What happened when this was set up?

  • 3 January 2019
  • 5 replies
  • 140 views

This thread has been helpful but I ran into something a bit disconcerting. Full disclosure I have worked in IT for a while, run sec projects and know enough about forensics to be dangerous. However I am a human so PLEASE no high and mighty lectures on any of this.

Facts:
Sonos I speakers arrived afternoon from Amazon before dinner party
I proceeded to TRY to get them running per instructions, had to dig into all kinds of documentation b/c guess what? You can't use the app on Mac Air to do this. Constant no connection error and no love. Regretting purchase.
Mounted the Mac onto the temp Sonos wireless network
Still not working, still will not connect
Party must be readied for so I hand the mess off to SO who has listened to me bellow for the last hour
Partner has to install speakers via iphone and appears to get them up and running, lets them upgrade, does the software does sound test. No boost, wireless only and working fine
Partner installs app on MBP and we can get news and Spotify just fine
I install app on Air and it is working just fine
At no point in time was ANYONE prompted for our WPA2 wireless pwrd. EVER. EVER
2 days later I am on the same home wireless network working from home and notice that the volume is getting turned up and that the cursor on my Mac Air is moving of it's own accord. Reality check, this cannot be happening so, I move the cursor to predefined spot come back and someone has decided to look at files from the viewer.
I immediately shut down the wireless on the Air
I immediately notice that the Mac Air STILL has TWO mounts from the supposedly "temporary" wireless set up SONOS network which I then unmount.
I change the password on the Mac, fire up the wireless and put on the VPN and change the WPA2 pwrd
I want some solid answers on what the hell just happened???????

This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.

5 replies

Userlevel 7
Badge +19
Hey there, rcaddy27. I moved your comment to a topic of its own, so we could get a few more eyes on this rather than hiding in the comments of another topic.

During the setup process, did you (or your partner) have any one of the Sonos devices plugged into the network via Ethernet? I ask because if no password was input into Sonos, it must have been set up in the wired configuration. Keep in mind, this configuration does not need a Boost unit and can be achieved with any one of the Sonos devices plugged into the network via Ethernet. No password is needed since Sonos has a physical connection to the network and all the controllers have the credentials needed to access the network and in turn, Sonos.

On a Mac, most things that are "mounted" are disk images. In your case, these Sonos disk images are installers that you (or your partner) likely downloaded when installing the Sonos application.

To be honest, I can't tell you what exactly happened with regards to the moving cursor or the perceived remote access. From my experience with Apple and Windows computer systems, things like this normally require some sort of installation/plug-in and a "handshake" of credentials (user needs to give permission) in order to gain control of input devices like keyboards and mice. For instance, when I used to help users on the phone support team, I'd need the user to download a program, install it, have them input a session ID and then I'd only be able to see the screen. In order to interact with windows and click about, I'd need further permissions (in-app) given by the end user.

On this front, I'd recommend going to your local Apple Store or Apple Certified Technician and have them run a diagnostic scan. As usual, be sure to back up your data (important documents, photos, etc.) beforehand.
Keith,

Could it be a case that after the speaker install, the 'significant other's' previously authorised/approved mobile controller, was controlling the Sonos speaker whilst that mobile controller device was away from the network and accessing the speaker via the Sonos API .. such 3G/4G access through an open Spotify 'connect' connection, or even Amazon Alexa, or Amazon Music control is a possibility, isn’t it ?

And that rcaddy27 was witnessing their partner moving the volume control via their 'authorised' remote App?

Just a thought ?
Userlevel 7
Badge +19
Funny you bring that up. Jeff S and I were talking about this one and he brought up the same point! It could be that as well. I didn't even think of volume control.

However, searching on Spotify Connect does not change the desktop controller instance. If they were playing audio from the Spotify app to Sonos, it'd act like a "cast" rather than taking control of what's shown on another controller. On the other hand, there are some apps that allow for remote control of a Mac laptop. But that requires setup and some more insight from the OP.

When replying, I really dug into this phrase:

I move the cursor to predefined spot come back and someone has decided to look at files from the viewer.

I took "cursor" to be the mouse and to "look at files from the viewer" as the finder in a Mac. The only way "files" could be "looked at" on the Mac Air would be if there was direct input with the mouse or keyboard (or remote app), even if they meant "browsing on the desktop controller app" instead of actually looking through files in the viewer.

Either way, we wait for more information! 😃
Temper tantrum in the other thread, and the toys have been thrown out of the stroller and back to the store. Oh well.
For the sake of continuity, the rest of the original discussion can be found here.