Talk:Universal Plug and Play

From Wikipedia, the free encyclopedia

This page has been cited as a source by a media organization. The citation is in: Vladimir Pisodorov. "InterVideo WinDVD Platinum 7.0", Svet Kompjutera, August, 2005. (details)

Universal Plug-and-Play

According to the UPnP Implementers Corporation, the UPnP word mark is NOT an acronym and should always be written as UPnP.

The corporation's own tips on using the word mark claim that the UPnP mark "...is a single entity that happens to consist of four symbols (i.e. four letters), which individually do not have any particular meaning."

I think that at least the page content should be changed, but am unsure as to whether or not the title should also be changed. (Newbie insecurity:-)

JoeBloggs 13:26, 29 Mar 2005 (UTC)

Could it be that "Universal Plug and Play" and UPnP is the name of the technology, where "UPnP(tm)" is the trademark of the UPnP(tm) Implementers Corporation? Their point about the letters not having any meaning could be to protect their mark as being different than Universal Plug and Play, the technology, giving them weight should the need arise to protect their certification program in court. While I am not able to find any support for this, the term, "Universal Plug and Play" and, "UPnP" (sans TM) appears too often and for too many years together for me to think that UPnP (sans TM) does not stand for Universal Plug and Play and vice versa. Anyone else know better? --FlashBIOS 02:53, 2 May 2006 (UTC)

Too many red links on this page. Set up some of these as redirects, or change the content. ArbiterOne 10:10, 8 Jun 2005 (UTC)

Contents 1 Auto IP? 2 Steve Gibson - Hysteria? 3 Companies behind it, forum, corporation 4 dead link report 5 security considerations 6 Digital Item Declaration Language 7 Link to libupnp changed 8 UPNP TwonkyVision 9 Examples, Anyone? 10 M740 AV ? 11 On2Share is no longer available as stand-a-lone UPnP Control Point for Winamp (beta) 12 Security 13 CopyVio? 14 Comparisons of software/hardware? 15 Too technical 16 Added Media Renders 17 Removed sections for UPNP AV Media Servers 18 New UPNP security issue 19 The overview section needs work

[edit] Auto IP?

What exactly is "Auto IP"? I've never heard of such a thing. There's Reverse ARP (RARP), Bootstrap Protocol (BOOTP), and Dynamic Host Configuration Protocol (DHCP), but no "Auto IP". It's removed in the article until someone can explain wtf it is.—Kbolino 04:41, September 6, 2005 (UTC)

"Auto IP" generally refers to RFC 3927 (Dynamic Configuration of IPv4 Link-Local Addresses). See Zeroconf. -- markmc 09:32, 25 November 2005 (UTC)

[edit] Steve Gibson - Hysteria?

Steve Gibson grc.com has a utility to turn off all related UPnP services under Windows XP. On his podcast he also makes heavy usage out of how bad he think it is. Should this be included in this article, or is it hype?

[edit] Companies behind it, forum, corporation

Except for link to UPnP Forum (no info there), no info about companies behind this protocol. Background info about companies, history, etc would be nice.

Just as a quick note i know that Nokia likes UPnP :-) because the N80 (to be released soon) is actually going to support it.

[edit] dead link report

the "technique comparison" link at the end of the article is dead.

[edit] security considerations

It is interesting to see more deep security analysis about risks of using this protocol in public commercial or corporative environments. Also which kind of attacks this one is exposed to (spoofing, MITM, DoS, etc).

[edit] Digital Item Declaration Language

Perhaps there could be a link in this article to Digital Item Declaration Language, it seems quite in accordance.

[edit] Link to libupnp changed

I changed the link "An Open Source UPnP Development Kit" to http://pupnp.sourceforge.net/ because the old project at http://upnp.sourceforge.net/ is dead, this one is the successor.

[edit] UPNP TwonkyVision

Its the wrong way round. The software is called TwonkyMedia made by TwonkyVision. It also isnt free anymore. Changes made as nescessary. TREX6662k5 03:06, 24 August 2006 (UTC)

[edit] Examples, Anyone?

This article would be more immediately useful if it included at least one good example of a usage of UPnP, either near the beginning of the text or in a dedicated section. The MediaServers section, for example, has an example (PVRs), but not the UPnP article itself. (Adding something other than networked PVRs would be best for this.) Parsiferon 23:00, 27 August 2006 (UTC)

[edit] M740 AV ?

No mention is done about Siemens Gigaset M740 AV (Tnt Decoder) witch can connect to a media server

[edit] On2Share is no longer available as stand-a-lone UPnP Control Point for Winamp (beta)

As mentioned in section '5.1 UPnP Software Players & Control Points': -Winamp, a free closed source media player for Windows, using the commercial On2Share UPnP plug-in.

