logoalt Hacker News

My audio interface has SSH enabled by default

265 pointsby hhhyesterday at 7:30 PM82 commentsview on HN

Comments

yonatan8070yesterday at 8:13 PM

Having the firmware image just be a boring old tarball + hash sounds super nice. I wish more devices were this open, and I hope Rode won't see this and decide to lock the firmware upgrades down.

show 4 replies
userbinatortoday at 1:49 AM

I think "my audio interface is a 64-bit Linux computer" would've sounded far more interesting to me as a title. Perhaps a decade or two ago, the functionality of that device would've likely been implemented on a small 16-bit or 32-bit SoC running an RTOS like VxWorks.

Given how many physical controls it has, turning it into a game console seems like a logical next step.

show 2 replies
ZihangZtoday at 4:49 AM

Yeah, this is pretty common once a device has any real DSP in it. There's usually some stripped-down Linux on an ARM SoC underneath, and the vendor BSP just happens to ship with sshd on.

Not necessarily malice, more like nobody on the audio side really owns the rootfs.

The big question is whether it's only listening on the USB-side network, or on the actual LAN. First one is annoying. Second one would actually bother me.

show 1 reply
Roark66today at 11:11 AM

I think many vendors think security is synonymous with "hard to clone". This us why they require signed images and so on.

rikafurude21yesterday at 8:52 PM

Its still crazy to me that everyone has a pocket AI-hacker ready to inspect firmware and modify their devices now. You just put the agent on it and it gives you access in minutes. You would have to be a Hotz tier hacker if you wanted to do anything close to this only last year, or at the very least extremely patient for long hours.

show 8 replies
montecarlyesterday at 9:34 PM

I really want to know how he solved this problem, which I also face:

>last year i bought a Rodecaster Duo to solve some audio woes to allow myself and my girlfriend to have microphones to our respective computers when gaming together and talking on discord in the same room without any echo

show 3 replies
coldcity_againyesterday at 9:36 PM

Nice writeup and great domain. I don't know Zola and don't know if this is a common template or a custom jobbie but it's lovely.

show 1 reply
realoyesterday at 8:49 PM

I understand the hacker rationale to have fun owning the device, and i would like it to stay that way.

But... please do not forget that the CRA will put a heavy blanket on that fire.

show 1 reply
9pyesterday at 8:15 PM

why was disclosure the objective? wouldn't you want to keep this interface open?

show 1 reply
mianostoday at 2:42 AM

Good old local Aussie guys write this. If you had something you wanted to report I'd just give them a call. We almost speak English down here.

tostitoday at 4:10 AM

It runs jack audio. This thing is literally jack in the box!

uwagartoday at 4:52 AM

is he happy that rode has an ssh to his device? the guy is like too nice. where's the outrage?

show 1 reply
sentinel-safetytoday at 11:32 AM

[dead]

serious_angelyesterday at 8:22 PM

[flagged]

show 1 reply