X-Air

Re: X-Air

running 0.5.1 beta just fine under parallels - so I tried to load the new OSX 0.5.1 beta...

I just get a window that says.. [ The application "X-Air-Edit" can't be opened. ]

Dear Decian,

This is a due to a new security feature in later versions of OSX, regarding opening Apps downloaded from the internet outside of the App store. If you hold the “control” key and click the file, and choose “open”, OSX will give you the option to open the app. Hope it helps!
 
Re: X-Air

10.10 on iMac and 10.8 on laptop. I haven't heard of any OS X limitations for EDIT. Probably safe from 10.6 and up, just guessing.
 
Re: X-Air


Dear Decian,

This is a due to a new security feature in later versions of OSX, regarding opening Apps downloaded from the internet outside of the App store. If you hold the “control” key and click the file, and choose “open”, OSX will give you the option to open the app. Hope it helps!

Must be something else guys, because the same thing happens when I do that... Just wondering if anyone can run it on 10.10.2 maybe?
 
Re: X-Air

Dear Decian,
I am using 10.10.2 as well. If you set your security settings from within OSX from "App downloads only allow from Mac App store" to "Mac app store and verified developers", the trick I mentioned above should work. Hope it helps!
 
Re: X-Air

Dear Declan,
In addition to John's recommendation: Go to the program and open it with the right click on the mouse and select "Open". Then you will be asked if you REALLY want to open a not certified application. You confirm and from that point on you will be able to always open this app without further questions. I am also running 10.10.2.
 
Re: X-Air

I'm a big fan of the megathread idea, where the hive mind focuses intently on a specific subject before getting bored and moving on to another one to focus intently before getting bored, which allows all information about a subject to be found in one place each day.

Here are some links to interesting XR-18 topics that are currently under discussion:

Series of Behringer videos posted by John DiNicola on the Behringer X Air forum: http://bit.ly/1w4WnGU

Discussion of the inadequacies of the WEP security protocol in the XR-18:

http://forum.music-group.com/showthread.php?6305-XR18-Access-Point-Can-it-have-a-Password-Setting

From TJ Miller on page 3: "[FONT=lucida_granderegular]If you're going to use the built-in WiFi Access Point on the XR, you might as well not even bother with a WEP password because it's no more secure than no password at all. WEP Cracking apps for Android can crack a WEP password in minutes. Anyone that would be smart enough to figure out how to manipulate traffic to your XR's Access Point on an open network is going to be smart enough to run an app to crack a WEP password."

[/FONT]
http://forum.music-group.com/showthread.php?6531-Should-I-be-concerned-that-Access-Point-mode-only-has-WEP

Also from TJ, page 1: "[FONT=lucida_granderegular]Most people have this vision of hackers as some clandestine evil folks hiding in shadows trying to wreak havoc and take over the world. That's just not the case for most hackers. [/FONT]

[FONT=lucida_granderegular]So what would a "hacker" be doing at your shows? Well most hackers are 18-35 yrs old, hold regular day jobs (some in a security research role) and many are into music as either musicians or DJ's. They like to deconstruct things to see how they work. When they encounter something new that they've not seen before, they dig in and try to discover what it is, how it works and what they can do with it. Just as musicians carry their music in themselves wherever they go, so do hackers carry that curiosity and desire to discover wherever they go (not just hiding out in their basements).[/FONT]

[FONT=lucida_granderegular]So when a hacker walks the streets with his happy iPhone or Android phone, most likely he's got a wifi war-walker going. When he goes to a concert or a DJ gig, he's got it going. When he sees an odd open Wifi Network or a Wifi network protected by WEP, well now his curiosity is peaked and he knows he can explore. So when he explores what does he find? A communications protocol that he quickly discovers is controlling the PA. So he starts to play with it. Spoofs packets and begins adjusting mic gain on a channel, changes the routing (possibly even by accident, after all he's just playing trying to figure out what it does), do you see the potential concerns here?[/FONT]

[FONT=lucida_granderegular]It doesn't have to be someone who's out to do any harm or specifically targeting you. More than likely it's going to be someone who's armed with some knowledge, finds your Wifi network and decides it looks interesting enough to play with. For those of you that have ever monitored a network firewall or intrusion detection system, you know how often even a small home network receives inquisitive traffic. For those of you know haven't, trust me it happens far more often than most people realize."

As you can see, there is a fair amount of discussion about the so-far bungled intention of the XR designers to have it be a more complete package with no need for an external router. Instead, they have chosen to use an insecure security feature that we hope will be able to be changed to WPA2 in a firmware upgrade.

There is also the beginning of a discussion regarding why some people report that their wifi networks bog down when rooms fill with punters, but it's too early to quote.

Why do you think the causes could be? Since this new mixer is completely controlled either by wifi or a direct Ethernet connection, reliable wireless control is a pretty important subject.

I hope this thread turns does for the X Air series what the X32 thread did for the X32 and its users.

Geez, this post is a mess of fonts.
[/FONT]
 
Last edited:
Re: X-Air

Hopefully I'm missing something but it appears the WiFi is 2.4GHz only? Nobody in their right mind is going to depend on that at a real gig :roll: .
 
