I happened to look at the Chromecast app since it updated yesterday and there was another CC showing but needed setup. Considering problems some have had with WiFi reception including myself, I find this odd that I'm seeing one of my neighbor's CC.
wptski said:
I happened to look at the Chromecast app since it updated yesterday and there was another CC showing but needed setup. Considering problems some have had with WiFi reception including myself, I find this odd that I'm seeing one of my neighbor's CC.
Click to expand...
Click to collapse
Not odd at all...
It might appear as if it needs setting up but that is really only indicating that it is not on your local WiFi but could be connected to another.
Doesn't mean you couldn't hijack it if you wanted to however.
Asphyx said:
Not odd at all...
It might appear as if it needs setting up but that is really only indicating that it is not on your local WiFi but could be connected to another.
Doesn't mean you couldn't hijack it if you wanted to however.
Click to expand...
Click to collapse
Well, I see a bunch of routers but they are known to be a bit more robust in WiFi signal strength compared to a CC.
wptski said:
Well, I see a bunch of routers but they are known to be a bit more robust in WiFi signal strength compared to a CC.
Click to expand...
Click to collapse
Yeah but as long as there is nothing to interfere with the radio signal you can see lots of things...Connecting to them may be problematical but seeing them is almost always possible even as far away as a Quarter mile in an area that doesn't have a lot of RF signals floating around.
Asphyx said:
Yeah but as long as there is nothing to interfere with the radio signal you can see lots of things...Connecting to them may be problematical but seeing them is almost always possible even as far away as a Quarter mile in an area that doesn't have a lot of RF signals floating around.
Click to expand...
Click to collapse
We are talking about the range of a CC not a router here. I talked to both of my closet neighbors and one does have a CC but I can't see his. Subdivision of single family brick ranchs at around 1100-1200 sq/ft on stacked 60ft x 100ft lots.
wptski said:
We are talking about the range of a CC not a router here. I talked to both of my closet neighbors and one does have a CC but I can't see his. Subdivision of single family brick ranchs at around 1100-1200 sq/ft on stacked 60ft x 100ft lots.
Click to expand...
Click to collapse
Doesn't matter if it's a router or a CCast...Conditions matter more than the power of the radio!
wptski said:
We are talking about the range of a CC not a router here. I talked to both of my closet neighbors and one does have a CC but I can't see his. Subdivision of single family brick ranchs at around 1100-1200 sq/ft on stacked 60ft x 100ft lots.
Click to expand...
Click to collapse
Check if it's your CC by unplugging it and scanning again. One of mine once booted up in a mode where it was simultaneously connected to my network and broadcasting its setup AP. It was the weirdest thing and hasn't happen since, but my Chromecasts pretty much never reboot unless I tell them to.
bhiga said:
Check if it's your CC by unplugging it and scanning again. One of mine once booted up in a mode where it was simultaneously connected to my network and broadcasting its setup AP. It was the weirdest thing and hasn't happen since, but my Chromecasts pretty much never reboot unless I tell them to.
Click to expand...
Click to collapse
The rogue showed up while both of mine were off in the late afternoon yesterday and is showing up right now "Ready to Setup". Persistent little bugger, I had to kill the app as it keeps popping up to set it up! It has a off color name very close to a female sexual play toy.
wptski said:
The rogue showed up while both of mine were off in the late afternoon yesterday and is showing up right now "Ready to Setup". Persistent little bugger, I had to kill the app as it keeps popping up to set it up! It has a off color name very close to a female sexual play toy.
Click to expand...
Click to collapse
So set it up and change the name! LOL
Asphyx said:
So set it up and change the name! LOL
Click to expand...
Click to collapse
As stated earlier, I shouldn't be able to but I may try just to see it error out.
wptski said:
As stated earlier, I shouldn't be able to but I may try just to see it error out.
Click to expand...
Click to collapse
What makes you think it shouldn't be able to? If it is ready for setup then you should be able to....
What may be happening is the router to which that belongs to is off or they are using a mobile hotspot for their internet in which case when the router leaves the CCast goes into setup.
Asphyx said:
What makes you think it shouldn't be able to? If it is ready for setup then you should be able to....
What may be happening is the router to which that belongs to is off or they are using a mobile hotspot for their internet in which case when the router leaves the CCast goes into setup.
Click to expand...
Click to collapse
I'm assuming that it just shows ready to setup because it's not setup on my network.
Presently it's showing up again so I tried to set it up and got "Could not connect to your Chromecast. Make sure your Chromecast is nearby".
EDIT
Wait a minute! Yesterday, I think, I tried and got the "Do you see this number", have to try a few more times.
wptski said:
I'm assuming that it just shows ready to setup because it's not setup on my network.
Presently it's showing up again so I tried to set it up and got "Could not connect to your Chromecast. Make sure your Chromecast is nearby".
EDIT
Wait a minute! Yesterday, I think, I tried and got the "Do you see this number", have to try a few more times.
Click to expand...
Click to collapse
It's apparently just on the edge of range..Enough to see it but not close enough to actually communicate with it!
If asks if you see that number just say yes! LOL
Asphyx said:
It's apparently just on the edge of range..Enough to see it but not close enough to actually communicate with it!
If asks if you see that number just say yes! LOL
Click to expand...
Click to collapse
I did and it states either, it can't find it or can't communicate with it.
wptski said:
I did and it states either, it can't find it or can't communicate with it.
Click to expand...
Click to collapse
Weird... I wonder if having an open AP named Chromecast#### confuses the setup app.
bhiga said:
Weird... I wonder if having an open AP named Chromecast#### confuses the setup app.
Click to expand...
Click to collapse
That's beyond my limited knowledge on the subject,
wptski said:
That's beyond my limited knowledge on the subject,
Click to expand...
Click to collapse
And I've been too busy to try it. I'll get to it at some point...
bhiga said:
Weird... I wonder if having an open AP named Chromecast#### confuses the setup app.
