Skip to main content
Sonos please task one of your engineers with adding a password option to the Sonos system just like Apple has done with their Homepods!



Airplay2 is a game changer when it comes to an open system like Sonos because any device with Airplay2 capability can take control of a sonos system without intentionally installing the Sonos app. While this is convenient on some networks it is a royal pain in the arse for others.



Take my home network as an example. I have two wireless networks - one for the family and one for guests. The guest network has no access to Sonos which is great. But everyone on the family network can control any speaker in the Sonos system because there is no way to secure them. Unfortunately I can't put them on a separate subnet due to the shared media and backup servers. Sure, I ask them not to connect to certain speaker and groups, but they don't see the harm in having the house filled with their cool tunes while I'm at work. Can't really blame them but it causes problems with the neighbors and even me (sucks to ask Alexa to play CNN on a speaker and have it blaring close to full volume because someone forgot to turn it down).



BTW, this wasn't much of a problem before the Airplay2 update because none of the kids had the Sonos app installed on their devices but now they connect without a 2nd thought.



Please give us the option to protect speakers and groups of speakers.
But the hacker is still not on the same subnet.



If they have gained access to the network where the Sonos devices reside then they can poke, prod, control and attempt to hack those devices. That is an indisputable fact. How they gained access to the net and what devices they are using to attack the Sonos devices is not important.




Gaining access to your network and being on the same subnet are 2 different things. And it is important if you are claiming an app based password will protect against a lack of network security. That is why they require authentication when linking services and not when loading the Sonos app, because apps from services like Spotify don't need to be on the same subnet.



And stop with the judicious snipping. Answer the whole post or don't answer at all.
Gaining access to your network and being on the same subnet are 2 different things.



If you have gained access to the network it is but a small step to gain access to a device on that net. Once that happens all bets are off.



And it is important if you are claiming an app based password will protect against a lack of network security. That is why they require authentication when linking services and not when loading the Sonos app.



Not sure what you mean. The sonos device does not require user authentication to control the device from non-sonos apps.
Gaining access to your network and being on the same subnet are 2 different things.



If you have gained access to the network it is but a small step to gain access to a device on that net. Once that happens all bets are off.



And it is important if you are claiming an app based password will protect against a lack of network security. That is why they require authentication when linking services and not when loading the Sonos app.



Not sure what you mean. The sonos device does not require user authentication to control the device from non-sonos apps.






So you are claiming they are using a controller on your system. Which would mean you need a password every time you use the app? Not many are fans of that.



And it most certainly requires you to authenticate when you initially link your service app to the Sonos app. Not to use the app to control Sonos, because that would be annoyingly stupid for 99% of users (see above).
Which would mean you need a password every time you use the app? Not many are fans of that.

Make it optional and when in place give the user the option to save the password in the app they use to control Sonos.



Not to use the app to control Sonos, because that would be annoyingly stupid for 99% of users (see above).

I am talking about controlling sonos from any app. No authentication is required, at least not as far I can see.
Which would mean you need a password every time you use the app? Not many are fans of that.

Make it optional and when in place give the user the option to save the password in the app they use to control Sonos.



Not to use the app to control Sonos, because that would be annoyingly stupid for 99% of users (see above).

I am talking about controlling sonos from any app. No authentication is required, at least not as far I can see.




If something were so important for security, you'd think it would be mandatory? Which brings me back to the point that this security topic is a charade. And saving it in the app would not prevent someone taking over your device and messing with Sonos, the very scenario you present above.



To the controlling from another app thing, you cannot control via Spotify, Pandora, Alexa, etc. until you link the account with your Sonos account, which requires authentication. No authentication, no control from another subnet, no security risk. Which is the very reason they require it (as opposed to making it optional).
If something were so important for security, you'd think it would be mandatory? Which brings me back to the point that this security topic is a charade.

IMO it should be mandatory but others here feel differently so make it optional. I would definitely have it enabled just like I do for every other device on my net.