Re: X-Air

That's what it is.

How do you tell if you are on 2.4Gig or 5Gig on an iPad?

I only know because I intentionally split my SSID's on my wireless router into two SSID's. One for 2.4 and one for 5Ghz .... so I log in to a specific one.

There is a handy Android app that shows all the SSID's, what frequency they are on, and what channel(s) they are using.
 
Re: X-Air

I only know because I intentionally split my SSID's on my wireless router into two SSID's. One for 2.4 and one for 5Ghz .... so I log in to a specific one.
Ah. We've talked about doing that but haven't done it. I guess it would make sense to help solve wifi problems.

There is a handy Android app that shows all the SSID's, what frequency they are on, and what channel(s) they are using.

And that would be the second good reason to go to Android, the other being the fuller X Air app features than the iPad. I don't expect that to last long, though, and will be very disappointed if it does.

Does it show hidden networks?
 
Re: X-Air

Ah. We've talked about doing that but haven't done it. I guess it would make sense to help solve wifi problems.



And that would be the second good reason to go to Android, the other being the fuller X Air app features than the iPad. I don't expect that to last long, though, and will be very disappointed if it does.

Does it show hidden networks?

Hmmm. Good question. I don't know. I would have to hide one of mine and give it a try ;)

None of the iPad apps can do this because Apple doesn't expose the API needed to get the information the Android app displays.

I am also seriously considering moving to Android for the reasons you stated. I will have to change my mic mount too which will cost me another $60.00, but then I would be set.
 
Re: X-Air

Hmmm. Good question. I don't know. I would have to hide one of mine and give it a try ;)

None of the iPad apps can do this because Apple doesn't expose the API needed to get the information the Android app displays.

I am also seriously considering moving to Android for the reasons you stated. I will have to change my mic mount too which will cost me another $60.00, but then I would be set.
Behringer has a new iPad update at Apple now and for at least the last week, so we should have new features any day. I hope.

The Android is attractive to me because it has that wifi sensing and naming app, and that may be the only reason IF there is an adequate iPad X Air app.

I was thinking more about splitting the 2.4GHz and 5GHz channels on each router, and think the reason we decided against it is that if you are connected to one and it develops a problem, the router/iPad will switch to the other if they are included in the same name but not if they have separate connections.

In other WiFi X Air news, Robert Lofgren posted the following:

"[FONT=lucida_granderegular]I've now checked your wep/wpa concerns with the development team.[/FONT]

[FONT=lucida_granderegular]While the Microchip wifi module supports WPA in client mode, it does not support it for its access point mode. [/FONT]

[FONT=lucida_granderegular]According to the information given by the chip manufacturer they do not plan adding that feature, due to internal memory considerations. It is therefor not possible for behringer to implement that functionality, even if they wanted to.[/FONT]

[FONT=lucida_granderegular]It is recommended that if people are really afraid there is sufficient criminal energy in the audience for hacking into the WEP protected X-AIR mixer, then a properly configured external wifi access point should be used. This also give the added benefit of the 5GHz wifi band that is less suspicious to external interference from mobile phones and like.[/FONT]

[FONT=lucida_granderegular]Not the answer you were looking for, but I hope this give you guys a better understanding of the current limitation of its implementation."

[/FONT]
To which I asked

[FONT=lucida_granderegular]"Looking closer at the manual sections covering "Access Point" and "WiFi Client" modes, it says that wifi client supports WPA2, which I interpret to mean that the XR's wifi connection to a WPA2 network is also WPA2 and therefore more secure than the Access Point network that the XR creates. Is this right? So it internally has the right stuff in one mode and doesn't have it in the other?[/FONT]

[FONT=lucida_granderegular]So in a situation where you wanted to locate a remote router closer to the point of operation (noisy wifi environment, line of sight issues, etc.) you could split the distance difference to a point that would reach both your mix position and the XR's wifi. Yes?"

[/FONT]
and he replied

[FONT=lucida_granderegular]"Yes, that sounds right. And the cool thing about such a setup is if the wifi router speaks both 2.4ghz and 5ghz you can run your tablets on 5ghz for its benefit and the wifi router will route the traffic to the 2.4ghz mixer.[/FONT]

[FONT=lucida_granderegular]Since both the router and mixer are stationary it will be easier to find and optimum placement of the antennas."

[/FONT]
So if you are concerned about hackers entering your system you will want to use an external router, either connected via Ethernet or via WiFi Client. Or you hardwire your computer into the Ethernet port.

"You" being a generic you.

And I'd quibble with Robert's use of the word "criminal", but be that as it may. TJ's comments above adequately address the motivations for most hackers IMO.
[FONT=lucida_granderegular]

[/FONT]
 
Re: X-Air

And I'd quibble with Robert's use of the word "criminal", but be that as it may. TJ's comments above adequately address the motivations for most hackers IMO.[FONT=lucida_granderegular]
[/FONT]
Well, hacking is criminal in my part of the world so...:twisted:. I'd call the police if anyone hacked my show and the venue owner would probably endorse that.

Please keep in mind that I'm not an employee of behringer so anything that I say is 'hearsay' and not official in any way.
 
