Just received this FCC notice through my SBE Chapter. it may apply to some of you as well:
"The Federal Communications Commission is requesting your assistance in disseminating the information below to your organization's members.
It has come to our attention that unauthorized persons recently may have illegally gained access to certain audio streaming devices used by broadcasters, and may have transmitted potentially offensive or indecent material to the public. We believe that the reported cases involved unauthorized access to equipment manufactured by Barix, which some licensed broadcasters use for studio-to transmitter (STL), remote broadcast (remote) and similar audio connections. We understand that the unauthorized access to the devices may be due, in part, to instances where the licensee fails to set a password for devices with no default password, or to re-set default passwords on the Barix device.
We urge licensees to take all available precautions to prevent future unauthorized transmissions. In many cases, there may be simple, practical solutions to prevent such situations from occurring. For example, we strongly encourage licensees that use Barix devices, as well as other transmitting equipment, to check and, if necessary, add a password, or reset existing passwords with new, robust passwords. Similarly, if a broadcast station experiences turnover in staff who had access to passwords, we encourage licensees to reset the password to ensure future security. We also recommend that broadcasters investigate whether additional data security measures, such as firewalls or VPNs configured to prevent remote management access from other than authorized devices, in some cases, could be implemented to preserve this potentially critical part of the broadcast transmission chain. If you suspect that broadcast equipment has been subject to attempts at unauthorized access, we also recommend that you contact the equipment manufacturer and/or a data security firm. We also suggest that you notify the FCC Operations Center at 202-418-1122 or [email protected] of suspected unlawful access.
If you have any questions, please contact Lark Hadley, the regional director for the Enforcement Bureau's Region Three via [email protected].
Thank you.
Charles Cooper
FCC/Enforcement Bureau/Office of the Field Director/Field Director"
I myself do not use a Barix unit, but will be this spring as I add a second transmitter down the road. I can assure you I'll have security and complex passwords. Although, who is likely to hack a Part 15?
Interesting, however. At the full powers I work for, we just purchased a third station (so I'm now chief engineer for three full powers) and we feed the transmitter audio for the new station via Barix units. As did the previous owner. Now, I'm certainly no IT guy, and I don't know diddly about computer networking, but according to our IT guy, we now have our own T1 line that goes directly from our studio to the transmitter and it is not accessible via the internet at all, it's part of our own LAN and that's it. I don't understand it all, but that's what he tell me anyway.
But, be advised.
TIB
do not expose your barix to the internet unless it's through a VPN from your exstremer to your studios and change the default password and port.
i don't have mine accessible to the public internet at all except to grab the stream.
if i need to access the web interface then i need to physically go to the location and get on the internal LAN to access the web interface.
Tim,
In a nutshell the T1 line is an extention of the LAN at the studio's to the transmitter site.
Think of it as a long ethernet cable, those cables you use to connect a computer directly to a modem, router or switcher. A really long ethernet cable able to span several miles.
It is probably assigned it's own static i.p. address, either by the router at the studio's end or provided by whomever installed the T1 in the first place. 1.54 mbps on a private intranet connection that is never bogged down by traffic from your neighbors devices like it is on a DSL connection. Smooth sailing.
I have heard first hand what happens when a station tries to use public DSL for an STL, timing is everything except when that DSL lags behind and your station i.d. you thought was right on the money is actually heard up to 5 seconds later than you first thought.
Of course a Barix box does what it can to compensate for packet losses, once your program material leaves the audio chain on a bogged down public dsl line it's at the mercy of all the other users.
Thankfully, T1 doesn't have that problem because you are the only user on a closed connection, no outside interaction is possible unless some fool breaks into the transmitter or studio's. That rarely happens.
Good Luck Tim with the extra station's.
Actually, i wouldn't mind having one myself lol
That's exactly how our IT guy explained it to me. It was like a long ethernet cable between us in the studio and the transmitter! The only way we can look at the Barix settings, etc is to use the computer set up for that purpose, in the studio, on our LAN.
TIB
My wife is IT,
No really, she is IT and software development trained. Oh and she is pretty awesome too 🙂
But i have had dealing with T1 myself in the past, thankfully i never had to set it up but i knew my way around it long before the younger folks did, i have also seen some guys who were computer savvy abuse studio gear, run levels wayy too hot and try to screw driver the audio input to the stations encoders feeding our stream.
I always just let the owner know who is twiddling with the controls and set it all back where it should have been in the first place. I was one of the few allowed to do engineering tasks but some of these kids coming out of computer classes and under budgeted A/V classes seem so sure they know better. When the owner and the engineer are brothers, i suggest you stay out of the tool box and stick with what ever it is you do on a mac book.
Let us know how things turn out, with both the added transmitter for KEBS AM and the additonal Full Power.
Both myself, the engineer, and our IT guy, are old farts with tons of actual broadcast experience so we're very anal about sound quality.
For the full power, we plan on moving the transmitter for our other FM to the site of the new FM - actually, replacing the 40+ year old transmitter in the process, and then feeding both with over the air STL's. We've had the same marti STL's running on the one station for over 40 years. Twice in the last 30, have they ever needed repairs. And then you just remove the bad one, run the station in combined mono while repairs are done. Most listeners never know the difference.
TIB
We use Barix to connect the studio at the university to the remote transmitter site (4 miles away) via a cable modem. The latency is less than 2 seconds. We set the stream at 128K which is plenty for FM stereo. The connection is 10 Meg so it just cruises along. "Tim's Oompha Hour" sound great!
The Class D AM I'm at was using Marti STL-8s before the finals burnt up, we're now running on a rebuilt Marti STL-10 pair. Its mono so only one transmitter is needed, the FM translator is fed via a Comrex Bric. The Class C and A in the cluster had been using mosely (sp?) STLs but upon moving the studio they now run Barix boxes on a direct Microwave link. (Kind of like a wireless T1 we have setup with the WISP that shares tower space)
Yeah, we're running STL 10's a pair for left & right. Since we bought that station in '91 neither of the transmitters have ever needed work. Each receiver has been removed and repaired once.
TIB
It's actually rare for a hacker to breach even an internet connected device, unless 1) you haven't set a password or in the case of a computer, disabled guest accounts along with weak file protection 2) inside knowledge.
Most are #2 - could be trojan software, disgruntled employees, even personal knowledge giving clues. Seemingly miraculous hacks (in seconds) only occur on TV.
This brought back memories:
where i was working previously and the setup i will use for my new part 15 am, they had set up (and i will use this method) barix instreamer but they used wireless ethernet bridge with ip radios encoder (along with an ethernet switch), and they would send the signal to the tx site. and at the tx site we would have another wireless ethernet bridge with ip radios decoder, (we would use another ethernet switch) and barix extreamer, it has its own private ip address where no one could get on it but it also had the ability to hook up to the internet with the ethernet bridge so you can send internet to the computers (if you have them set up at the receving site or tower site) along with the barix boxes and private ips. hope this helps.
There are a few stations that use the method that ABMedia mentioned, I've only seen them for sale in the radio magazines and haven't used one myself. Our Cluster uses Comrex for Linking between the two studios (they are in different cities) and for the FM Translator.