While there is a big trend to making products convenient and easy to use, at the same time this opens up a lot of ways for compromisers to gain access to systems, especially over the internet. So what is the security for Sonos speakers like?
Devices from Sonos don’t have significant security issues. Sonos products are connected through WiFi or Bluetooth, so how secure those connections translate to how secure your Sonos is. Modern WiFi security is very good, and so only dedicated hackers will be able to get past it.
We’ll go through how to best secure your Sonos device and look at some tips and tricks regarding the best ways to lock down and configure your WiFi and Bluetooth to minimize entry by unwanted people.
Table of Contents
Is Sonos Secure?
Sonos runs its connections through WiFi, generally, via the home network you have running. This means that Sonos depends on the security level of your home internet, which in reality is pretty good when considering the modern standards of WPA2.
Just like the average person can’t get onto your home internet very easily without knowing the password, Sonos is also locked out in the same way to unwanted guests.
Sonos themselves also have released security patches and fixed exploits in response to user reports or known issues, so as new attack vectors get discovered,
Sonos has shown a good track record of fixing these up quickly. (unlike Bose, in the above article)
In the above-mentioned story, in fact, it was a poorly configured network that allowed public access which was the culprit, and Sonos specifically advised against such a setup when asked for comment.
To prevent access, you can always run the devices on a timer that switches off their power source during certain hours, or just manually switch it off at the wall when not needed.
The portable devices like the Roam or Move have an internal battery and so will need to be switched off using the power button.
Does Sonos Have a Firewall?
Sonos does not really have any security features, including a firewall. Sonos devices do use the latest WiFi and Bluetooth builds, which are always being updated to protect against vulnerabilities, so at least in that sense, it is meeting industry security standards.
Sonos is not really positioning itself as being a secure device through its own software, but rather hooking into the already secure ecosystem around it.
Can Anyone Connect to My Sonos?
Sonos is meant to be accessible but relies on your internet security as the main protection against intruders. If someone has access to the same WiFi network, they can access Sonos.
Some Sonos models use Bluetooth as well, which means another potential way for people to connect to it, although the range for Bluetooth is pretty low.
Another option is to use Sonosnet, which is a private WiFi network set up by the Sonos speakers themselves. All you have to do is use an ethernet cable to connect at least one speaker directly to a router, and after a few minutes, the Sonosnet should be set up.
You can check if this is the case by going into the Sonos app and selecting About My Sonos System. Every device should have a WM:0 next to it; this indicates Sonosnet.
If you’re having trouble setting this up, in your WiFi settings on the router it may be worth changing the channel to a different number and taking it off the automatic setting. Look for the lights to stop flashing on the Sonos speakers and it should be good to go.
Can Sonos Be Hacked?
The lack of security on Sonos itself means that once you gain access to the network, you have free reign over the Sonos. As Sonos doesn’t have a password, PIN, or another type of security feature, it is thus able to be hacked and accessed.
This means that anyone with a compatible device on your network can download the Sonos app and start adding music etc.
If the Sonos device is directly connected to the router via an ethernet cable, this will even skip the need to put in the WiFi password.
If you suspect that your Sonos is being accessed without authorization, then one of the most effective ways to kick out the compromiser is to change the WiFi network name and password.
How To Secure Your Sonos Devices
One of the best ways to secure your Sonos is to secure it at the WiFi level. WiFi security comes standard now on even residential routers in the form of WPA or WPA2. If you’re still on WEP or it’s an open network, spend the time learning how to change this.
There are several ways to make WPA2 more secure, such as hiding your SSID. The SSID is the name of the WiFi network and hiding it is an option available in most routers.
This doesn’t mean it is 100% invisible all the time, but this will make your WiFi network much less of a target.
Another common security feature is the addition of multiple SSIDs available to be set on a router. This means you can have your secure, home network that the Sonos is connected to, and then a separate guest network that you can let visitors, etc to your home connect to.
A firewall is created between these two networks, not allowing people to mess with your Sonos settings.
Sonos themselves state that they will not sell personal information about their customers to advertisers, but given that some models have Amazon Alexa and Google Assistant built-in, there is an aspect of cloud computing being involved.
While a bit more involved technical-wise, there are many guides out there that go through the common dos and don’ts regarding how to set up an Internet of Things (IoT) system so that you’re not opening yourself up to every Tom, Dick and Harry.