Re: X-Air

Well, hacking is criminal in my part of the world so...:twisted:. I'd call the police if anyone hacked my show and the venue owner would probably endorse that.

Agree, at least in principle. In practice, of course, I don't know how much use the police would be.

As for those who "defend" hacker's motivation, whether the intent is evil or not, breaking into a system, particularly if that action causes disturbance or damage, is just as criminal (in most countries) as physically trespassing or breaking in.
Obviously, one protects oneself against trespassing if one sees the need, and the easiest way of protecting against hacking and wifi consternation is to go wired for the show.
 
Re: X-Air

Agree, at least in principle. In practice, of course, I don't know how much use the police would be.

As for those who "defend" hacker's motivation, whether the intent is evil or not, breaking into a system, particularly if that action causes disturbance or damage, is just as criminal (in most countries) as physically trespassing or breaking in.
Obviously, one protects oneself against trespassing if one sees the need, and the easiest way of protecting against hacking and wifi consternation is to go wired for the show.
To me, "criminal" is determined by intent as well as actions, with seriousness of results playing a role as well.

There is no question that there is a criminal element in the hacker world whose intent is to steal or defraud and cause serious damage to those they've hacked, as well as others whose intent is simply to cause big problems for "fun". The ones that I would think we are most likely to see at our gigs are those who are looking into technology to see how far they can get and what they can learn. While I don't welcome them into my system, I can appreciate that their efforts can help us make our stuff more secure by forcing us to secure our networks, and that will help protect us from those who are acting with criminal intent.

In other news, Behringer yesterday put out a video which addresses this issue and hits the high points of the discussion without accepting culpability for having weak security on the built-in Access Point.

https://www.youtube.com/watch?v=_CpcZbRrGvk

They also posted links to several videos to learn more about 2.4 Gig networking:

https://www.youtube.com/watch?v=3YHovkP1JC8

http://windowsitpro.com/mobile/wi-fi-best-practices

http://compnetworking.about.com/od/w...ifichannel.htm

That second outside link has a couple of interesting passages:

[FONT=lucida_granderegular]"Wired Equivalent Privacy (WEP) is the oldest encryption algorithm available for use and one you should completely avoid. In addition to 64-bit encryption, WEP supports 128-bit encryption—but don't let the higher number fool you. Both have numerous security flaws, and it's trivial to defeat the encryption on a WLAN using WEP. There are even downloadable utilities that can be installed that will do the decrypting for you in a matter of minutes.[/FONT]

[FONT=lucida_granderegular]"WEP has been completely deprecated and shouldn't be used."[/FONT]

[FONT=lucida_granderegular]Also from that one:[/FONT]

[FONT=lucida_granderegular]"7. Consider skipping SSID hiding. A common suggestion is to set your network name (SSID) to be hidden, so that a potential attacker can't see it. This also then requires that anyone who wants to connect to the network will need to know both the password and the exact SSID. Although it's true that attackers won't be able to see the name of your network, they will be able to see that a network is there—and a sophisticated attacker will be able to determine the SSID anyway."

[/FONT]
And there was an official iPad app release through the App Store this afternoon, but it appears to be the same app in every way as what we already had, except for version number.

Sad, gray day in XR18 world.....
 
Re: X-Air

WEP encryption is easy to crack nowadays and Behringer made a very VERY poor choice incorporating access point functionality without WPA2 support.
If this was a product introduced in 2005, okay maybe, but in 2015? No way.

That being said, WEP security may not be very strong but if nothing better is available you definitely SHOULD use it. it is still a lot better than an open network.
Lots of people/devices will try to connect to any unprotected network to see if they can get internet access. A few hundred phones in the audience can slow your connection to unusable levels without the owners of the phones even knowing it.
If your network is using WEP encryption, weak as it may be, it requires a conscious choice and deliberate action by someone to try and crack your network.
That in itself will stop the vast majority of attempted connections right there.

If someone with the right knowledge and intent wants to get onto your network it'll be a lot easier for them with WEP than WPA(2), but then a DDOS is easy enough against either of them. You cannot stop people that are determined to attack your network but WEP will keep honest people honest and reduce the amount of connections to your network very considerably. if it's all you've got, use it! Weak protection is still infinitely better than no protection at all.

Behringer really should implement WPA2 and I cannot think of any acceptable excuse why they didn't in a product introduced in 2015.... but WEP still is way better than a completely open network.


S.R.
 
Re: X-Air

[FONT=lucida_granderegular]"7. Consider skipping SSID hiding. A common suggestion is to set your network name (SSID) to be hidden, so that a potential attacker can't see it. This also then requires that anyone who wants to connect to the network will need to know both the password and the exact SSID. Although it's true that attackers won't be able to see the name of your network, they will be able to see that a network is there—and a sophisticated attacker will be able to determine the SSID anyway."[/FONT]

Except that it's NOT true that attackers won't be able to see the name of your network..... they just have to look in a different place.
Anyone who understands how to break WEP encryption will very easily and quickly find a hidden SSID or spoof a MAC address.
Nothing very sophisticated, pretty basic.

S.R.
 
Last edited: