Synth-DIY Yahoo! Groups Archives

Thread

Lack of security for DKV network

2008-10-27 by qv308

I live in an apartment building, and there must be a dozen or so wifi
users here.  Most all of us with existing wifi networks, I use the
Apple Airport system, provide them with password protection to
prevent unauthorized use.  When I had my MRK IV up and running I was
disturbed to find my DKV listed among other networks in the building,
AND NO SECURITY PROTECTION.

Is there some way to provide security protection so that others will
not mess with the DKV or attempt to use it for access to my other
computers or to the internet?

Is Yamaha aware of this security flaw?

Steve

Re: [disklavier] Lack of security for DKV network

2008-10-27 by Kevin Goroway

Steve,

Your observation is true, and yamaha is certainly aware of it.  Let me try to alleviate some of your primary fears though...

While others may try to connect to your piano's access point, it has no access to the rest of the computers on your network, nor to the internet.  Those capabilities of the piano are actually on a different (wired) network (the one that your airport is connected to).

That being said, there are real dangers to having the communication between the remote(s) and the piano be wide open.  Even more so if your piano is running a version of the software before 2.1.  Most of those dangers, however, are to the piano's database, and nothing else.  A truly malicious person with a whole lot of time on their hands could tell your piano to delete everything it has, for example...  That's the worst case scenario as far as I can see.  They could also tell your piano to connected to yamaha's store and purchase a bunch of music for you...however they would need your password and fortunately *THAT* is encrypted (again, assuming version 2.1 or greater).

-Kevin




________________________________

Show quoted textHide quoted text

From: qv308 <stevme@...>
To: disklavier@yahoogroups.com
Sent: Monday, October 27, 2008 9:59:09 AM
Subject: [disklavier] Lack of security for DKV network

I live in an apartment building, and there must be a dozen or so wifi
users here.  Most all of us with existing wifi networks, I use the
Apple Airport system, provide them with password protection to
prevent unauthorized use.  When I had my MRK IV up and running I was
disturbed to find my DKV listed among other networks in the building,
AND NO SECURITY PROTECTION.

Is there some way to provide security protection so that others will
not mess with the DKV or attempt to use it for access to my other
computers or to the internet?

Is Yamaha aware of this security flaw?

Steve

Re: [disklavier] Lack of security for DKV network

2008-10-27 by James Fry

They could also start your piano playing at 3am in the morning :-)

James


Kevin Goroway wrote:

Show quoted textHide quoted text

> Steve,
>
> Your observation is true, and yamaha is certainly aware of it.  Let me 
> try to alleviate some of your primary fears though...
>
> While others may try to connect to your piano's access point, it has 
> no access to the rest of the computers on your network, nor to the 
> internet.  Those capabilities of the piano are actually on a different 
> (wired) network (the one that your airport is connected to).
>
> That being said, there are real dangers to having the communication 
> between the remote(s) and the piano be wide open.  Even more so if 
> your piano is running a version of the software before 2.1.  Most of 
> those dangers, however, are to the piano's database, and nothing 
> else.  A truly malicious person with a whole lot of time on their 
> hands could tell your piano to delete everything it has, for 
> example...  That's the worst case scenario as far as I can see.  They 
> could also tell your piano to connected to yamaha's store and purchase 
> a bunch of music for you...however they would need your password and 
> fortunately *THAT* is encrypted (again, assuming version 2.1 or greater).
>
> -Kevin

Re: Lack of security for DKV network

2008-10-27 by jheitzeb1

With the Mac you can use the system preference, 'Sharing' option.  Set
the file sharing to 'public folder' or drop box only.  That way, you
can keep others from accessing any info on your hard drives.  They can
only have access to the public folder or drop box only on your Mac. 
Just make sure that you clear out any important info from the drop box
(public folder) after transferring to others in your household.  

There is a password scheme for the airport express connection as well
as for your network, but I couldn't get it to work with the disklavier
and airport express when I originally set it up and haven't tried it
again.  

Joan




--- In disklavier@yahoogroups.com, "qv308" <stevme@...> wrote:

Show quoted textHide quoted text

>
> I live in an apartment building, and there must be a dozen or so wifi
> users here.  Most all of us with existing wifi networks, I use the
> Apple Airport system, provide them with password protection to
> prevent unauthorized use.  When I had my MRK IV up and running I was
> disturbed to find my DKV listed among other networks in the building,
> AND NO SECURITY PROTECTION.
> 
> Is there some way to provide security protection so that others will
> not mess with the DKV or attempt to use it for access to my other
> computers or to the internet?
> 
> Is Yamaha aware of this security flaw?
> 
> Steve
>

Re: Lack of security for DKV network

2008-11-06 by qv308

Thanks for the responses.

I still think we should be able to require a password to get into the
Disklavier and also be able to set it up as a closed network so that
it does not appear on other people's systems unless they know the name
of the server.

Steve

Re: [disklavier] Re: Lack of security for DKV network

2008-11-07 by Phil Blah

Yeah I agree, there needs to be a security section so a user can setup passwords, wep keys.. from memory I don't think you can turn off file sharing either.. that should be an option and or have a password or trusted mac address access.

hmm

Oh well.

Philip

Show quoted textHide quoted text

From: qv308
To: disklavier@yahoogroups.com
Sent: Friday, 7 November, 2008 3:32:08 AM
Subject: [disklavier] Re: Lack of security for DKV network

Thanks for the responses.

I still think we should be able to require a password to get into the
Disklavier and also be able to set it up as a closed network so that
it does not appear on other people's systems unless they know the name
of the server.

Steve

Search 1000's of available singles in your area at the new Yahoo!7 Dating. Get Started.

Re: [disklavier] Re: Lack of security for DKV network

2008-11-07 by Kevin Goroway

File sharing is only done via the wired port on the disklavier...if you have turned that into a wireless port you have full control over its security.  Doesn't seem like there's any hole there to me.




________________________________

Show quoted textHide quoted text

From: Phil Blah <phil.blah@...>
To: disklavier@yahoogroups.com
Sent: Thursday, November 6, 2008 9:27:51 PM
Subject: Re: [disklavier] Re: Lack of security for DKV network

Yeah I agree, there needs to be a security section so a user can setup passwords, wep keys.. from memory I don't think you can turn off file sharing either.. that should be an option and or have a password or trusted mac address access.

hmm

Oh well.

Philip

________________________________
From: qv308 <stevme@verizon. net>
To: disklavier@yahoogro ups.com
Sent: Friday, 7 November, 2008 3:32:08 AM
Subject: [disklavier] Re: Lack of security for DKV network

Thanks for the responses.

I still think we should be able to require a password to get into the
Disklavier and also be able to set it up as a closed network so that
it does not appear on other people's systems unless they know the name
of the server.

Steve

________________________________

Search 1000's of available singles in your area at the new Yahoo!7 Dating. Get Started.