Answered

Sonos support for SMB 2.0 protocol


Hi,

Recently I have turned off SMB 1.0 on my Windows 10 as per Microsoft's recommendation (https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/). However, after I've disabled SMB 1.0, the Sonos application stopped working on that Win10 machine (not able to connect to local drives configured in the library). I had to turn SMB back

Could you please advise when will Sonos start supporting SMB 2.0 or later?

Thanks
icon

Best answer by Ryan S 19 September 2016, 20:34

Thanks for asking. As suggested already, we don't have any official plans to announce or share right now. Sonos only uses SMB for sharing your local music library off of a Windows computer or a network attached storage (NAS) drive. Mac computers share to Sonos through a different protocol that's setup using the Sonos controller.

If your music listening is through a music service, you can have SMB disabled on your system and Sonos won't have any trouble at all. The only trouble that comes up with SMB1 disabled is for those music shares listed above.

I'll pass on your feedback and interest in SMB2 to the team to make sure they are aware of it all.

View original

123 replies

Userlevel 5
Badge +3
There is no chance Sonos will make a public announcement of that sort. You might get some sort of private admission via Help Desk but I doubt it.
why not? SMB 2.0 was introduced in 2006, which is 10 years ago. out of all the applications and storage devices I have in my environment, Sonos is the only one that I have encountered problems after disabling SMB 1.0. I personally don't think it's too much to ask here, given the technology has been around for a decade?
Userlevel 5
Badge +3
How old it is bears no relevance, I'm 51 shall I chuck myself on the scrapheap?

Sure, it's not too much to ASK. But as a long time forum user I can tell you that the most you will get from Sonos is an acknowledgment of the suggestion.
well, you've got start the conversation somewhere, right? the software vendor may not aware of potential issues or threads, thus people communicate via social media such as a forum like this. I appreciate your input, but I'm really after a response from someone who works at Sonos. they don't have to give me a hard date or anything. An acknowledgement would be a good start.
I would be worried that as Sonos' focus moves away from local storage they may not have the skillset required to update this any more (they made the local storage team redundant, if the rumours are to be believed). One can imagine a time when smb 1.0 is dropped entirely from every operating system, signalling the end of local library support. This is pure speculation obviously, so I imagine it'll be getting reported as fact by this time tomorrow...
Userlevel 6
Badge +3
Thanks for asking. As suggested already, we don't have any official plans to announce or share right now. Sonos only uses SMB for sharing your local music library off of a Windows computer or a network attached storage (NAS) drive. Mac computers share to Sonos through a different protocol that's setup using the Sonos controller.

If your music listening is through a music service, you can have SMB disabled on your system and Sonos won't have any trouble at all. The only trouble that comes up with SMB1 disabled is for those music shares listed above.

I'll pass on your feedback and interest in SMB2 to the team to make sure they are aware of it all.
Hey Sonos, as mentioned, SMB v2 is ancient and SMB v3 is out. And ... if you haven't heard ... SMB v1 is amazingly insecure and needs to die! As you may have noticed there was a little worldwide event this past week the leveraged the ancient SMB v1 protocol (WannaCry ring any bells?). I have a QNAP NAS and I came home today and switched the settings to SMB v3 ... nope Sonos doesn't read my music library. I switched to SMB V2.1 nope ... no music library. SMB v 2.0 nope. Not until I switched back to the most ancient of ancient protocols was my music library available. My MacBook supports SMB v3, Linux supports SMB v3. Can we please stop only supporting decades old protocols that are hugely vulnerable? I'd rather not risk my network security because I have to run SMB v1 to read my Sonos music library. I'm an Information Security professional ... it's no longer time to have SMB v2 on your radar. It's time to step up to the plate and do it and do it fast (less than 1 month). From my perspective, and I'm sure that anyone, given the information in an understandable version, would absolutely agree ... SMB v1 has got to go!
Userlevel 6
Badge +3
Hi rstrom, thanks for the feedback, we'll make sure to pass the sentiment along. The team is aware of this already, so it's definitely something on their radar, but I can't share any specific details right now. I would suggest that if you're worried about SMB1 being a security risk, you can turn it off and instead share your music library to Sonos through Plex, which is now fully supported on Sonos. You can find details on Plex with Sonos here.
I'll look into but this is an issue:

"Tip!: Other audio formats such as FLAC or ALAC will be transcoded by your Plex Media Server to be compatible."