To the linking thing, you cannot control via Spotify, Pandora, Alexa, etc. until you link, which requires authentication. No authentication, no control from another subnet, no security risk. Which is the very reason the require it (as opposed to making it optional).

I have not mentioned any of those services and they are not part of this discussion as far as I'm concerned. I'm talking about controlling Sonos devices.
Too bad, control from those apps is actually a way someone could gain access to Sonos from the outside, unlike your absurd scenarios. Then again, that is why Sonos has secured them.



Oh by the way, your insistence on defending this security tangent has taken all the focus off your original request. Not sure that was your intent. Perhaps if you drop the tangent, we can get back on topic.
Too bad, control from those apps is actually a way someone could gain access to Sonos from the outside, unlike your absurd scenarios. Then again, that is why Sonos has secured them.

Hacking those apps/services would be several orders of magnitude more difficult then gaining access through the common attack vectors mentioned in this thread.
Too bad, control from those apps is actually a way someone could gain access to Sonos from the outside, unlike your absurd scenarios. Then again, that is why Sonos has secured them.

Hacking those apps/services would be several orders of magnitude more difficult then gaining access through the common attack vectors mentioned in this thread.




Nonsense. All you would need to do is gain access to your network and sign on your app and you would have almost full control over the Sonos devices. Which is why Sonos requires you to link with your Sonos account, using a password.



Still snipping I see. I don't know why you keep trying to take the focus off your original request. It's ok, I'll play along.
Gosh the paranoia is still growing here for one or two.



My home is well protected and locked, but I will never see the point in putting a padlock on my bedroom door that I would then have to open/close everytime I entered/exited that part of the premises. There’s nothing in the bedroom anyway, the good stuff is all in the secure safe downstairs.



I don’t see the point in padlocking the bedroom door at all, as that does absolutely nothing to help keep my safe secure, even if the thief can get into the house in the first place.



And there is the analogy for me.
All you would need to do is gain access to your network and sign on your app and you would have almost full control over the Sonos devices.

What app are you referring to here?
Gosh the paranoia is still growing here for one or two.



My home is well protected and locked, but I will never see the point in putting a padlock on my bedroom door that I would then have to open/close everytime I entered/exited that part of the premises. There’s nothing in the bedroom anyway, the good stuff is all in the secure safe downstairs.



I don’t see the point in padlocking the bedroom door at all, as that does absolutely nothing to help keep my safe secure, even if the thief can get into the house in the first place.



And there is the analogy for me.




If you locked your doors and windows then your home may be reasonably secure but as soon as you unlock a window or door that changes. Your network is similar. Even though you may have your router/firewall secured (and there is probably no such thing as a secure router/firewall), the moment one of your devices connects to and receives information from the internet you have opened the door for hackers. By design a home or business network that connects to the internet cannot be locked up tight like a house.



If you want a secure net that is not subject to attack from the outside the only option is to create an air-gapped network. I've been a software developer for 40 years and we've worked on these types of nets from time to time. It is a pain in the rear but it does solve much of the security issue.
All you would need to do is gain access to your network and sign on your app and you would have almost full control over the Sonos devices.

What app are you referring to here?




You can control Sonos devices directly from the Spotify app, the Pandora app, or Alexa, sometimes even when not on the same subnet. Hence Sonos requires you to authenticate both your Sonos account and your Spotify, Pandora and/or Alexa account before it allows this linking of functionality. If Sonos thought there was any danger of someone being able to control Sonos from outside the network via any other means, they most certainly would require authentication.



But they don't.
You can control Sonos devices directly from the Spotify app, the Pandora app, or Alexa, sometimes even when not on the same subnet. Hence Sonos requires you to authenticate both your Sonos account and your Spotify, Pandora and/or Alexa account before it allows this functionality.

Got it, that is a different attack vector and not part of this discussion.



If Sonos thought there was any danger of someone being able to control Sonos from outside the network via any other means, they most certainly would require authentication.



But they don't.


