@BCBC - may I offer what I hope (and think) may clarify matters, please?
I, too, have worked in several areas where security was an issue, and discussed often… it was just the responsible thing to do. Despite the best efforts of the team responsible, we nevertheless experienced intrusions.
I’ve re-read each post in this thread, and can’t find anyone saying that Roon and/or the network environment on which it relies is more or less vulnerable than any other application.
Nor indeed that any one version of Roon on any platform is more or less open to attack or be the object of malice than any other.
Nor do I (nor anyone else outside the developers at RoonLabs, I suspect) have any inside knowledge of steps and changes to the codebase which have, or have not, been necessary as Roon has matured from earlier versions (like 1.8) to the latest release.
But - potential (but rare) regressions aside - more recent versions and iterations are likely to be sounder, more robust and more secure than their predecessors. That’s just common sense.
Maybe these threads and conversations can all be discounted. But I’d also like to think I was doing everything I could anyway; wouldn’t you?
- Time to step up security of ROCK and Roon?
- Security Risk - IP Reputation Attacks
- Vulnerability in Roon Server - Security Advisory | QNAP (US)
I hope we’d all sympathize with your reluctance to updating if doing so might deprive you of functionality.
And hope that - were you to give details and ask for help here - whatever went wrong would be addressed. Again, a scan of the forum doesn’t suggest that your experience is widespread. So worth investigating!
I’d imagine that we’d all agree that you’re free only to upgrade if and when you want to.
But IMHO - and from five years experience as a happy Roon user - new releases are only released after thorough testing, and specifically because RoonLabs believes (and presumably has consistently found) that they are of the greatest benefit to the greatest number of users.