Slashdot Mirror

← Back to Stories (view on slashdot.org)

Most Secure Digital Audio Player?

Posted by Cliff on from the once-in-it's-terribly-hard-to-get-it-out dept.

PaleGreen asks: "What's the most secure portable Digital Audio Player (DAP) in terms of a true 'one-way' file copy mechanism? I want to be sure a curious coworker can't leech my portable's treasures while I'm out to lunch (or even worse, if I lose it). I'm aware of 'iPod backup' solutions that seem to get around Apple's protection. Are the Windows Media 'Plays For Sure' devices more secure in this area? Are there portables that support a hardware password (similar to a BlackBerry, where the unit resets to factory defaults after ten bad password attempts)?"

52 comments

  1. Simple Solution by samael · · Score: 3, Informative

    Take.

    It.

    With.

    You.

    --
    My Journal
    1. Re:Simple Solution by jannesha · · Score: 1

      Exactly.

      Plus, that way, you have stuff to listen to while you eat.

    2. Re:Simple Solution by NanoGator · · Score: 2, Insightful

      "Take it with you" is not a solution. At best it's a good practice. Seriously, if that's all it took, then pickpockets would be out of a job.

      As for why he'd want to do that, it's simple: Lots of music players offer recording capabilities. Some people actually put those to good use. I used to have a PocketPC. One of the things I did with it was I recorded voice notes for story ideas. Those are ideas I don't want others getting ahold of. I can see using music players with record capabilities being used in the same way. For some people, this really is an interesting question.

      Honestly guys, I don't know why these knee-jerk 'answers' are so 'informative'.

      --
      "Derp de derp."
    3. Re:Simple Solution by mehu · · Score: 1

      "Take it with you" is not a solution. At best it's a good practice. Seriously, if that's all it took, then pickpockets would be out of a job.

      Actually, by definition, pickpockets pick things out of people's pockets, so taking it with them is what gives them their job.

    4. Re:Simple Solution by Anonymous Coward · · Score: 0

      "Actually, by definition, pickpockets pick things out of people's pockets, so taking it with them is what gives them their job."

      That was the point. Read it again.

    5. Re:Simple Solution by munpfazy · · Score: 1

      >As for why he'd want to do that, it's simple: Lots of music pla
      > offer recording capabilities. Some people actually put those to
      > use.

      Sounds plausible, and not a bad reason to demand secure audio players.

      But in this case, the poster hasn't said anything about preventing people from using headphones to listen to his audio. His emphasis on one-way copying mechanisms suggests that keeping his audio private isn't a goal at all, he just wants to make sure no one copies the files themselves.

      Why anyone would spend time worrying about such a thing is beyond me. Perhaps he listens to files which have personalized signatures embedded in them and he's afraid someone's going to come knocking on his door when they escape into the wild? Sounds more than a little paranoid, but perhaps not totally insane. We certainly live in a world in which media companies do attack individual people for file sharing.

      As for the original poster, I'd say try to switch to a job where people don't tend to access your hardware without permission, or failing that, ask for a desk drawer with a lock on it. (Then again, it's possible the poster is such a paranoid nutball that perfectly normal co-workers actually are likely to play with his toys just for the fun of seeing him go berserk. In that situation, I'd be more likely to *upload* tracks onto his player, but perhaps that's just me.)

    6. Re:Simple Solution by NanoGator · · Score: 1

      "But in this case, the poster hasn't said anything about preventing people from using headphones to listen to his audio. His emphasis on one-way copying mechanisms suggests that keeping his audio private isn't a goal at all, he just wants to make sure no one copies the files themselves."

      He very cleary mentioned an access password. You're right, he wasn't all that clear. Presumably, though, he wants to lock it like people lock their cell phones.

      "As for the original poster, I'd say try to switch to a job where people don't tend to access your hardware without permission, or failing that, ask for a desk drawer with a lock on it."

      Eh. It's easier to just spend a couple hundred bucks on a music player he's more comfortable with. Cell phones have this feature, why not music players? Perfectly legitimate question. If anything, he might simply want to discourage his workers from playing with his toys. I had a coworker that had an interesting solution to that problem. He kept a rubberband gun in his office.

      Did he shoot people with it? Nah. What would happen is people would walk into his office, pick up the gun, then fire off a few shots. After they put it down, they'd ask what the gun is for. He'd then explain that the gun was there as a study on human behaviour. He mentioned some of the statistics. "It's interesting how many people shoot that thing at other people." From there, people would ask permission before picking his stuff up. Heh.