I don't know what Sonos thinks but we aren't really discussing controlling Sonos devices from outside the network (e.g. control from a different subnet) here because the control comes from a compromised device inside a breached network. The point of this thread is that networks are inherently insecure. Therefore hackers can (and do) gain remote access to local devices on what people believe are secure networks. This is an disputable fact.
Since when are you the arbiter of what is and isn't part of the discussion? Quit dismissing scenarios because they don't fit your narrative.



And I'm still waiting for you to describe one example, just one, of how someone can gain control of your Sonos devices that would be thwarted by an app level password.



Just one. Give me one. No dodging. No links. Give us details. I've actually given you one that they have plugged. Now you give me one they haven't. Heck, we all know your original request needs more diversions.
Since when are you the arbiter of what is andisn't part of the discussion? Quit dismissing scenarios because they don't fit your narrative.



I'm dismissing it because it is irrelevant to this discussion as Sonos has already addressed the authentication issue related to it.



And I'm still waiting for you to describe one way, just one, of how someone can gain control of your Sonos devices that would be thwarted by an app level passwod.

The ability to control Sonos would be greatly diminished if those controls required authentication before activation.



Just one. Give me one. No dodging. No links. Give us details.

The last link I provided gives excellent examples. As a software developer I can conceive of others but I'm certainly not going to post them on the web.


Just one. Give me one. No dodging. No links. Give us details.

The last link I provided gives excellent examples. As a software developer I can conceive of others but I'm certainly not going to post them on the web.




Still can't find one single example, I see. Give it up. Your security issues have absolutely nothing to do with your original request.
Still can't find one single example, I see. Give it up.

I already provided links to examples.



Your security issues have absolutely nothing to do with your original request.

Never said they did. However, if Sonos devices had the option for authentication this thread wouldn't exist.
If I did leave a window or door open, to my network, the worst thing for me is, that the thief may eventually find the location of the safe. Let’s just say that the safe in this instance is a 'crude' encrypted hidden drive partition that uses 3rd party encryption software, which perhaps has a 16 digit key that is not written down, or stored on the network. It really doesn’t matter if the client application that provides access to the partition is stored locally, or stored on a USB stick. I don’t use this method anymore by the way, but I used to, back in the mid-late 1990’s.



What I really don’t see now, is how password protecting my sonos system, or application, would now make the slightest bit of difference to the thief that has already got this far onto the network. Who really is going to leave important stuff lying around unprotected and even, if they do, why on earth would the thief head for the Sonos system application, when there are probably thousands of other applications that the thief could use or bring with him through the open window or doorway.



I still remain baffled by the argument here, it’s really seems quite irrelevant to the original post in this thread, which was more about stopping the kids using the Sonos application, by installing a password, which I’m sure the kids will probably eventually discover anyway, just by looking over your shoulder.



I still think chicks was right when he said this was more of a discipline matter, rather than a security issue.
What I really don’t see now, is how password protecting my sonos system, or application, would now make the slightest bit of difference to the thief that has already got this far onto the network.



There are something like 20 million Sonos devices in the wild and they are part of the IoT universe which is under constant attack. Why would you or anyone else have a problem with protecting those devices with an optional authentication feature?
With numerous Sonos Speakers, plus many more smart-bulbs, smart-plugs, wireless hubs, cameras, doorbells etc. I’d get to the stage that compulsory password authentication to use these things on a daily basis, would drive me nuts!.. It would just be far too inconvenient for any end user.



The device authentication on the LAN itself has to be sufficient for these type of things... if a hacker wants to play songs by 'Vera Lynne' and flash a few lights to let me know I left a network window open, then so be it. The focus should be on securing the LAN, not the individual devices.



In all seriousness, I do see LAN security as being very important and it has to come down to the owner/admistrator to be responsible for it. I personally don’t see it as a Sonos problem, or a Philips problem, or any other device manufacturer, who’s products are actually intended for use on 'secure' local networks.