Click to expand...
Click to collapse
Actually I'm not entirely sure on this (Have not tested it)
But I'm pretty certain that it says "ready to set up" even when connected to an AP when it is not connected to the same AP as you!
And it makes sense that it does just in case the Ccast somehow connects to the wrong AP or an Open one that isn't yours.
So the App sees the CCast and can set it up. You may not be able to connect to it via the WiFi in AP mode, but you probably can still send it a setup command if it is in range via the App.
Not much different than telling it to load an App really.
Asphyx said:
Actually I'm not entirely sure on this (Have not tested it)
But I'm pretty certain that it says "ready to set up" even when connected to an AP when it is not connected to the same AP as you!
And it makes sense that it does just in case the Ccast somehow connects to the wrong AP or an Open one that isn't yours.
Click to expand...
Click to collapse
No, you can't see a Chromecast that is connected to a different AP from what you're connected to, at least not when everything is working as it should...
Not configured, Not connected
Chromecast goes into setup mode as an open wireless access point named Chromecast#### (some 4-digit number)
Not configured, Connected
This should not be possible. Really.
Configured, Not connected
Chromecast goes into setup mode as an open wireless access point named Chromecast#### (some 4-digit number)
Configured, Connected
Chromecast is in normal mode as a wireless client
However, as I noted, I did have one instance where Chromecast was configured, and was connected, but still broadcasted its setup AP. I really should have investigated more, but I was freaked out and rebooted it - and things were normal after that.
I tried a few more times and once I had a popup stating that I was trying to connect to another router not mine. I know by the default name that it's another AT&T Uverse RG as the name is always 2WIRExxxx. I even tried going back to the previous version of the Chromecast app version but nothing changed. I'm using WiFi Fixer app and tried disabling it as well thinking that it may interfere some how.
One try locked my tablet up.
Related
I dont use wifi a lot, but i recently moved to a place that has bad signal, and so i wanted to connect to my router, when i turn it on it shows other routers but not mine. Which seemed odd to me. I reset the modem and router to see if that would help. But it still doesnt work.
I have the .29 baseband. The newest, i beleive, Would that pose a problem?
If so a radio link that is reliable would be grand!
check the wiki radios are different for everyone so you just have to go through and test them but PLEASE only use the ones on the HERO CDMA WIKI because if u flash a gsm radio by accedent that will garantee a bricked phone.
haha oh in know.. its happened before. a long time a go when i was more nooby.
Hey man can you PM me your personal step bystep instructions on your mod prl update post. I followed them on the op but still didnt work. and like which rom you were using?
Bierce22 said:
check the wiki radios are different for everyone so you just have to go through and test them but PLEASE only use the ones on the HERO CDMA WIKI because if u flash a gsm radio by accedent that will garantee a bricked phone.
Click to expand...
Click to collapse
I was under the impression the CDMA radio didn't have any affect on WiFi.
idk about if it effects it r not, but i tried 3 or 4 radios and all of the could not detect my router. So i guesss its another issue, ill have to ask and find out
Just an idea, probably a crazy one, but since you see other routers, make sure your router is actually broadcasting your network ID. (I have, at times in the past, turned this off unless I was connecting a new laptop or other device the first time, to keep it hidden from outsiders).
hareofthedog said:
Just an idea, probably a crazy one, but since you see other routers, make sure your router is actually broadcasting your network ID. (I have, at times in the past, turned this off unless I was connecting a new laptop or other device the first time, to keep it hidden from outsiders).
Click to expand...
Click to collapse
This.
Why do you think it's a problem with your phone if you can see other routers?
Is your router brocasting on the only freqs. that an N router uses which afaik your b/g wireless device(hero) won't see.
TJinWV said:
This.
Why do you think it's a problem with your phone if you can see other routers?
Click to expand...
Click to collapse
I dont think that was the issue really. i was just ruling out another possibilty i wasnt to knowledgable on
FdxRider said:
Is your router brocasting on the only freqs. that an N router uses which afaik your b/g wireless device(hero) won't see.
Click to expand...
Click to collapse
and i honestly have no idea. I didnt purchase it, and im not that savvy on networking and such
coffeehandle said:
and i honestly have no idea. I didnt purchase it, and im not that savvy on networking and such
Click to expand...
Click to collapse
Hmm..I've messed with a few router types (I work for a networking company, though I'm definitely no expert), what are you using (make model?) Have you connected other wireless devices (laptop, gaming console, etc) successfully?
Should be pretty easy to get into the web interface (though navigating the options can be confusing as hell) and see if it is:
1. broadcasting your net ID.
2. Running in N only mode (if it is an N router).
hareofthedog said:
Hmm..I've messed with a few router types (I work for a networking company, though I'm definitely no expert), what are you using (make model?) Have you connected other wireless devices (laptop, gaming console, etc) successfully?
Should be pretty easy to get into the web interface (though navigating the options can be confusing as hell) and see if it is:
1. broadcasting your net ID.
2. Running in N only mode (if it is an N router).
Click to expand...
Click to collapse
Yeah ive had it for a while actually, and ilive with 4 other people and we all can connect to 3, sometimes 4 laptops/desktops. And i beleive, i cant quiet remember, but i think ive connected to it before a long time ago. and i just looked and its a Netgear wirelsess N router
Okay, you should be able to log into it from one of your connected PCs via your browser, the address would either be http://192.168.0.1 or 192.168.1.1
username and password (IF they haven't been changed!) are probably admin/password
Once in there, you should be able to find wireless settings, first thing I would look for is (as was previously suggested by FdxRider) the mode (n only, n + g (and maybe b). If it is set to n only, change it to n + g, or n + g and b. Then see if you phone can see it. If that doesn't work, need to look for the SSID, AND see if you can find a setting that says something like broadcast SSID. You may have to hunt around a bit, but it should be in the wireless settings somewhere. If you change either of those, save the changes then have the phone scan and see if it shows up.
