Can you expand on using the Plex service instead?
I have just lowered the security on a Synology NAS used for work projects, and I would prefer not to do that just to have the music folder be accessible to our Sonos Connect:amp — which is great hardware for our needs and in no need of replacement.
Re: Plex Service on Sonos, see this link:
https://support.sonos.com/s/article/3405
I went with a cheap SMBv1 server on a Raspberry Pi, you can also use a Pi as a SMBv1 gateway to your real NAS so you don’t need two copies of your music.
The SMB situation on S1 is not going to change, you can read through the many, many past posts on just why it can’t. Can’t not won’t.
It’s great to have a solution for the “Synology Problem”. But here’s the sad truth: It’s actually a “Sonos Problem”, and “Our Problem”! Why? The SMB v1 & NTLM v1 protocols are horribly weak, and increase our risks of being hacked. Synology’s DSM software gives you dire warnings, and advises against making the changes required to connect with Sonos. And the risk is not limited to “someone gets to listen to your music without permission”; the risk is that someone gets your credentials & exploits that to attack something important… keep anything important on your NAS? It’s now at greater risk! Sonos has let us down in a huge way here because they will not upgrade the Sonos Controller! We shouldn’t be at greater risk because I don’t want or need to replace 8 or 10 older Sonos speakers.
My understanding has been that the Linux Kernel used on the older S1 devices does not support a higher version of SMB and it’s not viable to change the kernel on the old hardware.. hence the need for the split to S2 System, plus the older devices we’re running out of memory/storage space.
The S2 products are the only way to achieve having the higher (more secure) version of SMB - what you’re asking for is not viable for Sonos to do due to the hardware limitation, much in the same way an old monochrome TV will not display colour via its screen .. its perhaps time to upgrade your devices if you want/need this feature, otherwise I would rely on your local network security/software to keep your NAS share safe and you can always opt to use the Plex service instead.
Ken: You have been mis-informed. Let’s have no more weak excuses or cover-ups, please. If you got this information from someone at Sonos, and no other supporting details were furnished, I think they are being disingenuous. The kernel may need to be patched, but that does not mean it must increase in size - it may even decrease! The Linux kernel contains tons of code that’s not required in the Sonos application. Most embedded applications (like Sonos) strip this code out. Why would someone want printer drivers in the SONOS-version of the Linux kernel?? Tailoring the Linux kernel to a specific application is a well-worn procedure. No doubt this was done as part of the original Sonos design.
Wrt the security aspect of this, you may read along in this Wikipedia article if you want corroboration. The timeline for SMB versions is approximately as follows:
SMB v1: Microsoft marked SMB1 as deprecated in June 2013
SMB v2: The Linux kernel's CIFS client file system has SMB2 support since version 3.7. Linux 3.7 was released on 10 Dec 2012.
SMB v3: On April 19, 2012, SMB v 2.2 was re-named as SMB 3
So this is not a new problem at all - is it? November 2009 is the date Sonos introduced the Play5, and it was discontinued on November 20, 2015. Halfway through their production cycle, Sonos knew that SMB 1 had been deprecated, and they knew SMB 2 was available for their Linux kernel. Yet, Sonos continued manufacturing these units for another 3 years.
These facts, when combined with other recent decisions by Sonos, portrays a rather disturbing pattern. If all the facts are laid on the table, I’m sure that the Sonos firmware (incl. the Linux kernel) could be upgraded without breaching the physical limits on device memory. But Sonos will never do that: They are not interested in supporting their old customers unless they want to buy the new Sonos hardware. But here’s Sonos’ problem: Does anyone believe that if they buy new hardware today, they will be treated any differently in the future than the “Version 1” customers are being treated today?
Sonos has at least two options to correct this misbehavior. One of them is without expense - the “No cost to Sonos option”. The other one is to update their software and firmware like an honest and responsible business should do.
- Release the firmware - post it on GitHub (etc), under the same license terms as they got for the Linux kernel they used. (That they haven’t done this years ago may be a violation of their license for the kernel code).
- Fix this insecure software. Sonos could yet salvage some of their reputation as a fair and honest company.
It simply isn’t gonna happen, it’s S1, it’s “dead”.
It simply isn’t gonna happen, it’s S1, it’s “dead”.
You’re probably correct… “liars gonna’ lie” as they say. The voting patterns here suggest this forum has a majority population of Sonos supporters, and I’ll guess you’re one. That’s fine - I used to be one. I think the biggest difference between us on this subject is that I won’t continue to pay Sonos for abuse. I can’t control Sonos, but I do control who I spend $ with, and what I tell others about “the Sonos experience” :)
Just another Sonos fanboy here, but out of curiosity...
I have never seen anyone report on here, or on reddit, or anywhere else, that they have actually had a security breach as a result of this. Anybody else seen anything? I am not saying that means it cannot happen, I’m just curious.
This is never going to change, IMO, whether that’s right or wrong, or can’t or won’t. I suspect it is can’t not won’t, but I don’t have the technical expertise to form an opinion. I just don’t know why Sonos would not have done this if they could, and if they really believed it was critical. Out of their own selfish interest, if for no other reason.
It simply isn’t gonna happen, it’s S1, it’s “dead”.
You’re probably correct… “liars gonna’ lie” as they say. The voting patterns here suggest this forum has a majority population of Sonos supporters, and I’ll guess you’re one. That’s fine - I used to be one. I think the biggest difference between us on this subject is that I won’t continue to pay Sonos for abuse. I can’t control Sonos, but I do control who I spend $ with, and what I tell others about “the Sonos experience” :)
I’m not a supporter, I’m simply realistic. It happens all the time that tech gets dropped and for these old devices I can’t even blame anyone. I mean the players still work as they did on day one (with loads of added features over time) so I don’t see any abuse or whatever here. You just don’t get new features which I think is ok as long as the players continue to work.
Sonos has at least two options to correct this misbehavior. One of them is without expense - the “No cost to Sonos option”. The other one is to update their software and firmware like an honest and responsible business should do.
- Release the firmware - post it on GitHub (etc), under the same license terms as they got for the Linux kernel they used. (That they haven’t done this years ago may be a violation of their license for the kernel code).
- Fix this insecure software. Sonos could yet salvage some of their reputation as a fair and honest company.
Sonos has released a lot of their software as is required by the GPL License it carries. You can download it from their open source pages.
If you can get the kernel to compile, with SMB 3 support active, and fit the memory footprint of the S1 devices, I’m sure they would be willing to pay you well for a copy of your code.
Sonos has at least two options to correct this misbehavior. One of them is without expense - the “No cost to Sonos option”. The other one is to update their software and firmware like an honest and responsible business should do.
- Release the firmware - post it on GitHub (etc), under the same license terms as they got for the Linux kernel they used. (That they haven’t done this years ago may be a violation of their license for the kernel code).
- Fix this insecure software. Sonos could yet salvage some of their reputation as a fair and honest company.
Sonos has released a lot of their software as is required by the GPL License it carries. You can download it from their open source pages.
If you can get the kernel to compile, with SMB 3 support active, and fit the memory footprint of the S1 devices, I’m sure they would be willing to pay you well for a copy of your code.
Ha ha ha… you’re “sure”… Just how sure are you?
Ha ha ha… you’re “sure”… Just how sure are you?
I'm pretty sure that for some it's hard to accept reality.