The News‎ > ‎

DLNA Data leakage

posted Jan 2, 2013, 10:17 AM by Leigh Williams
A while back I wrote an article about the ups and downs of DLNA and the risks you face when using it improperly. Samsung users might know DLNA by AllShare which is basically Samsung's implementation of DLNA. DLNA uses UPnP for media discovery, media management and control.
DLNA by itself does not provide any security, it is up to the implementer to implement some sort of authentication or authorization, whether it is through username and password or the all to familiar "allowed device list" or "shared files list". Even then, most DLNA applications that I have tested on my Linux and Windows boxes (as well as Android tablet and smartphone), do not come with a security by default configuration. This is just the way those developers chose to develop their applications and is great to get things up and running right out of the box, but not so great when you don't understand the risks.
Most people leave their Bluetooth, WiFi etc switched on because they want their device to seamlessly connect with their car's hands free kit or their WiFi at work or home when they walk in. But imagine that you've connected to an unsecure wireless network once, such as the networks found at coffee-shops and restaurants; your phone, laptop or tablet will automatically connect to that WiFi network because it remembers it. Now imagine that you have DLNA running on your phone, laptop or tablet. By default these apps share all content by default, and if it doesn't , you've configured it to share certain files such as photos, movies, music, documents etc. 
Now imagine someone is connected to the same WiFi network at the same coffee-shop you are at and scans for DLNA devices. Your device will be picked up during this scan and most likely, your application does not provide any security which means this person now has access to all your data, or in the case of applications requiring configuration, the data you've previously selected to be shared by this application.
Imagine you have a WiFi network at home that is not properly secured and someone manages to break through the security for whatever reason (most likely to get free internet). This person will prod and probe to see what is available on the network and will most definitely discover your DLNA devices and shared files.

When it comes to security most people tend to forget about data leakage and the all to popular data leakage prevention (DLP). A data compromise is not always caused by an intricate hacking technique or zero day vulnerability, they are also very often caused by users not always understanding the why, what and how. 

Be sure to educate your users, family and friends about security and the potential risks they face when using (or not using) certain applications and technology.

Comments