiring code or password if capable... MAC address filtering/blocking. Some pairing of Bluetooth devices and their security worried me for awhile.. My Microsoft Wireless Display Adapter I like better than Chromecast any day.. It may have changed but it was limited at the time... MWDA had protection and was pure Miracast/Wireless HDMI.. not for sure what the newest models are like now.. Thing even works on my AVR.. If you worry about the security of your device however it is good to test it if possible.. and look into its security vulnerabilities.. Quite a few devices announce themselves wherever they go.. especially phones... they just have to be in range.
access 11 Posted April 25, 2021 Author Posted April 25, 2021 On 4/23/2021 at 11:53 AM, Hxemby001 said: LOL.. ever used Window Explorer and went to Network?... You can see every phone TV and device within range and have their MAC Addresses... connected or not. I used it to block everything within else within range.. just to make sure.. My issue is my users are seeing paired devices of other users in completely different countries, not in the one house hold. On 4/23/2021 at 12:36 PM, Luke said: Hi there, have you explored user permissions? That's what I'm asking, have I misconfigured something? I have them to allow remote control of shared devices, is this the checkbox that is causing it? But isn't this turning on Chromecast?
Guest Posted April 25, 2021 Posted April 25, 2021 The first setting allows you to send messages and disconnect devices which are logged on as well as use PlayTo.. Remote Access means your server is accessible through the web.. Picking up devices in other countries seems unlikely.. unless one of your users has allowed someone to connect to your server. It would seem.
Carlo 4561 Posted April 26, 2021 Posted April 26, 2021 4.6 improves on this quite a bit as well so stay tuned for that.
Happy2Play 9783 Posted April 26, 2021 Posted April 26, 2021 Pretty sure it will fall under this topic. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now