      --
      "Derp de derp."
    7. Re:Simple Solution by samael · · Score: 1

      Honestly guys, I don't know why these knee-jerk 'answers' are so 'informative'.

      Actually, I was going for 'funny'. I don't think I was informative at all.

      --
      My Journal
    8. Re:Simple Solution by NanoGator · · Score: 1

      Oops...

      Sorry I jumped on ya about it. Guess I'm a hypocrit. Hehe. :)

      --
      "Derp de derp."
    9. Re:Simple Solution by BlogPope · · Score: 1
      Actually, I was going for 'funny'. I don't think I was informative at all.

      But Funny mods can lead to Karma destroying wars between those who mod Funny and those that mod Troll.

      --
      My other car is a Popemobile
  2. We're speechless. by Elwood+P+Dowd · · Score: 5, Funny

    I think we're all mortified by thinking about what you've got on your audio player that you're so worried about.

    --

    There are no trails. There are no trees out here.
    1. Re:We're speechless. by LoRdTAW · · Score: 2, Funny

      Yanni and Michael Bolton.

  3. Huh? by jhoger · · Score: 2, Insightful

    Your co-worker leeching files impacts you in what way?

    Why do you care?

    I'd be more concerned about the physical security of my player.

  4. [meta-discussion] by Anonymous Coward · · Score: 0

    The most useless Ask Slashdot ever?

    1. Re:[meta-discussion] by teksno · · Score: 3, Insightful

      do mod points work for stories, or just comments???

      cause this guy needs to be placed around -1*10^99^99

    2. Re:[meta-discussion] by haplo21112 · · Score: 1

      Yeah..useless..pointless, and all around stupid, I can't believe the moderators even posted this stupidity.

      --
      Power Corrupts,Absolute Power Corrupts Absolutely, leaving one person(group)in charge is absolutely corrupt.
  5. Ummm who cares by yasth · · Score: 2, Insightful

    MS's plays for sure is very secure, well except for the simple expedient of an audio to audio cable and pressing record on something with a line in.

    Really though who cares? Actual theft with you having good intentions (i.e. no handing them the player and pointing them to the "backup" software) means you are not liable. It would be like leaving a cd at your desk and someone snatching it and copying it. If you catch them at it, and want to be a b*tch report them to the riaa.

    --
    I'd do something interesting, but my server can't handle a slashdotting.
  6. Let me get this straight... by biglig2 · · Score: 3, Funny

    ... you're asking Slashdot to recommend which audio player has the best DRM?

    --
    ~~~~~ BigLig2? You mean there's another one of me?
    1. Re:Let me get this straight... by computersareevil · · Score: 1

      Yep, it's a troll. But nevertheless, we should know the answer, if we are serious about fighting DRM.

    2. Re:Let me get this straight... by Anonymous Coward · · Score: 0

      And there was me thinking that "security" was stopping someone who shouldn't have access from "getting in" an "DRM" was someone who should have access from doing so?

    3. Re:Let me get this straight... by computersareevil · · Score: 1

      Uh, why else would you have a "one-way copy mechanism"? MP3 players only copy one-way as a way to RESTRICT duplication. It's part of their DRM. Duh.

  7. Well... by Curmudgeonlyoldbloke · · Score: 2, Funny

    Obviously you'd want to copy everything off it onto your PC when you walk away from your desk, encrypt it with something like Gnupg, delete the contents, put the encrypted versions of the files down, walk away, walk back, transfer the encrypted versions back to your PC, unencrypt, delete the encrpyted versions and transfer the unencrypted versions back.

    Or (seeing as you mentioned it), you could try the Blackberry route - it's strongly rumoured (if not already confirmed) that some newer versions will play audio. It may not exactly be the most cost effective digital music player, but at least it's secure, right?

    (OK, I know I shouldn't feed the trolls - but when the ARTICLES are trolls, what then?)

  8. Re:Simple Solution (Extended) by Anonymous Coward · · Score: 0

    Lock it in you draw.

    Take.

    (Key|Workers).

    With.

    You.

  9. How to copy files off an iPod by Hanashi · · Score: 4, Informative
    You say the backup solutions "seem to" get around file copying restrictions? There aren't any restrictions. Simply connect your iPod to your PC (I'm assuming Windows since I don't have a Mac handy).

    When it mounts the iPod as a new drive, open that folder in explorer and then select Tools -> Folder Options from the menu bar. Click the View tab and select "Show hidden files and folders", then click OK.

    Now you should see an additional folder on your iPod drive called iPod_Control. Open it up and find your music files in a set of subdirectories under the iPod_Control/Music/FXX folders, where XX is a bunch of two digit numbers.

