It's not hard to find IP addresses. Every time you visit a web site, your browser sends your IP address to the site. Your IP address is also revealed when you send email or do pretty much anything on the internet.

As for what's at risk if someone gains access to port 8080 on your Roku, yes, pretty much what they get is the ability to control the remote buttons. There are various malicious things that could be done that the Roku owner would probably not like very much --
1. Using up your network bandwidth by playing lots of videos.
2. Playing Amazon videos that you have rented but not yet watched, thus starting your rental period earlier than you wanted.
3. Purchasing content from channels that don't use a PIN.
4. Purchasing content from channels that DO use a PIN, if the malefactor also has acquired your PIN.
5. Probably other things I haven't thought of.

I suppose a determined and very knowledgable intruder could set up a man-in-the-middle situation to sniff commands that YOU send to your Roku, thus acquiring your PINs, knowledge of what you watch, etc.

I guess I'm rather missing the point of this -- why would you want to control your Roku when you aren't in the same room and can't see it?

--Mark

thanks Mark...

well i have my Roku actually hooked up to coaxial and ran into my bedroom and other TV's

I use a simple switch to change between cable and my Roku. yes i know crazy but its just for fun.

So the Roku Box is actually not located in the same room as me... so its a way to change channels and not stand in front of the box. again just for my own fun.

"dynamitemedia" wrote:
@ Endless

I was under the impression that was covered here and the worst that ever could be done would control their remote. Can Roku confirm any damage that can be done?

I guess one thing is, how would anyone know someone else's IP?

As RokuMarkn mentioned, finding an IP address isn't hard. In fact, your remote site illustrates that perfectly by displaying the IP address at the top of the page. And if someone posts in your thread about the app, they could automatically become a target. Due to my line of work, I'm extremely sensitive to security issues, and this raised a red flag for me. While all an "attacker" could technically do is control your Roku, using the same technique you use in the app to control the keyboard, they could very easily write and run a script to do just about anything on your box. They could also simply bombard you with multiple key presses, essentially making it impossible for you to use. Or even more simply, maybe just randomly send an up key press, which, as you can imagine, could get very annoying for the user.

"dynamitemedia" wrote:
Plus I am sure everyone knows enough to figure out how to open their port they should also know that its possible for outsiders to get in, but will add that on the post

Roku has an extremely large customer base (though admittedly most don't frequent the forums), which makes that a very dangerous assumption. While they may know how to open the port, it's entirely possible they won't consider the potential danger in doing so.

I'm honestly not trying to be a jerk, so I'm sorry if it's come across that way....

didn't think u were being a jerk, but again this is a beta test i think the final will be something run totally local.

I understand what your saying, but who is gonna get these IP addresses and Know these people have a roku?

"dynamitemedia" wrote:
didn't think u were being a jerk, but again this is a beta test i think the final will be something run totally local.

I understand what your saying, but who is gonna get these IP addresses and Know these people have a roku?

Anyone frequenting the Roku forums could. I could get an IP address by simply posting an image in a thread that's hosted on my home web server, then cycle through every IP that loads that image until I find one with port 8080 open. I'm not saying that anyone on these forums would do that. I'm just saying that they could.

again i understand your point. But its just as easy to close the port if they do it. sorry if i don't share the same fears but I made sure to put the disclaimer up to address that so its up to the user to decide if they want to use it.

and once again this is Beta and will prob run locally.

"japzone" wrote:
Yes those are the two keyboards.

Okay, thanks

And did anybody test out that server?

"brandon15811" wrote:
And did anybody test out that server?

I didn't run the roku remote in it, although I assume it would work, but I did download it and check it out. Pretty cool how self-contained it is...I've been setting up web servers since the early windows nt days (did you know netscape had a server product once?) and it's always required putting so many different pieces together to get what I want. Thanks!

"gonzotek" wrote:

"brandon15811" wrote:
And did anybody test out that server?

I didn't run the roku remote in it, although I assume it would work, but I did download it and check it out. Pretty cool how self-contained it is...I've been setting up web servers since the early windows nt days (did you know netscape had a server product once?) and it's always required putting so many different pieces together to get what I want. Thanks!

Okay, thanks, this server is good for distributing since its simple, but for like a long-time development server, I would recommend XAMPP, thats what I use