I'm not being too specific about where to find these things because web interfaces change a bit, and each brand has their own hiding places.
If you can't figure out the password to get in, you should be able to reset the router to factory defaults, should be one of those "poke something in here" holes on the router case itself in back...will change the SSID to NETGEAR and admin pass probably to "password"
You might want to update the routers firmware. With netgears you have to go to the website and dl the latest update and save it somewhere on your pc/laptop. Then on the left hand side of the routers page it will say update firwire. Click on that and its an option to browse to were you saved the firmware file to. When you find it just click it and let it do its thing. Then you will have to reset the router by pressing the black pin size button found on the back of the router. Then log back into the routers web page and check to make sure the firmware update took and matches the update you downloaded. Remember never let the router update itself always do it manually. Also never update the firmware while being on wireless always plug in via cat5/cat6. Also its a setting in the routers web page to save your current settings so after you update the firmware you wont have to resetup all of your settings. Just tell the router were to look for your setting file you saved and apply it.
Root/Hack-Mod_Always *
laie1472 said:
You might want to update the routers firmware. With netgears you have to go to the website and dl the latest update and save it somewhere on your pc/laptop. Then on the left hand side of the routers page it will say update firwire. Click on that and its an option to browse to were you saved the firmware file to. When you find it just click it and let it do its thing. Then you will have to reset the router by pressing the black pin size button found on the back of the router. Then log back into the routers web page and check to make sure the firmware update took and matches the update you downloaded. Remember never let the router update itself always do it manually. Also never update the firmware while being on wireless always plug in via cat5/cat6. Also its a setting in the routers web page to save your current settings so after you update the firmware you wont have to resetup all of your settings. Just tell the router were to look for your setting file you saved and apply it.
Root/Hack-Mod_Always *
Click to expand...
Click to collapse
Dude your chalk full of information. Ill check it out
If you go to
www.netgear/support
You can download you routers manual if you don't already have it. Also the routers latest firmware.
Root/Hack-Mod_Always *
Like the title says my Wifi will not connect to my router at home, but works everywhere else..
I have a Linksys wireless-n router. I put in the password and it automatically says that it is remembered but not in range. Any ideas on how this could have happened? Any possible solutions?
I don't know about the wifi stuff too much, but I have seen reference to people changing from channel 11 (std factory setting) to channel 4 for example. Dunno if that helps. Good luck.
Sent from my SGH-I897 using XDA App
How does one do this? I've looked but couldn't find any directions.
Sent from my SGH-I897 using XDA App
Bjangles said:
How does one do this? I've looked but couldn't find any directions.
Sent from my SGH-I897 using XDA App
Click to expand...
Click to collapse
you start with your router's IP address. if you don't know it, go to your command prompt and type "ipconfig" to figure out your router's IP address. Type the IP address into your internet browser to change the channel.
OK I'll try it later on tonight.
Go to google and type "linksys wireless n router change wireless channel" and select the first option you get (should take you to howtogeek.com)
Scroll down past the download it ask you to do and get to where it states Changing your wireless channel. Its pretty easy to do once you walk through that.
Does it only happen on the touchpad, or is it all devices?
It only happens with android (CM7 and CM9), web os is fine.
There has been issues with the wifi. I am running the bricked CM9 install myself and the wifi works just fine. Have you wiped the cache and all during install?
Seems that someone has posted a thread in the touchpad area concerning this same issue, thread will probably be moved once a mod gets a hold of it, but here is a link to it:
http://forum.xda-developers.com/showthread.php?t=1494458
ssid
Make sure you are broadcasting your ssid as android devices cannot see hidden networks, so you end up with "not in range" when you try to connect
I got it to work kinda. I have to leave and go out of range, them come back for it to work.
Does WPA2 broadcast the ssid?
There is an app in the Market labeled something like 'WiFi Fix' that 'helps' this issues as well. If I had my TP in front of me I'd get you the exact name, or if the Market would track free apps between devices like Amazon does, but I digress...
I use the word 'help' loosely above because the 'fix' wipes out all your wireless settings. It deletes all the profiles, etc. So after re-entering the keys you'll get right back on the wifi, but this is somewhat painful after every single time it goes to sleep...
Anyway, consider it an option, semi-viable at least.
If you can see your wireless in the list of available networks it is broadcasting the SSID.
I guess I'll just go for a stroll whenever my touchpad needs a restart. thanks for the help.
Bjangles said:
I guess I'll just go for a stroll whenever my touchpad needs a restart. thanks for the help.
Click to expand...
Click to collapse
I'd be going for lots of walks. Mine lasts for less than 5 minutes -- assuming it connects.
For the TouchPad, it seems the only thing that truly works is a wide open connection without authentication or encryption. People have had varying amounts of success, but I cannot get it to connect to my work's WPA2 Enterprise or anything above WPA at my house...
There's a couple of threads going on in the Development forum where they've basically said that Wifi for the TouchPad sucks and is in a major need of (re)working in order to get it right. The current ar6000 driver isn't cutting it and the ath6kl driver + wpa_supplicant are not Android complaint.
Someone has a kang (CherryKANG) with a supposed wifi driver fix, but if you look at what he supposedly built into his ROM vs. what is getting loaded, you can see it's not really there. (The link everyone points to is the new ath6kl driver, but if you look after flashing it's still running ar6000.)
I build a ROM with the ath6kl driver in place and it looked to work better for about 30 seconds. But you can tell it doesn't like to cooperate with Android too well at the moment. Makes me wish I was a hardware expert so I can rewrite the thing and make it work.
I'm pretty sure it's not a hardware issue since I can boot into WebOS and be find on ANY of the networks I normally connect to...
Dear Team Eureka there is one thing you may do with security of Chromecast that Google did not.
