DLNA Media Security (Compact 7)


Windows Embedded Compact interacts with Digital Living Network Alliance (DLNA) devices. Through DLNA, media devices can find each other and share media over a network. Currently, a Windows Embedded Compact device can act as a Digital Media Player (DMP), a Digital Media Controller (DMC), and a Digital Media Renderer (DMR).

One scenario that DLNA enables is for a DMC to automatically set up a connection between a DMS and a DMR. This connection may present a security risk. For example, if a user uses a device to log on to an unsecured network in a coffee shop and DMR is enabled on that device, another user on the same network can play or render media on the device without triggering a dialog box that asks if the user wants to permit that action.

You have three options to mitigate this security risk.

  1. Disable DMR by default.
  2. On the Windows Media Player UI, give the user a choice to enable or disable DMR by using a check box. Use the HKEY_LOCAL_MACHINE\Software\Microsoft\CEMPlayer\Common\ ENABLE_DMR_CAPABILITY registry key to store this information, and write the code to enable or disable DMR based on the value of this key.
  3. Create a dialog box in which the user, when initially connecting to a network, indicates whether the device is connecting to a home, work, or public network. If the user indicates a home or work network, then enable DMR. For a public network, disable DMR.

The following code snippet shows how to enable and disable DMR on a device.

HRESULT DMRComm::EnableDMRDevice(BOOL bEnable)
    HRESULT hr = S_OK;
    CComPtr<IUPnPRegistrar> punreg;
    CComPtr<IUPnPReregistrar> prereg;
    BSTR deviceId;
    deviceId = SysAllocString(DeviceUDN);
        CHR(CoCreateInstance(CLSID_UPnPRegistrar, NULL, REGISTRAR_CLSCTX, IID_IUPnPReregistrar, (LPVOID *)&prereg));
        CHR(prereg->ReregisterDevice(deviceId, L"\\windows\\upnp\\MediaRenderer.xml", L"MediaRenderer.Device", NULL, NULL, NULL, 0));
        CHR(CoCreateInstance(CLSID_UPnPRegistrar, NULL, REGISTRAR_CLSCTX, IID_IUPnPRegistrar, (LPVOID *)&punreg));
        CHR(punreg->UnregisterDevice(deviceId, FALSE));
    return hr;