To use RetailPlayer in a live environment often leads to security questions which go beyond the streaming of music. To answer questions like,
"does this device open any security hole" or "what if this device gets hacked" we have put together an overview of the security features of
RetailPlayer.
Encrypted Communication with client certificates
The communication between the Player and the Portal is one of the main features of the RetailPlayer solution, therefore it needs to be secured!
The communication over the WebSocket protocol is secured by standardized SSL/TSL encryption, which is "State of the Art" technology for
encrypted communication over the internet. To Initialize the connection, every player needs to have a local client certificate installed issued by
Barix; this is a process done during the firmware update on the device. This protects the connection from 3rd party attacks making sure your
device cannot be hijacked. Loading different certificates is not possible; the connection will be rejected without a valid certificate. Barix is the sole
entity that can release certificates.
Unique Password for every device
Every Barix device that was developed after 2019 has a unique, randomly generated, and secure password assigned by the factory. In this way,
every device comes with built-in security when shipped.
Latest Linux Based Software
The RetailPlayer devices are running on the latest software provided by Barix. The Linux based OpenSource Operating System provides a
secure platform for the RetailPlayer solution. Barix is continuously updating the software on the device at every update of the RetailPlayer
firmware.
Barix firmware and Malware
There are no troubles with Malware on a RetailPlayer device! Even though it's theoretically a complete computer system and could run any
software, there is no way to download and run malware. Since the firmware is a closed package that only accepts Barix software, SSH or Shell
connection is not possible, hence the installation of 3rd party software is not possible. The only application running on the device is the
RetailPlayer software, changing this is not possible. To catch any virus or Trojan is also not possible since every access to the system is closed.
Compliance and further Information
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These
limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and
can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio
communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful
interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct
the interference by one or more of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Connect the device into an outlet on a circuit different from that to which the receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.
Safety and precaution recommendations apply. Find them in the download section at
Find your distributor on this list
For questions that are extending the documentation, feel free to contact us on:
Change default passwords and use strong ones for accessing the Portal and to the web user interface on a RetailPlayer device. Store
them in a safe place.