The plug-in is no longer available. see On2Share - UPnP Media Server & Control Point - On2Share [Winamp] --81.207.71.194 11:00, 23 October 2006 (UTC)

[edit] Security

• UPnP does not have a lightweight authentication protocol, while the available security protocols are complex. As a result, many UPnP devices ship with UPnP turned off by default as a security measure.

What does that mean? — Omegatron 06:53, 20 January 2007 (UTC)

that it takes up allot of memory, and thus disabled. Markthemac 14:44, 7 October 2007 (UTC)

[edit] CopyVio?

Lots of text seems directly copied from [1] and only modified slightly. Compare the example of:

(The Wikipedia Article)

The UPnP architecture offers pervasive peer-to-peer network connectivity of PCs, intelligent appliances, and wireless devices. The UPnP architecture is a distributed, open networking architecture that uses TCP/IP and HTTP to enable seamless proximity networking in addition to control and data transfer among networked devices in the home, office, and everywhere in between.

to

(The link)

UPnP is an architecture for pervasive peer-to-peer network connectivity of intelligent appliances, wireless devices, and PCs of all form factors. ... UPnP is a distributed, open networking architecture that leverages TCP/IP and the Web technologies to enable seamless proximity networking in addition to control and data transfer among networked devices in the home, office, and public spaces.

The source material is copyrighted, and I don't think the wikipedia article is enough of a re-write, but I'm not gonna tag the article, yet. Gront 21:37, 24 January 2007 (UTC)

[edit] Comparisons of software/hardware?

Does anyone know of a comparison of the different software/hardware packages out there with an emphasis on feature lists? This seems like a good idea for this page... Twinotter 21:30, 7 March 2007 (UTC)

[edit] Too technical

This article goes into too much technical detail -- the bulk of it describes the workings of the protocol, and parties needing that information should go directly to the source. At the same time, the article does not answer (in clear terms, anyway) simple layman's questions like whether UPnP is dependent on both hardware and software designed to support it (and the answer is yes, you need both). VanishingUser 09:34, 26 March 2007 (UTC)

I think that a much better technical article that covers the same ground is Zeroconf Rstonehouse (talk) 22:00, 15 January 2008 (UTC)

[edit] Added Media Renders

Back in Feb 07 a list of hardware media players was removed from the control points section. This list is correct just in the wrong section so i have restored the old list and put it under the heading "UPnP Media Render Hardware"

[edit] Removed sections for UPNP AV Media Servers

15/11/07

The article is about UPNP not its specific device implementations and what can be achieved by it, there was very little content to this section and just a big bunch of links I have created a new article about UPnP AV MediaServers with what was there. feel free to clean that up. Very little gravitas indeed 10:12, 15 November 2007 (UTC)

[edit] New UPNP security issue

Reported here http://www.channelregister.co.uk/2008/01/15/home_router_insecurity/ is a new issue with UPNP. Maybe someone more tech aware than me can add it. Dublinblue (Simon in Dublin) (talk) 11:22, 15 January 2008 (UTC)

The article is _sort_ of accurate. I see that someone has added a "criticism" section to this article which references an article outlining the same problem (http://www.gnucitizen.org/blog/flash-upnp-attack-faq/), but in my opinion, this criticism is misplaced. This is not a problem with UPnP, but a problem with how UPnP is used with Internet Gateway Devices. There is no reason authentication cannot be incorporated into UPnP devices (the standard doesn't define it, but that doesn't mean it's not possible--I wrote an application that implements authentication over UPnP).

The real issue is the way Internet Gateway Devices have been defined (in general, the UPnP IGD specification is flawed to its very core). UPnP is a presence, messaging, and control protocol, and has nothing to do with IGD devices. IGD _uses_ UPnP, but it seems odd to criticize the protocol simply because one implementation of the protocol was poorly engineered.

Does anyone have any thoughts on this? I'm inclined to move the criticism section to a different article; I really think it's misplaced in this article.

[edit] The overview section needs work

The overview section sounds like an advert for UPnP.

The way i understand it, the main problem with UPnP is that it contains a mechanism for configuring of NAT traversal without demanding authentication. The technology stinks of dumbing computing down and making it insecure. If Joe Sixpack enables UPnP on their router at home, it is possible that a flash applet loaded by an internet page they view will reconfigure their router, so allowing access from outside to their home network.

Having said that, the news section seems out of place. Why explicitly list this one bug? A reference somewhere in the criticisms section would be enough here, in my opinion. Howlingmadhowie (talk) 08:41, 11 June 2008 (UTC)