You may add the missing security feature:
"if there is no connection to preset network" - "do not enable unprotected wifi ap mode" unless user will press reset button for short time (something like enable/disable wifi feature with openwrt)
There is plenty of things you ma use button for in future
(you may use different functions within different interval)
press
1-5 seconds
6- 15... and so on
I like this feature!
I agree that the way it is currently working is not as secure as it could be...
But I think the better way to do all of this is the following:
1 - Never have the CCast automatically connect to an Open Wireless unless specifically told to via Setup (not sure if it does this now or not)
2 - (and this would be the alternative to your suggestion) CCast doesn't leave any unprotected network sans AP connection for setup. It's default setup mode is a protected WiFi either WEP or WPA
CCast should instead set a random pin/pass and WPA/WEP connection for use in setup when it can't find an authorized AP.
Since you should have access to the screen it is plugged into and hackers would not, you would make the connection to the CCast in protected mode using the PIN that is displayed on the screen to make the connection to the protected network. Once connected you set up the device normally.
Much better than walking over to the TV and device to press a button and much more secure because the only way to set up or take over the unit requires access to the TV it is plugged into.
As far as the Button is concerned I would really like to see it used to switch modes and add a DLNA device mode to the custom rom. Unless the ROM could add this feature while still in CCast mode.
Asphyx said:
1 - Never have the CCast automatically connect to an Open Wireless unless specifically told to via Setup
2 - (and this would be the alternative to your suggestion) CCast doesn't leave any unprotected network sans AP connection. It's default setup mode is a protected WiFi either WEP or WPA
CCast should instead set a random pin/pass and WPA/WEP connection for use in setup when it can't find an authorized AP.
Since you should have access to the screen it is plugged into and hackers would not, you would make the connection to the CCast in protected mode using the PIN that is displayed on the screen to make the connection to the protected network. Once connected you set up the device normally.
Click to expand...
Click to collapse
AFAIK Chromecast never does #1 - it won't auto-connect to any AP unless it's already set up.
Agree on #2 though. Actually, both yours and mathorv's suggestion could be used in conjunction - Chromecast should use WEP security* on its setup AP and turning on the setup AP could be set to require human interaction.
*mainly for compatibility with clients/routers that don't support WPA or better - yes, they still exist - crackable, yes, but still better than completely open as it is now.
Since the serial number is easily accessible on the unit itself and its box, that could be an easy-to-get password, and the 4-character alphanumeric ID shown on the TV could be a secondary confirmation for Setup, not just a convenient way to make sure you're connected to the correct Chromecast (does Google really think/hope there will be that many Chromecasts out there being set up at the same time?).
Also if http will be protected with https also passwords it may be better to config Chromecast wireless options via https/ssh.
Is there any way to implement power save for example trigger via ssh/https?
bhiga said:
AFAIK Chromecast never does #1 - it won't auto-connect to any AP unless it's already set up.
Agree on #2 though. Actually, both yours and mathorv's suggestion could be used in conjunction - Chromecast should use WEP security* on its setup AP and turning on the setup AP could be set to require human interaction.
*mainly for compatibility with clients/routers that don't support WPA or better - yes, they still exist - crackable, yes, but still better than completely open as it is now.
Since the serial number is easily accessible on the unit itself and its box, that could be an easy-to-get password, and the 4-character alphanumeric ID shown on the TV could be a secondary confirmation for Setup, not just a convenient way to make sure you're connected to the correct Chromecast (does Google really think/hope there will be that many Chromecasts out there being set up at the same time?).
Click to expand...
Click to collapse
Thats why I think whenever it can't find an AP to connect to it shouldn't take anything for it to generate a random password (changes everytime) that can be used until setup is complete...
As for HTTP access i it is not connected to an AP there really is no HTTP available until you have connected to it in some way.
I would be happy if Google allowed us some config tools but I don't think they are all that interested in us having control over the unit for DRM purposes.
The devs at Plex have even said that Google will not allow them to implement sending to CCast as part of their Local PlexWeb (Plex.TV is fine though)
This suggests they really do not want anything they can't approve or any usage that could expose how the device is talked to being left open to the public.
I guess they figure that if we can see how linkage and communication is done we will reverse engineer it to play and do things they don't want us doing or bypassing DRM schemes as they currently work.
bhiga said:
Agree on #2 though. Actually, both yours and mathorv's suggestion could be used in conjunction - Chromecast should use WEP security* on its setup AP and turning on the setup AP could be set to require human interaction.
*mainly for compatibility with clients/routers that don't support WPA or better - yes, they still exist - crackable, yes, but still better than completely open as it is now.
Click to expand...
Click to collapse
WEP is broken for over 10 years now! No sane human being is using it. Cracking WEP is extremely fast and easy. WEP is a false protection, illlusion of security. Using WEP is BLASHEMY.
mathorv said:
WEP is broken for over 10 years now! No sane human being is using it. Cracking WEP is extremely fast and easy. WEP is a false protection, illlusion of security. Using WEP is BLASHEMY.
Click to expand...
Click to collapse
Obviously you feel strongly about WEP.
I'm not going to argue that, because you are right that WEP is easily broken. WPA can be broken too, but with more effort.
That said, WEP is an illusion of security only if you expect it to be unbreakable, just like passwords and everything else.
Seat belts won't save you in every accident, but if you don't expect them to, they are still helpful in the event of an accident.
Now if you're driving recklessly because you think seat belts and air bags will save you, then yes it is a false sense of security and you're foolish to take extra risks.
But for the Chromecast setup AP that is temporary by nature, are you suggesting that it is better to not use any security at all, just as it is right now?
You know what I always say.....
"Just because you are Diagnosed Paranoid doesn't mean people aren't out to get you!"
LOL
This is the second conversation regarding CCast vulnerability and so far all we have identified as a REAL security concern is that someone could set up the CCast to connect to some WiFi other than yours which would lead to the grand total tragedy that they could send content to your TV.