I have virtually everything that I own ripped to FLAC files and I have them ripped that way for a reason and it isn't so that it can get transcoded to some lesser format.

I know you "can't give me a specific date" but I / We need to know that it's more than "on your radar". It looks like it's been "on the radar" for at least 7+ months now.

This needs to be on the list for release with the next software update.

How about a commitment to your customers for that? Will Sonos commit to ensuring their customers are able to support the music formats and delivery methods (i.e. local NAS directly) that are current and secure?

Robert
And I have to enable remote access ... not sure that I want to do that

Robert
Ryan S

I have bi-directional GigaBit Internet but .... Why would I want to upload my local files to to the Internet and then download them again?

Unless I am mistaken about how this works ...

Robert
And ... do I also need to pay for it?

Robert
Sonos have had ¾ of a year to fix this and so far come up with nothing! The arrogance Sonos shows it customers by pointing them to Plex is incredible. The WannaCry virus have made me disable the SMB 1 protocol, and it will never be turned on again. For the moment my Sonos system is just as valuable as a white brick. Fix this now!
Bjørn Roar wrote:

Sonos have had ¾ of a year to fix this and so far come up with nothing! The arrogance Sonos shows it customers by pointing them to Plex is incredible. The WannaCry virus have made me disable the SMB 1 protocol, and it will never be turned on again. For the moment my Sonos system is just as valuable as a white brick. Fix this now!



You forgot ". . . or the bunny gets it!" :8

I'm happy to be corrected, but isn't SMBv1 a propagation mechanism for WannaCry once it's already infected at least one of the Windows boxes on the local network? And for that to happen you'd need to have let your OS remain unpatched for a couple of months, have a poor anti-virus installed, and have a weakness for opening unsolicited email attachments?

Besides, Windows provides a means to disable SMBv1.
Userlevel 3
Badge +3
While there's clearly some over-reaction going on in this thread, there are some nasty security issues with SMB v1. There's a pretty good summary at: https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

While these issues are unlikely to present significant risks in standard domestic environments, it would nevertheless probably be wise for Sonos to provide an option to use SMB v2+.
Userlevel 2
Badge +1
[quote=ratty]I'm happy to be corrected, but isn't SMBv1 a propagation mechanism for WannaCry once it's already infected at least one of the Windows boxes on the local network? And for that to happen you'd need to have let your OS remain unpatched for a couple of months, have a poor anti-virus installed, and have a weakness for opening unsolicited email attachments?

Besides, Windows provides a means to disable SMBv1.
-----/-
Agree and if you are using updated windows 10 you will have no problems. With either Sonos or Plex. I use both with no problems.
Whilst Sonos itself is not affected as the SMB v1 exploit is used to allow WannaCry and similar ransomware to spread to other Windows devices, a large number of customers (myself included) keep their media library on a windows device (Server 2012 in my case). I have the patch for this particular vulnerability, however, the fact remains that SMB v1 is now a very old protocol, and will further exploits will no doubt be found, so I also have a GPO to disable SMB v1 on all my PC's.
For me, I wont be re-enabling SMB v1 - I also have 3 young kids and an IT illiterate wife using my network, so I limit any threats in as many ways as possible.
Userlevel 1
It will probably be fixed soon given that Microsoft has announced it is removing support from SMBv1 from Windows 10 and Windows Server 2016. They'll have to update something to be able to continue supporting customers.
Userlevel 1
Badge
I'm not holding my breath. This is a classic chicken and egg problem, where vendors don't want to drop support for ancient protocols because it might light up the technical support phone lines. This is why so many NAS' (including Apple Airport) still support SMB1 and NTLM v1 authentication. Until more vendors simply shut down SMB1, there is little incentive for Sonos to update its SMB protocols also. However, said vendors will point to companies like Sonos and defend the continued use of deprecated protocols because vendors like Sonos still rely on it.

