How do I keep all the network devices from taking control of my console during a performance? Is my only option is to frequently change my wireless network password.
If anybody with an iPhone and a password can connect to my lighting network I can see this becoming a major problem in settings where once-authorized users can be sitting in the audience having all sorts of fun at the expense of the current production.
Hey Karl. Well, that's interesting. We never really perceived of this as a real world problem.... have you had problems with people you've given your wireless password to actually mucking with the system when they shouldn't? Right now, there is no provision to block devices. Two suggestions. Is it possible to disable iPhone access during production? Perhaps you should reconsider who you are giving your password to for now, since that's a pretty awful thing for someone who calls themselves a production person to do. However, having said that, I'd imagine we can deal with this when security log in is implemented.
Wow.
a
[edited by: Anne Valentino at 12:48 PM (GMT -6) on Wed, Dec 23 2009]
Hey Karl. Well, that's interesting. We never really perceived of this as a real world problem.... have you had problems with people you've given your wireless password to actually mucking with the system when they shouldn't? Right now, there is no provision to block devices. Two suggestions. Is it possible to disable iPhone access during production? Perhaps you should reconsider who you are giving your password to for now, since that's a pretty awful thing for someone who calls themselves a production person to do. However, having said that, I'd imagine we can deal with this when security log in is implemented.
Wow.
a
[edited by: Anne Valentino at 12:48 PM (GMT -6) on Wed, Dec 23 2009]
We haven't experienced any malicious behaviour yet. However, we are turning down requests from people who just got their shiny new toy (iPhone) and want to be able to hook in to our shiny not-so-new-but-continually-being-polished toy (Ion) when they are working a show. So far we just say "no" and make them use our dedicated tablet PC or phone remote.
Since we are an all-volunteer community theatre you can appreciate
that we have quite a mixed bag of people from technically savvy to
technophobe. While there's nobody that makes me particularly nervous,
we do have some people who have been known to act before they think,
and some board ops who are not particularly adept at dealing with
unexpected problems.
We could disable the wireless router during performances but it means restricting who gets to work on a show, or giving out the administrative password to the router to the technophobes and praying they don't inadvertently kill the network entirely. It's not a great alternative.
iPhones and iPods are pretty ubiquitous these days. Ion and Element consoles are
becoming more common in our area. Put the two together and I worry
(perhaps needlessly) that half the high school, college, and university theatre techs will be
running around with iRFR, EDMX, RDM or sACN applications and a list of passwords to local venues in a couple of years. I don't envy the team that has to implement security. Did I mention our Sensor rack is on the same network...;)
Well, that's one of the reasons that the iPhone has to know the IP address of the device it is trying to connect to.... to keep anybody who's downloaded the app from tampering with your system. And I do understand the concern. We do have security log in on our list and this will be the most efficient way to manage it.
Why not use MAC address filtering on your wireless router? If you always know who is supposed to be connecting up to the system, then you can have their MAC addresses entered into the router, thus eliminating anyone else who tries to connect up. I have had several "smart" students who have proposed a similar situation to me that you described above and I just tell them that if they can connect up to the network with their iphones than they deserve to make changes!
Another tip would be to make sure the wireless router is only used to access the system wirelessly. I make sure that no other device is connected to the router. This way I can unplug the router and not affect my network.
I was gonna suggest MAC filtering for any one who is using a router as their server and not the console. I don't think the ION is capable of it as of now (I could be wrong). Either that or just disable DHCP and go with a static IP setup. Either method will work, however be aware that it is relatively easy for a determined person to crack wireless networks. Even one with MAC filtering, and WEP encryption. The best method for securing your network work is WPA with a really long random password, MAC address filtering and do not broadcast your SSID. That may be a bit extreme for some users that dont have mailicious users. If all you are worried about is a joker bringing up a light to mess with the bord op you probably dont need to go that far.
rkilpatrick's point about wireless security is valid, but I have a different mindset. During a performance, I wouldn't want any unauthorized or authorized people bringing up channels from the iRFR. The best way to guarantee that level of security is unplugging the wap.
[edited by: Tracy.Fitch at 9:09 AM (GMT -6) on Thu, Oct 28 2010]