The other conversation was in regards to the Rooted ROM having SSH and Telnet installed that could be used to hack your Router Password provided you had already hacked the router password to make the connection to the CCast in the first place to use those tools to get what you already have!
Here is something folks should take into account....NOTHING IS SECURE EVER!
Even the Servers in Iran's Nuke Plant that had no connection to the outside world whatsoever were compromised, Hacked and attacked by Stuxnet!
There is no security ever the only thing you can ever really do is make the hack hard enough and as time consuming as possible that they will move onto someone else's system to pry into their Word Docs and that private folder you keep your IFriends profile pictures in instead. LOL
Yes WEP can be hacked. Imagine how much fun someone will have after they set up your CCast to use their network and try to send content to a TV never knowing if you actually noticed it or not because they can't see your TV.
It's still a damn site better than leaving an Open WiFi AP on the CCast until setup which takes no hacking skill at all to crack.
The way I look at it if the person is smart enough to hack they are also smart enough to know there is no point in hacking a CCast...Not when there is a WiFi router that gets them a hell of a lot more personal info and much more access than just displaying content to your TV.
Asphyx said:
This is the second conversation regarding CCast vulnerability and so far all we have identified as a REAL security concern is that someone could set up the CCast to connect to some WiFi other than yours which would lead to the grand total tragedy that they could send content to your TV.
Click to expand...
Click to collapse
While this would be a great dorm prank, at least with the current functionality of Chromecast, that's all they get to do... turn on the TV and send whatever video to the TV they want, which would be quite scary/annoying. Think of the beginning of Back to the Future Part II where all the screens in the house turn on with Marty's boss telling him he's fired.
Asphyx said:
The other conversation was in regards to the Rooted ROM having SSH and Telnet installed that could be used to hack your Router Password provided you had already hacked the router password to make the connection to the CCast in the first place to use those tools to get what you already have!
Click to expand...
Click to collapse
Actually I think the scenario @mathorv described is a little different and easy to exploit.
Chromecast is in setup mode and broadcasting an open AP
Attacker connects to the open AP
Attacker connects to Web Panel and enables ADB/Telnet/SSH (because web panel currently does not require authentication, Team Eureka said authentication is coming)
Attacker connects to Chromecast via ADB, Telnet, or SSH and gets access to the root filesystem, where they can see the cleartext password and SSID of the AP that Chromecast normally connects to (because password is stored in supplicant config file which is accessible)
So the attacker does not need anything more than to see the Chromecastnnnn AP.
Sadly, the WPA authentication seems to be stored the same way on phones/tablets as well. The only thing that shields phones/tablets from the same type of attack is not all of them have root and they usually aren't accessible from the network. Hence, with root comes extra responsibility, which is why root often is made difficult.
Asphyx said:
Here is something folks should take into account....NOTHING IS SECURE EVER!
Click to expand...
Click to collapse
Yup. What we commonly call "security" is really just a deterrent. It increases the effort and the hope is that the attacker will pick an easier target. It's why we put locks on doors when it's often relatively simple to bypass them.
bhiga said:
Chromecast is in setup mode and broadcasting an open AP
Attacker connects to the open AP
Attacker connects to Web Panel and enables ADB/Telnet/SSH (because web panel currently does not require authentication, Team Eureka said authentication is coming)
Attacker connects to Chromecast via ADB, Telnet, or SSH and gets access to the root filesystem, where they can see the cleartext password and SSID of the AP that Chromecast normally connects to (because password is stored in supplicant config file which is accessible)
So the attacker does not need anything more than to see the Chromecastnnnn AP.
Click to expand...
Click to collapse
Except for the fact that if it is not connected to the router then that means the router is unavailable, and or the Password saved in cleartext isn't working. If it was it would be connected and not in Setup mode.
Thats the point I was trying to get across there....
Sure you could find passwords to APs the CCast was connected to...
But if it isn't connected at the time of the hack then those APs are not available if they were you would not be able to connect to the CCast.
And if they are available then anything saved in the CCast is worthless since the CCast couldn't use it to connect either.
And I told him how to plug that hole far better than via the ROM....
Turn on Mac Filtering so not only do you need the password but need to clone a MAC address as well.
And all of this to get at what?
Your last will and testament and some compromising Pictures?
If you make it difficult enough that the payoff isn't worth the effort they will move on....
Asphyx said:
Except for the fact that if it is not connected to the router then that means the router is unavailable, and or the Password saved in cleartext isn't working. If it was it would be connected and not in Setup mode.
Click to expand...
Click to collapse
Ahh, I see your point now.
At least for me, sometimes Chromecast will "miss" the connection shortly after boot, so the setup AP is available for a few minutes after a reboot. To exploit that, someone would need to be sitting and listening for it to pop up - not a "juicy" target, but still possible. People do strange things "just because they can" - at least that's what YouTube teaches me.
As you say, MAC filtering provides an additional deterrent level. Unfortunately the target customer is probably not sophisticated enough to do that. I'm not sure all ISP-provided devices (I avoid integrated hardware that I can't configure) allows setting MAC restrictions though.
Asphyx said:
But if it isn't connected at the time of the hack then those APs are not available if they were you would not be able to connect to the CCast.
And if they are available then anything saved in the CCast is worthless since the CCast couldn't use it to connect either.
Click to expand...
Click to collapse
Well, in theory, you could connect to the CCast when it is in unprotected AP mode, enable ssh, and write a shell script which gets started every boot and sends out the saved wifi password somewhere to the internet. Then, when the CCast owner sets up is wifi, and sometimes later reboots, the wifi passwords will be sent out.
But... since there are probably only a few thousand rooted Chromecasts, and the time window in which to push the script to the Chromecast is so narrow, I doubt anyone would spend any time to try this.
bhiga said:
Unfortunately the target customer is probably not sophisticated enough to do that. I'm not sure all ISP-provided devices (I avoid integrated hardware that I can't configure) allows setting MAC restrictions though.