    The file names may or may not make much sense, but never fear. If you have ID3 tags in the files, you can just copy the files from the iPod onto your hard drive, then import them into a jukebox that understands ID3, and they'll be perfectly readable again.

    Don't use this to pirate music. I only mention it because I thought it was odd that every iPod owner on Slashdot didn't know about it yet.

    --
    Check out my eclectic infosec blog at InfoSecPotpou
    1. Re:How to copy files off an iPod by sithsasquatch · · Score: 2, Informative

      The only "copy restrictions" apply to sending music from your ipod to someone else's iTunes. But if you enable it as a disk, your "restrictions" disappear.

      --
      With so many ppl on /., how am I supposed to come up with a unique sig?
  10. Secure solution by Anonymous Coward · · Score: 0

    Take a brick and drill a hole into it for the headphones. Very secure.

    1. Re:Secure solution by Shadarr · · Score: 1

      Wrap the player in duct tape so it doesn't look like a music player. And then hide it under your hat!

      --
      Bite the hand.
    2. Re:Secure solution by MarkGriz · · Score: 1

      Wrap the player in duct tape so it doesn't look like a music player. And then hide it under your hat!

      Or if you're really paranoid, hide it under your tinfoil hat, for that extra level of protection.

      --
      Beauty is in the eye of the beerholder.
  11. Well... by sithsasquatch · · Score: 1

    Stuff on your iPod that you get from their Music store is difficult to break DRM if YOU (the purchaser) don't want to. Since the files can only be played on "authorized" comps, I suppose that counts as a secure music player.

    On the other hand, if your music collection is of really poor sound quality, nobody will WANT to steal your music.

    --
    With so many ppl on /., how am I supposed to come up with a unique sig?
  12. Most Restrictive by R3D · · Score: 1

    Mini Disc.

  13. If you lose it . . . by sithsasquatch · · Score: 1

    Worrying about someone getting your music should be the least of your worries.

    --
    With so many ppl on /., how am I supposed to come up with a unique sig?
  14. WOM? by Bastian · · Score: 2, Funny

    Maybe you're looking for one of the many devices that utilize write-only memory?

  15. Dear Slashdot... by Monte · · Score: 4, Funny

    I have a good number of books in my bookcase at work, and I don't want some busybody no-goodnik pinko commie rat bastard co-worker to waltz in and photocopy one of my treasured tomes - or worse yet, steal the volume outright! Some people even have the nerve to turn to the last part of the book first and spoil the ending for themselves, if you can believe that. Obviously, I want to prevent this from happening.

    What bookcases have the best anti-personel features? Would the security of several bear traps near the bookcases be worth the possible civil liability? Does anyone know of a reliable, cheap source for claymore mines on the web?

    Signed,
    Worry R. Wart

    1. Re:Dear Slashdot... by Vo0k · · Score: 1

      I suggest one of these. You can be sure your co-workers won't read books you put in these.

      --
      Anagram("United States of America") == "Dine out, taste a Mac, fries"
    2. Re:Dear Slashdot... by Y+Ddraig+Goch · · Score: 1

      I've found that an IR heat sensor, a thumb print scanner and a 50 CAL machine gune do a good job. Configure the heat sensor to activate the 50 CAL if it senses a warm body in your cube that doesn't have proper authorization from the thumb print scanner. The only problem is that of co-workers stealing my thumb and using it on the scanner...

      --
      Meddle thou not in the affairs of Dragons, for thou art crunchy and with most anything.
    3. Re:Dear Slashdot... by Grab · · Score: 1

      Or your books won't be read by co-workers you put in one of these either...

  16. Is this a joke? by skinfitz · · Score: 1

    Are you serious? I was at least expecting a "...so I know which one to avoid" thing at the end of the question.

  17. If you want security hassles... by phorest · · Score: 2, Insightful
    Just buy anything SONY. They are the worst for DRM nightmares.

    Incidentally, I want to form a SONY-haters club, any takers...any thoughts?

    --
    God: When you do things right, people won't be sure you've done anything at all.
    1. Re:If you want security hassles... by jrockway · · Score: 2, Insightful

      I will join. I don't even want to get started on how much I hate them, so I won't. Let's just say that every time I buy something of theirs I get royally burned. Every. Damn. Time. (Needless to say, I don't buy their shit anymore.)

      --
      My other car is first.
    2. Re:If you want security hassles... by thegrassyknowl · · Score: 2, Insightful
      Incidentally, I want to form a SONY-haters club, any takers...any thoughts?