The security for my network is, and always will be, down to me... I actually don’t want to shift that responsibility across to all my individual devices... in the same way that I don’t want to have locks on the internal doors in my home, that lead to the kitchen, or the bedroom etc.
Just one. Give me one. No dodging. No links. Give us details.



The last link I provided gives excellent examples. As a software developer I can conceive of others but I'm certainly not going to post them on the web.



You know your snipping does not preclude me actually quoting the original request?





Never said they did. However, if Sonos devices had the option for authentication this thread wouldn't exist.




Again with your nonsense. Sonos could 100% protect their API from both internal and external attacks and not come close to giving you what you wished for in your OP.
Sonos could 100% protect their API from both internal and external attacks and not come close to giving you what you wished for in your OP.



Now that is interesting. How do you propose they do that while allowing Airplay access without any authentication (which is what we have now)?
The device authentication on the LAN itself has to be sufficient for these type of things... if a hacker wants to play songs by 'Vera Lynne' and flash a few lights to let me know I left a network window open, then so be it. The focus should be on securing the LAN, not the individual devices.

First, the risk is far greater than playing a song or turning on a light. If you doubt it read this:



https://www.networkworld.com/article/3266375/internet-of-things/best-practices-for-iot-security.html



"Making matters worse is the fact that cybercriminals are incentivized to figure out new and more insidious ways to hack into even the most benign devices because they can provide a convenient gateway to more valuable systems. Your connected rice-cooker might not, at first-blush, appear to present much of a threat to the security of your home if it is compromised by an outside party. But if it can act as a gateway to more important devices on your network it might actually represent your most significant security vulnerability."



The fact is that some of the smartest guys in the industry disagree with you. Maybe you missed this last time so here it is again.



The INTERNET OF THINGS (IOT) SECURITY BEST PRACTICES paper might be educational for you and others that believe it is OK to have unsecured devices on your networks.



https://internetinitiative.ieee.org/images/files/resources/white_papers/internet_of_things_may_2017.pdf



"5. Use strong authentication



IoT devices should not use easy-to-guess username/password credentials,

such as admin/admin. Devices should not use default credentials that are

invariant across multiple devices and should not include back doors and

debug-mode settings (secret credentials established by the device's

programmer) because, once guessed, they can be used to hack many

devices.



Each device should have a unique default username/password, perhaps

printed on its casing, and preferably resettable by the user. Passwords

should be sophisticated enough to resist educated guessing and so-called

brute force methods.



Where possible we recommend two-factor authentication (2FA), which

requires a user to employ both a password and another authentication form

that does not rely on user knowledge, such as a random code generated via

SMS text messaging. For IoT applications, we especially encourage the use

of context-aware authentication (CAA), also known as adaptive

authentication, which use contextual information and machine-learning

algorithms to continuously evaluate risk of malice without bother to the user

by demanding authentication. If risk is high, then the subscriber (or hacker)

would be asked for a multi-factor token to continue having access."

Treeguy,



I guess I could go out into town and get run over by a bus whilst crossing the road, or even fall down a sinkhole, I’m just not as paranoid about these things or the raised internal network matters as you, or some others here, appear to be.



I do my very best to keep my network secure and even if the hacker gets in I doubt he, or she, would find anything that’s really worth stealing.. if they want to waste their time trying then good luck to them. I do use hardware firewall and software/encryption and keep things updated. I pay for my email to be scanned and filtered eexternally too, prior to receipt. I keep some data secure offsite and all my information and operating systems are incrementally backed up.



I just don’t want the huge inconvenience of now having to enter a password every time I do something in an environment that I consider to be secure already. I understand some folk are paranoid about their security, but I don’t want those things forced on me.



The house analogy and 'padlocks on internal doors' that I mentioned earlier is the same thing... I don’t want to lock/unlock a bedroom door each time I enter/exit the room, in my secure home... if my home is broken into, the thief still has to find and get access to the safe. I prefer to spend my money on the perimeter and the safe, so I then have the freedom to move around the rest of the place, unhindered.



I have read the documents you refer to and nothing in those have altered my position on this, not in the slightest.