Click to expand...
Click to collapse
I'm sure thats true but if your not sophisticated enough to control your own Network or let an ISP do it all for you the least of your issues are what might happen in the odd chance CCast is disconnected or in the 30 seconds before it connects to an AP during Bootup. Locking up the holes in a CCast sure isn't going to help you much LOL
frantisek.nesveda said:
Well, in theory, you could connect to the CCast when it is in unprotected AP mode, enable ssh, and write a shell script which gets started every boot and sends out the saved wifi password somewhere to the internet. Then, when the CCast owner sets up is wifi, and sometimes later reboots, the wifi passwords will be sent out.
Click to expand...
Click to collapse
Well in theory you could have it do location checks with Google and map location, SSID and Password of every AP it ever connects to...
Like I said to what end would someone do that?
What is the PAYOFF in the end?
I could understand it if your living next to Bill Gates and wanted to steal banking info....
The Average Joe doesn't have anything worth seeing that would make someone go through all of that especially when they could get it much easier by just sniffing WiFi packets and finding the same data and decrypting it.
They could sit there all day and hack the Router but they have such a small window to work with on an unconnected CCast either because they have to catch it rebooting or catch it in a location that it isn't setup for and unless you have written a program to do all of that without Human Intervention you still got a snowballs chance in hell of getting any worthwhile information...
Security only happens when there are multiple layers of protection that make it so difficult to breach that they won't bother unless the payoff is worth it.
Someone really has to hate you in order to go through all that so some of the best security practices you can implement is don't be an AZZ and no one will have it out for you enough to want to get something on you via a Hack! LOL
(Not suggesting anyone in this discussion is just saying in General LOL)
Asphyx said:
Like I said to what end would someone do that?
Click to expand...
Click to collapse
Well, would you give me your WiFi password?
I can think of a few things you could do with access to someone's WiFi... Free internet, torrenting on someone else's responsibility, or just messing with someone.
Asphyx said:
I could understand it if your living next to Bill Gates and wanted to steal banking info...
Click to expand...
Click to collapse
The real question here is... Would Bill Gates buy a Google Chromecast? :laugh:
frantisek.nesveda said:
Well, would you give me your WiFi password?
I can think of a few things you could do with access to someone's WiFi... Free internet, torrenting on someone else's responsibility, or just messing with someone.
The real question here is... Would Bill Gates buy a Google Chromecast? :laugh:
Click to expand...
Click to collapse
Sure! I could very easily give you my router password and you would still not be able to do anything you mentioned until you figured out a MAC address one of my networked devices actually uses.
And to my other point...Is Free Internet or messing with someone really worth the risk of going to a Federal Pen for hacking?
As for what Bill Gates has I wonder if he is even running Windows 8 cause I don't know anyone who has it that likes it! LOL
Asphyx said:
Sure! I could very easily give you my router password and you would still not be able to do anything you mentioned until you figured out a MAC address one of my networked devices actually uses.
Click to expand...
Click to collapse
Good point.
I guess that if we really wanted, we could play this cat and mouse game for quite some time, but the outcome would be that if you really care about security, you can make your network secure enough. But that would be just spamming the thread.
frantisek.nesveda said:
but the outcome would be that if you really care about security, you can make your network secure enough. But that would be just spamming the thread.
Click to expand...
Click to collapse
Actually I think what I was trying to say is that no matter how much you care and try to be secure...
If they want you they WILL get you and they don't need nor would they do it through your CCast when there are far better tried and true methods to attack a wireless router directly that doesn't require LUCK of a device not connecting or the timing of catching it while it is booting up in order to catch the weakness.
Any security hole that results from the CCast will likely never amount to anything more than the Prankish "Look what dirtyPorn I put on your screen"
If they want dirt they will go to the router which is always up and doesn't require some act of god or electronics to happen.
You secure your router the best you can and if that isn't enough then you need to keep your wireless off until you need it to be TRULY secure....
And even then there is nothing to stop them from tapping into the pole where your Internet connection comes in and getting you that way!
Security is nothing more than an illusion and a deterrent...Truth is your never secure no matter how much you worry which says to me...Worrying is pointless. Unless you have enemies that really want to get you...and if thats the case all the security in the world won't stop them!
Asphyx said:
Actually I think what I was trying to say is that no matter how much you care and try to be secure...
If they want you they WILL get you and they don't need nor would they do it through your CCast when there are far better tried and true methods to attack a wireless router directly that doesn't require LUCK of a device not connecting or the timing of catching it while it is booting up in order to catch the weakness.
Any security hole that results from the CCast will likely never amount to anything more than the Prankish "Look what dirtyPorn I put on your screen"
If they want dirt they will go to the router which is always up and doesn't require some act of god or electronics to happen.
You secure your router the best you can and if that isn't enough then you need to keep your wireless off until you need it to be TRULY secure....
And even then there is nothing to stop them from tapping into the pole where your Internet connection comes in and getting you that way!
Security is nothing more than an illusion and a deterrent...Truth is your never secure no matter how much you worry which says to me...Worrying is pointless. Unless you have enemies that really want to get you...and if thats the case all the security in the world won't stop them!
Click to expand...
Click to collapse
MAC access list = joke, blacklist is also a illusion changing MAC address(spoofing MAC) is extremely easy on any platform.
In case of whitelist Attacker will look into it just a bit for a longer, to know list of allowed devices.
At home you will have to whitelist every new device...
In corporate environment it will take you more time also WPA2-PSK is not suitable for serous corporate use.
About absolute security.
Security is relative term. Its just like healthy life style, it will not make you immune to diseases, it will make you generally healthier, less likely to get ill.
Hello,
I decided to reset my Chromecast because none of my devices recognised my Chromecast.
