Question BubbleUPnP security?

[tinpanalley]

I was recently recommended Bubble by a colleague who claims it's perfectly safe to use. Can anyone speak to that at all? Is BubbleUPnP secure and if not out of the box, is there something I can do to make it safer to keep running all the time? I want to access my entire music share library when I'm not at home.

 

[sdifox]

Ever consider setting up a Plex server?

 

[mxnerd]

So, your MicroSD is not big enough?

What you need is VPN that's secured, not specific media server/player.

Once you establish a VPN for your PC or devices, you can use any media server or player you like, or just use SMB (file sharing) over VPN.

ZeroTier is free, open source point to point VPN and faster than OpenVPN. No port forwarding to configure.

You do need to create an account at their website. Create a network with your choice of virtual LAN IP range , then authorize devices to join the network.

 

[sdifox]

So, your MicroSD is not big enough?

What you need is VPN that's secured, not specific media server/player.

Once you establish a VPN for your PC or devices, you can use any media server or player you like, or just use SMB (file sharing) over VPN.

ZeroTier is free, open source point to point VPN and faster than OpenVPN. No port forwarding to configure.

You do need to create an account at their website.

Plex is a solution to many of his problems xd

 

[mxnerd]

Plex is a solution to many of his problems xd

Yeah. As long as it's streaming via https. He probably need to get a free certificate from https://letsencrypt.org

I don't know if Plex comes with a self generated certificate. Well, I don't listen to music 99.99% of the time.

But I don't really know what protocols Plex use actually. 😁 Lighten me up?

 

[sdifox]

Yeah. As long as it's streaming via https. He probably need to get a free certificate from https://letsencrypt.org

I don't know if Plex comes with a self generated certificate. Well, I don't listen to music 99.99% of the time. 😁

Plex does this bounce from their server so you don't even need a static ip. And it does use self signed cert, good enough for home users. You can of course use your own provider signed cert.



You can just run it in a browser on your phone, or buy their app, unless you want to pony up for the PlexPass. I don't have PlexPass but I did get the app free from Amazon years ago.

I run the server in a vm in its own vlan with read only access to the content drives

 

[mxnerd]

OK. Plex free vs paid

Plex: Free vs Paid

The personal media side of Plex works by connecting your media, the Plex Media Server, and the various apps for...

support.plex.tv

$4.99 for Android App is fair.

Unlocking or Activating Plex for Android

This article only applies to Plex for Android version 10.27.1 and below The Plex for Android app is available to download...

support.plex.tv

 

[tinpanalley]

Ok, so BubbleUPnP is not something that is good for this? Not secure enough? Seems unsafe?
Plex I don't like because we'd have to buy the app on our tablet and both of our phones to use it how we want. Android doesn't have it as a Family App to share among Family accounts.

 

[sdifox]

Ok, so BubbleUPnP is not something that is good for this? Not secure enough? Seems unsafe?
Plex I don't like because we'd have to buy the app on our tablet and both of our phones to use it how we want. Android doesn't have it as a Family App to share among Family accounts.

generally speaking you want to limit exposure as much as you can. From the looks of it you still need to setup server and you need to get dynamic dns name setup as well. You can look at Kodi if you don't like Plex, or wait for PlexPass to go on sale. I have not played with BubbleUPnP so cannot comment on it.

 

[tinpanalley]

generally speaking you want to limit exposure as much as you can. From the looks of it you still need to setup server you need to get dynamic dns name setup as well. You can look at Kodi if you don't like Plex, or wait for PlexPass to go on sale. I have not played with BubbleUPnP so cannot comment on it.

It seems Bubble sets this all up for you, the port forwarding, etc. My colleague really supports it, I just wanted a second opinion.

 

[sdifox]

It seems Bubble sets this all up for you, the port forwarding, etc. My colleague really supports it, I just wanted a second opinion.

err it has a page for you to put in the dynamic name server login and password, but that means you have to go procure a dynamic dns service. no-ip does provide dynamic dns and ssl for free, but you still need to register a name with a domain registrar. And generally speaking, having a domain name makes you a bigger target than not having one.

SSL Certificates - Secure Your Website - No-IP

www.noip.com

Serving all your music sounds fun til the moment you need to scroll through them

<--- has 1TB of music.

 

[mxnerd]

I think the problem is that most people here probably don't have experience with BubbleUPnP or don't even hear about it before.

Besides, it seems you still need a license.

BubbleUPnP UPnP/DLNA License – Apps on Google Play

Stream all your media to various devices in your house. Unlocker app.

play.google.com

 

[sdifox]

I think the problem is most people here probably don't have experience with BubbleUPnP.

Besides, it seems you still need a license.

BubbleUPnP UPnP/DLNA License – Apps on Google Play

Stream all your media to various devices in your house. Unlocker app.

play.google.com

I have installed it before, but just the client. Given the vast different devices I have in my household Plex was the right choice for me.

honestly just copy the music onto your phone/SD card. how much music do you have? I didn't put my music on plex.

vpn solution like you suggested seems a much better solution than BubbleUPnP if one wants to access your music remotely.

