MobileRead Forums - View Single Post - Tools KindleCast - Stream your Windows desktop to Kindle PW4 over USB 25+ FPS, open source

Joelkc · 05-29-2026, 05:56 AM

EDIT (2026-05-29): Repository temporarily private — security hardening in progress
While reviewing the v1 code with fresh eyes I confirmed two issues I want to address before more people deploy this:

1. The UDP protocol has no authentication or source-IP validation — anyone on the same LAN can send frames or control messages.
2. The `CMD:` control message passes its payload directly to `system()` on the Kindle (running as root via the KUAL launcher).
In a typical home setup behind NAT this is not reachable from the internet, so existing v1 users on a trusted home network are not in immediate danger. The real concern is anyone who port-forwards UDP 5050, runs on a shared/public WiFi, or deploys this on a Kindle that's also doing something else sensitive.
Repo is private until I land:

* Whitelisted command set on the receptor (presets become enum'd actions, not arbitrary shell)
* Shared-token handshake + IP lock for the session
* SECURITY.md with the threat model spelled out
Will post here again when v2 is up. Thanks for the patience — happy to discuss the design of the auth layer in this thread if anyone has input.

05-29-2026, 05:56 AM	#3
Joelkc Junior Member Posts: 2 Karma: 22 Join Date: May 2026 Device: pw4	Security update — repo temporarily private EDIT (2026-05-29): Repository temporarily private — security hardening in progress While reviewing the v1 code with fresh eyes I confirmed two issues I want to address before more people deploy this: 1. The UDP protocol has no authentication or source-IP validation — anyone on the same LAN can send frames or control messages. 2. The `CMD:` control message passes its payload directly to `system()` on the Kindle (running as root via the KUAL launcher). In a typical home setup behind NAT this is not reachable from the internet, so existing v1 users on a trusted home network are not in immediate danger. The real concern is anyone who port-forwards UDP 5050, runs on a shared/public WiFi, or deploys this on a Kindle that's also doing something else sensitive. Repo is private until I land: * Whitelisted command set on the receptor (presets become enum'd actions, not arbitrary shell) * Shared-token handshake + IP lock for the session * SECURITY.md with the threat model spelled out Will post here again when v2 is up. Thanks for the patience — happy to discuss the design of the auth layer in this thread if anyone has input.