So I did an factory reset, but when I set my Chromecast up again it can't communicate with my Chromecast for some reason.
It looks like the last step to connect with my WiFi router is the problem, but I don't know.
How to fix this?
What are the exact messages you're getting?
"Could not communicate with your Chromecast"
TheRicolaa10 said:
"Could not communicate with your Chromecast"
Click to expand...
Click to collapse
This is from the Chromecast setup app, yes?
What does the TV screen show?
The Chromecast setup app has never been 100% reliable for me... The last time I factory reset I had to run through setup 2 or 3 times before it applied properly.
You may want to try the manual setup instead.
+1 also try setup from a different device if you have one. (Laptop, tablet , PC)
One other thing to try is to disconnect from your AP before you try and connect to the CCast.
It is possible on some devices and versions of Android that being connected to an AP interferes with finding and connecting to the CCast AP.
bhiga said:
This is from the Chromecast setup app, yes?
What does the TV screen show?
The Chromecast setup app has never been 100% reliable for me... The last time I factory reset I had to run through setup 2 or 3 times before it applied properly.
You may want to try the manual setup instead.
Click to expand...
Click to collapse
This is from the app, yes. The TV is showing that it is connecting to my WiFi network. I already tried it couple times, but every time the same message.
+1 also try setup from a different device if you have one. (Laptop, tablet , PC)
Click to expand...
Click to collapse
I'll try this also, thanks. EDIT: Tried it from my N7 2012, got the same message.
TheRicolaa10 said:
This is from the app, yes. The TV is showing that it is connecting to my WiFi network. I already tried it couple times, but every time the same message.
I'll try this also, thanks. EDIT: Tried it from my N7 2012, got the same message.
Click to expand...
Click to collapse
Go into the app settings and clear the data. I had problems during a setup as well and that fixed the problem.
I managed to set it up with an iPad. But it's still not recognisable.
TheRicolaa10 said:
I managed to set it up with an iPad. But it's still not recognisable.
Click to expand...
Click to collapse
So... any differences between the WiFi connection setup on the iPad vs the Android devices?
You don't have your 5 GHz and 2.4 GHz bands using the same SSID, do you?
Sorry I didn't answered your question, I was on holiday for a week.
I think our router has only 2.4GHz band.
I made some screenshots, maybe it can help, don't know.
http://i1128.photobucket.com/albums/m499/TheRicolaa10/Screenshots/Screenshot_2014-05-11-12-03-57.png
http://i1128.photobucket.com/albums/m499/TheRicolaa10/Screenshots/Screenshot_2014-05-11-12-04-36.png
http://i1128.photobucket.com/albums/m499/TheRicolaa10/Screenshots/IMG_20140511_120453.jpg
http://i1128.photobucket.com/albums/m499/TheRicolaa10/Screenshots/Screenshot_2014-05-11-12-04-18.png
TheRicolaa10 said:
Sorry I didn't answered your question, I was on holiday for a week.
I think our router has only 2.4GHz band.
I made some screenshots, maybe it can help, don't know.
Click to expand...
Click to collapse
Hmm, well at least from Chromecast's perspective it's operating normally.
What's shown on the bottom right of the Chromecast desktop screen?
Only the time, why?
TheRicolaa10 said:
Only the time, why?
Click to expand...
Click to collapse
It used to show the SSID of the AP it's connected to, but I can't remember offhand if it still does in the newer (build 14xxx onward) desktop display.
bhiga said:
It used to show the SSID of the AP it's connected to, but I can't remember offhand if it still does in the newer (build 14xxx onward) desktop display.
Click to expand...
Click to collapse
It still does on build 16664.
Do you have enough information with this photo?
http://oi57.tinypic.com/dpiq0j.jpg
TheRicolaa10 said:
Do you have enough information with this photo?
http://oi57.tinypic.com/dpiq0j.jpg
Click to expand...
Click to collapse
Yes thank you. Something seems wrong though... It's like the device is in a "half" set up state... It doesn't think it needs to be set up, yet isn't connected to wireless.
I would factory reset it again using the button. Maybe the first reset didn't completely reset somehow.
Thanks a lot! I manually reset the Chromecast manually with the button as you said and set it up again. It works now.
A little late here but I can confirm that My Ccast IS connected and yet does not show the SSID or indicate it is connected in anyway on the default screen.
It does indicate when it is in the process of connecting and for some time after it connects but after awhile that indication goes away.
I suspect it has to do with how many pics have changed.
What it does do though is indicate when it does NOT have a connection.
Which wouldn't help you if it managed to connect to the wrong router.
Problems are back again... Today I switched my Chromecast in another TV (Philips), again he saw no network, not recognisable. So resetted my Chromecast again but I can't get trough the setup process now, so I keep trying right now.
Edit:
Do you think to buy a new Chromecast to solve the problem?
So youtube always plays videos fine, but after a video and I go back to the list and pick another video I get this screen (see screenshot) where it says to check my network connection and I have to click retry 1-3 times before it loads the video.
This happens ALL the time. Like 30%-60% of the time I go to click a video. My droid turbo has no problem at all though on the same Wifi network at home sitting on the same couch, about 15-20 feet from a brand new wifi router.
Any ideas what I can do to fix this?
Interestingly my nexus 5 was doing this too... even after a factory reset. (also had lots of trouble with loosing sync with chromcast when casting and/or taking like 30 seconds to load the youtube interface when I turn the phone screen back on when chromecasing something to rewind some or something) I thought it was just cause my nexus 5 was old. But now that I have a brand new nexus 6 doing the same thing (and a droid turbo that doesnt) it feels like it is a nexus issue... which is crazy right? My pure google nexus phones are the ones that have trouble with youtube and chromecasting?!?