Sonos has been put publicly on notice by Microsoft's Ned Pyle that using SMB1 puts customer data at risk. Any server that has had its security dumbed down to SMB1 levels puts the entire server at risk, not just the one share that the Sonos playdeck resides on (modern Windows servers and FreeNAS have SMB1 and NTLM v1 support turned off by default for a reason). Hence, I serve my Sonos with data from a 'disposable' hard drive, I wouldn't want important data to be at risk due to crummy security imposed by the use of Sonos!

Assuming that Sonos operates on the basis that it will be a going concern, SMB2+ support will be required at some point in the future. Implementing the necessary libraries now has to be a lot easier to beta-test and implement than when a cataclysmic event roils the NAS industry and large numbers of NAS vendors suddenly abandon SMB1. Then, Sonos will be racing against the clock to implement something compatible with SMB2+ while customers consider their options - including switching to brands that place a higher value on security than Sonos does.
I've been monitoring the questions and replies concerning SMB here on the community since people got a bit more aware about the flaws with SMBv1.
What I don't understand are the comments about the need for Sonos to disable support for SMBv1.
Neither do I understand why some seem to blame the NAS vendors that support SMBv1 as a reason for Sonos not enabling support for SMBv2 or v3. Most NAS products let you choose the SMB level (v1 through v3) to your liking.
From my point of view Sonos may continue the support for SMBv1 for infinity if they are happy running insecure protocols.

What I would like, is to get a simple update of the product so that I can turn on SMBv2 or preferably SMBv3 and at the same time turn off the SMBv1 protocol on my Sonos system. Simple checkboxes under advanced options will do in addition to adding the protocols in the code.
That should be pretty straight forward to accomplish, but for some reason Sonos choose not to. They've had more than 10 years to incorporate SMBv2...
It seems that Sonos have stopped developing their product to customers who prefer to have their music on a local network and don't want to rely on streaming through the internet.
To bad really. I've been a happy user of Sonos since 2010, but everything must come to an end.
If I find that Denon Heos, Bluesound Pulse or similar products supports SMBv2 or SMBv3, one of those will replacing my Sonos solution.
Be careful, Denon will probably claim support is coming soon, then never deliver. Just like they did with Windows Mobile, Google Cast, Alexa, etc. :D
Userlevel 1
Badge
PEF, I agree - making a product that is SMBv1-compatible is not the same thing as relying on SMB1 availability. However, I would make the argument that offering explicit SMB v2+ support would help differentiate Sonos from the growing competition. Sonos still offers a couple of premium features that competitors have yet to copy. But the number of differentiators is shrinking and in some cases, Sonos lacks similar features (see ARC equalization, for example).

Obviously, Sonos cannot incorporate every feature that a competitor puts out - but in order to stay a niche leader, Sonos will have to keep its infrastructure / plumbing up-to-date. I'm surprised that Sonos doesn't do more for basic infrastructure than its consumer-facing features - sooner than later, a lack of focus on the former will impact development opportunities for the latter.

For example, the mesh network technology that Sonos pioneered in this segment became a significant differentiator and allowed Sonos' to be easily installed in environments that competitors could not be. Updating an extant SMB network stack on the basis of readily-available libraries is not nearly as big a challenge as developing the mesh infrastructure that Sonos pioneered.

Similarly, this apparent lack of focus on basic security infrastructure also raises the concern that other security issues may be lurking behind the eye-candy. I'd be interested if you find out anything re: SMB2+ support in competitors' products. The cutsheets don't mention anything in this regard.
Constantin,
Just got feeback from my local Hi-Fi dealer. Bluesound supports SMBv1, v2 and v3. However no feedback with regards to Denon HEOS. I will check out Bluesound's Pulse productline + Node (for hooking into my Hi-Fi amp and speakers). If everything sorts out I will most likely become an ex-Sonos user.
Chiming in here - it is becoming harder to justify keeping my Sonos running using SMBv1 - it means I've had to re-enable it on my NAS - which recently updated itself to default to not supporting the depreciated protocol...

Reply

    • :D
    • :?
    • :cool:
    • :S
    • :(
    • :@
    • :$
    • :8
    • :)
    • :P
    • ;)