FLEX Security Information

FLEX Security Information

Using FLEX in a network  environment often leads to security questions such as, "does this device open any security hole" or "what if this device gets hacked". To help answering these concerns, here is an overview of the security features that will hopefully address concerns.

Barix is Steady Brand's OEM Manufacturing Partner.

Encrypted Communication with client certificates

The communication between the FLEX and our status portal is one of the main features of our platform and therefore it needs to be secured. The communication over the WebSocket protocol is secured by standardized SSL/TSL encryption, which is "State-of-the-Art" technology for encrypted communication over the internet. To Initialize the connection, every player needs to have a local client certificate installed issued by Barix; this is a process done during the firmware update on the device. This protects the connection from 3rd party attacks making sure your device cannot be hijacked. Loading different certificates is not possible; the connection will be rejected without a valid certificate. Barix is the sole entity that can release certificates.

Unique Password for every device

Every Barix device developed since 2019 has a unique, randomly generated, and secure password assigned by the factory. In this way, every device comes with built-in security when shipped.

Latest Linux Based Software

FLEX devices are running on the latest software provided by Barix. The Linux based Open Source Operating System provides a secure platform. Barix is continuously updating the software on the device at every update of the FLEX firmware.

Firmware and Malware

There are no troubles with Malware on a FLEX device. Even though it's theoretically a complete computer system and could run any software, there is no way to download and run malware. Since the firmware is a closed package that only accepts Barix software, SSH or Shell connection is not possible; hence the installation of 3rd party software is not possible. The only application allowed to run on the device is the FLEX software; changing this is not possible. The FLEX operates an entirely closed system to prevent susceptibility to virus or Trojan applications.

Change default passwords and use strong ones for accessing the Portal and to the web user interface on a RetailPlayer device. Store them in a safe place.

Compliance and further Information

This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

  • Reorient or relocate the receiving antenna.

  • Increase the separation between the equipment and receiver.

  • Connect the device into an outlet on a circuit different from that to which the receiver is connected.

  • Consult the dealer or an experienced radio/TV technician for help.

Safety and precaution recommendations apply.