I'm curious... could there be some setting where it is not maintaining the wifi connection all the time to save battery or something? So it has to reconnect. If that were the case I would prefer to not save battery and always stay connected to the network.
bdb4269 said:
I'm curious... could there be some setting where it is not maintaining the wifi connection all the time to save battery or something? So it has to reconnect. If that were the case I would prefer to not save battery and always stay connected to the network.
Click to expand...
Click to collapse
Check in settings>WiFi>advanced
Be sure scanning always available is ticked to on and same for WiFi on while sleeping.
Evolution_Freak said:
Check in settings>WiFi>advanced
Be sure scanning always available is ticked to on and same for WiFi on while sleeping.
Click to expand...
Click to collapse
Thanks! So it turns out those were already set. So I guess that is not my problem. Any other ideas why I have nearly constant problems?
bdb4269 said:
Thanks! So it turns out those were already set. So I guess that is not my problem. Any other ideas why I have nearly constant problems?
Click to expand...
Click to collapse
I'm not sure. I have an issue that's similar that I've been trying to figure out myself. For me, it's with Netflix and Hulu. I start a movie or show, lock my phone and it disconnects from my chromecast. This, I've narrowed down to only happening while I have Chromecast and my nexus set up on my 5g WiFi. If I reconfigure for 2.4g, it stays connected. ???
Oh wow... if changing to 2.4g might solve I would happily do that. 2.4g can still get at least 10 megabits right? B and G are 2.4ghz right? I will try limiting my wifi router to those right now.
bdb4269 said:
Oh wow... if changing to 2.4g might solve I would happily do that. 2.4g can still get at least 10 megabits right? B and G are 2.4ghz right? I will try limiting my wifi router to those right now.
Click to expand...
Click to collapse
Give it a shot, short term results, for me, have been positive. Easy enough to switch back too.
Glyphix said:
about 15-20 feet from a brand new wifi router.
...
Interestingly my nexus 5 was doing this too... even after a factory reset. (also had lots of trouble with loosing sync with chromcast when casting and/or taking like 30 seconds to load the youtube interface when I turn the phone screen back on when chromecasing something to rewind some or something)
Click to expand...
Click to collapse
The "age" of the wifi ap has no bearing on the QUALITY of the wifi ap software. The vast majority of wifi ap's are CRAP. Sometimes bad hardware. ALL "off the shelf" wifi ap's have bad software.
I thought it was just cause my nexus 5 was old.
Click to expand...
Click to collapse
Its a phone, not a raw chicken. Age has nothing to do with it.
But now that I have a brand new nexus 6 doing the same thing (and a droid turbo that doesnt) it feels like it is a nexus issue... which is crazy right? My pure google nexus phones are the ones that have trouble with youtube and chromecasting?!?
Click to expand...
Click to collapse
This sounds a LOT like a wifi problem. If you don't mind spending a few bucks, I *can* suggest something for you to try that will probably make the problem go away;
BUY A NEW ROUTER.
But not just any router, you specifically need to pick up a TP-Link with a Qualcomm chipset, that is supported by OpenWRT. TP-Link, yes, is a "cheap" chinese router maker. This is OK though, since they actually use good hardware, which is what matters, and they are actually HELPFUL when it comes to using their hardware for open source software, like OpenWRT.
You can pick up a WDR3600 ($60), WDR4300 ($70), ArcherC5 or ArcherC7 ($130) (making sure it is HW ver.2).
Installing OpenWRT on it is pretty much trivial; you download the openwrt factory image for it, then you plug your network card into the new router (at this point no wan connection), go to its web config interface, find the "firmware update" screen, select the openwrt image, and tell it to do its thing. It will reboot with openwrt when finished. Then you just go through the openwrt web config interface and set everything up the way you need it.
This will either fix it, or you have a bad broadband connection. Most likely fix it.
doitright said:
BUY A NEW ROUTER.
This will either fix it, or you have a bad broadband connection. Most likely fix it.
Click to expand...
Click to collapse
Thanks! Just to be clear... my droid turbo works just fine with my wifi. This is what lead me to believe this issue is with the nexus and not my wifi router. With that in mind do you still think my best bet is a new router?
Glyphix said:
Thanks! Just to be clear... my droid turbo works just fine with my wifi. This is what lead me to believe this issue is with the nexus and not my wifi router. With that in mind do you still think my best bet is a new router?
Click to expand...
Click to collapse
No, don't spend money until you're sure the router is the issue. Try some of the fixes here:
http://mobile.pcadvisor.co.uk/how-t...llipop-solve-wi-fi-problems-on-nexus-devices/
Start simple and work towards singling out the problem. I know that having the right channels on your WiFi network is a huge problem.
Glyphix said:
Thanks! Just to be clear... my droid turbo works just fine with my wifi. This is what lead me to believe this issue is with the nexus and not my wifi router. With that in mind do you still think my best bet is a new router?
Click to expand...
Click to collapse
I received a new app/update from play store today that has resolved my 5g connectivity issues that I was having with Netflix and Hulu.
Hopefully this will solve everyone's issues as well.
doitright said:
You can pick up a WDR3600 ($60), WDR4300 ($70), ArcherC5 or ArcherC7 ($130) (making sure it is HW ver.2).
Installing OpenWRT on it is pretty much trivial; you download the openwrt factory image for it, then you plug your network card into the new router (at this point no wan connection), go to its web config interface, find the "firmware update" screen, select the openwrt image, and tell it to do its thing. It will reboot with openwrt when finished. Then you just go through the openwrt web config interface and set everything up the way you need it.
Click to expand...
Click to collapse
I went ahead and got a c7v2 just to make sure I have good wifi. What openwrt image should I use. I looked at the hardware table (http://wiki.openwrt.org/toh/start#tp-link) and saw I want ar71xx... but do I want factory or sysupgrade?
openwrt-ar71xx-generic-archer-c7-v2-squashfs-factory.bin
openwrt-ar71xx-generic-archer-c7-v2-squashfs-sysupgrade.bin
And do I need any packages?
Thanks!