Results 1 to 4 of 4
  1.    #1  
    Hi there,

    Got some strange things going on here... I used the setuphelper of VLC remote on my pc. I downloaded the newest version of VLC. I used the manual connect function (on my android phone, with VLC remote) to connect to the network ip of my laptop. Whitout using a pairing code or whatsoever, I was able to acces al the files on my computer and play them in VLC.

    Doesn't this mean that by using the setuphelper your laptop becomes vulnerable to other computers in the network? They don't even need the pairing code... or any other authentication.

    My firewall even gave me a warning, wich indicates something is wrong here.
  2. #2  
    You have to edit the .hosts file in your /etc/vlc/http (or the equivalent in your program files dir on windows) and restrict the ip range for incoming connections.
    # Access-list for VLC HTTP interface
    # $Id$
    # localhost
    # link-local addresses
    # private addresses
    # The world (uncommenting these 2 lines is not quite safe)
    this setup allows only the client from to control vlc and access your files.
    best thing is to specify a range within your LAN so you keep only trusted clients in.
    if you uncomment anyone can mess up with your files, so be careful with that.
    Franklin eBookMan >> Palm Zire71 >> Lifedrive with flash mod >> Palm Pre Plus
  3. #3  
    on osx
    i wanted to try the VLCremote.
    I used the setuphelper,which i knew i shouldn'tóbeing the paranoid person i amói'm having second thoughts about the security of this application. I realized that having my phone hooked to my file directory on my laptop was not something i feel safe with. I'm still not okay with google checkout not having a pin number for app store. I thought it would be just a remote.

    Either way it still seems "iffy" to me. I'm not sure what the VLCremotesetup did to undo. i know i'm being a little paranoid but i feel it was a dumb mistake to let an application do something to my computer that i have no idea what it was doing. I'm usually more responsible than that. If i knew what files the VLCsetup changed or what actions it took then i think i would feel a little more safe. i've uninstalled the app on my phone and threw the VLC application on my mac in the trash and downloaded a new one. what else can i do to disable what that VLCsetup did? I don;t know if throwing my VLC preference files in the trash at this point is going overboard or if i might as well since i got out my tinfoil hat already.

    it would be nice to have a uninstall application or some reassurance that your computer is not somehow wide open now.
  4. #4  

    You're not being entirely paranoid here; The VLC security isn't brilliant - but if you want to remotely control VLC, then you have to live with that.

    The security layer in VLC is that it will accept commands from a defined set of IP addresses. As described above, the setup helper modifies the .hosts file so that VLC commands will be accepted from any IP address in the local network.

    On a home network, that's fine. On a network that you share with people you don't trust, then you are allowing them to control your VLC player, and use it to browse file listings.

    (NB: this doesn't give them access to the files, it just lets them see what filenames you have through the vlc browsing interface).

    Additionally, you will have manually allowed connections to VLC to go through your firewall. This allows the remote to talk to VLC (though it doesn't give it a general-access pass to your computer).

    The setup helper simply does the steps described here:
    VLC Remote Setup - Manual method for Mac OS

    If you want to 'uninstall', then the easiest thing to do is

    1) delete and reinstall VLC
    2) remove the VLC exception from your firewall

    hope that is reassuring!
    Hobbyist Software
    VLC Remote - Control VLC from your Pre
    Remote - Control iTunes from your Pre

Posting Permissions