 

[mxnerd]

I prefer stuff that's free and open source. ZeroTier VPN is free up to 50 devices last time I checked. To access a device, just use it's virtual IP.

Kodi is also free and open source, which seems to be media server & player in one, not sure. Could be Plex alternative.

 

[tinpanalley]

<--- has 1TB of music.

Same.

I prefer stuff that's free and open source. ZeroTier VPN is free up to 50 devices last time I checked.
Kodi could be Plex alternative, which seems to be media server & player in one, not sure.

As do I.
I have Kodi on a Rpi for watching video from the same LAN hdd the music is on on the TV.
I also have a VPN (Windscribe) if that's all that's required.

I think I need to understand all the elements that make up setting something like this up first so I understand the whole process and can then choose the solution that I like best.

 

[mxnerd]

The VPN services know by most people use OpenVPN technology and it provides a different route and exit point (a server that's located in different cities) to websites. It's not for connecting your devices in different locations, although that's the original design concept.

If you want to use OpenVPN technology, you need to setup OpenVPN server at home, configure it properly and correctly, generate certificates for server and client device, it's tedious and extremely error prone. ZeroTier is a lot easier.

TeamViewer also have (free?) VPN built in its remote control app, but I never use it so I can't share my experience.

Also don't know if it cost money for Android APP. I only use it for PC remote control.

See if there is tutorial on youtube.

 

[tinpanalley]

The VPN services know by most people use OpenVPN technology and it provides a different route and exit point (a server that's located in different cities) to websites. It's not for connecting your devices in different location, although that's the original design concept.
If you want to use OpenVPN technology, you need to setup OpenVPN server at home, configure it properly and correctly, generate certificate for server and client device, it's tedious and extremely error prone. ZeroTier is a lot easier.

Ok, my Windscribe has an open VPN config generator for setting it up.
I need to literally research everything you mentioned because I don;t know enough about any of it.
Thanks.

Besides, it seems you still need a license.

It's 4.69 one time and works across all devices.

 

[tinpanalley]

honestly just copy the music onto your phone/SD card. how much music do you have? I didn't put my music on plex.

It's not about getting some music on my device, it's about having access to anything I have at any point. Not just when out, but also in our place of work. It's about 600GB. And remembering to copy this record or that one or finding time to update the media player is becoming a pain. It's just the way we want to work with our media, and I'm just asking whether Bubble is something others would recommend. My colleague worked in IT for 15 years and he swears by it but I wanted to see what others thought.

 

[mxnerd]

By the way, there are several free audio or media servers on Windows:

Logitech Media Server, Universal Media Server. Again, don't really have experience.

 

[sdifox]

It's not about getting some music on my device, it's about having access to anything I have at any point. Not just when out, but also in our place of work. It's about 600GB. And remembering to copy this record or that one or finding time to update the media player is becoming a pain. It's just the way we want to work with our media, and I'm just asking whether Bubble is something others would recommend. My colleague worked in IT for 15 years and he swears by it but I wanted to see what others thought.

I have been in IT since the early 90s xd Generally speaking connecting to your home from work is a big no no.

 

[mxnerd]

I have been in IT since the early 90s xd Generally speaking connecting to your home from work is a big no no.

Completely agree. Unless your company ask you to, then that's a different story.

 

[tinpanalley]

I have been in IT since the early 90s xd Generally speaking connecting to your home from work is a big no no.

Ok, cool. I wasn't aware about your career. Clearly explains why you've always been so helpful to me.

It's not 'from work', it's more 'while at work'. We help run a small food establishment and we play the music in the place. And also, when we rent a Communauto we invariably wish we had updated the music on the player for the latest album we got. And we eventually said, "this is silly, there's gotta be a way to have access to your home smb shares while outside your home for people who hate spotify et al."

 

[sdifox]

Ok, cool. I wasn't aware about your career. Clearly explains why you've always been so helpful to me.

It's not 'from work', it's more 'while at work'. We help run a small food establishment and we play the music in the place. And also, when we rent a Communauto we invariably wish we had updated the music on the player for the latest album we got. And we eventually said, "this is silly, there's gotta be a way to have access to your home smb shares while outside your home for people who hate spotify et al."

yeah, that is why I am reluctant to trust things that expose your shares directly like that. Accessing home resource through VPN is a more secure solution. as to playing music at restaurant, just hope you don't get caught on copyright issues, unless you are just talking about playing from your phone to yourself.

 

[sdifox]

Completely agree. Unless your company ask you to, then that's a different story.

one thing that irks me about plex is how it likes to create sub folders and xml files. I only have videos on there, I don't want to think about how big these two folders will get if I throw in music.

 

[tinpanalley]

one thing that irks me about plex is how it likes to create sub folders and xml files. I only have videos on there, I don't want to think about how big these two folders will get if I throw in music.

View attachment 55396
View attachment 55397

I noticed that too. Really slowed down the whole program on my PC. Was updating constantly in the background.