      You can join mine... I started it back when cassette tapes were the next big piracy issue. My auto-reverse walkman just would not play the reverse side of any cassette without chewing it. Take out the cassette and turn it over and it played the back side fine.

      Sony had it back on no less than 10 occasions. Eventually the year ran out and the warranty was expired.. do you think I could get a refund? They wouldn't even fix it.

      I've voted with my wallet ever since.

      The moral of this really long story is that I HATE Sony too.

      Oh, and on the topic of music players that you can't extract anything from, why not get one of those encrypted USB memory sticks and plug it into your... computer. If your co-workers swipe it the most they'll get is garbage. If anyone with a clue swipes it.. well they might be able to figure it out, and if they can work out your encrypted USB memory then they can thwarte the anti-readback on and-old media player.

      --
      I drink to make other people interesting!
  18. Excellent way to zot BlackBerry owners, I guess by msuzio · · Score: 1

    Wow, I had no idea BlackBerry devices did that. I'll be sure to try "abc123" 10 times on the next one I get my hands on, and then we'll see how much the person loves that feature.

    What a moronic thing to do. I thought it was realized years ago what a great DOS opportunity things like this are. Much like auto-locking accounts on bad password attempts...

    --
    It's a strange world -- let's keep it that way
    1. Re:Excellent way to zot BlackBerry owners, I guess by Daniel+Boisvert · · Score: 1

      Given that many folks who use these devices work in financial services or other fields that deal with sensitive information, it's worth $Lots to them to ensure that nobody else can get ahold of their data. It's better for the data to be accidentally erased and restored from backup 10 times than for somebody else to gain access to it once.

      We're not talking about a device which has Aunt Jane's need to keep track of her nieces' and nephews' birthdays as its primary purpose here..

  19. Social Engineering by Anonymous Coward · · Score: 5, Funny

    Sometimes, lowtech is the best option. I once faced a similar problem with nozy coworkers. My solution was to store a personal diary on my mp3 player. In it, I descibed in exacting detail the little things of the day, like the weather, or the nice flowers on the receptionst's desk, and of course how I would brutally kill each and every one of my coworkers.

    I found that keeping this diary improved not only my mood but the mood of everyone in the office. People started being so nice to me. For example, if I late on doughnut day and mention it to someone, they give me their doughnut. I didn't even have to ask for it. Whenever I ask someone to please be a little quiter, they immediately quiet down and give me such a nice smile. And when it's time to leave, they give me the elevator all to myself. Now that's love.

    Once in a while, I still ask a coworker if he's been snooping around my ipod. Everytime he emphatically denys it and gives me this wonderful speech about we're such good friends and swears that unlike some people he would never do that to me. And it's not just words to him; whenever he says it, he gets all choked up about it, and tears run down his face. He means it.

    I never imagined just how much a diary could change my life. Start a diary today, and let the love in.

    1. Re:Social Engineering by Anonymous Coward · · Score: 2, Funny
      Wait a minute.

      You started the diary before brutally killing your coworkers?

      Now I know where I went wrong. Thank you!

  20. GPG by nathanh · · Score: 1

    I store backups of my home directory on my portable player. To secure them, I encrypt the tarballs with gpg and keep the private key on a CD-R at home. The technique is pretty simple;

    tar czvf - /home/username | gpg -e -r username > backup.tar.gz.gpg

    Then copy the backup to your player. The backup is reasonably safe - at least for a few years - if the player is stolen or lost. If you lose the CD-R with the key you're stuffed, so keep it safe.

  21. !DRM by sirmikester · · Score: 1

    I think the guy is trying to find out which player has the best DRM implementation in order to avoid it at all costs. Therefore any other player that he buys will not be the most restrictive...

    --
    In linux libertas
    1. Re:!DRM by gl4ss · · Score: 1

      yeah, there really isn't any other sensible explanation.

      though, he might just be stupid and think that he'll use it for secure backups or something - though if nobody can get them off from there what's the point?

      and if he is storing just regular file, why not encrypt them like he should??

      --
      world was created 5 seconds before this post as it is.
  22. IDE Hard Drive Hack by guard952 · · Score: 1

    http://www.bbdsoft.com/ide.html
    Using the above chart, it should be simple to just disconnect the "read" pin (25) on any IDE Hard Drive. Making all your data very secure!

  23. Foo by Kanasta · · Score: 1

    When your lovely coworker leeches your portable's treasures (do you have any issues?), you don't actually lose access to them. In fact, you are completely unaffected unless they tell you they have copied your stuff.

    Hence maker's reluctance to spend money adding such a useless feature.

    ---
    Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment.

    It's been 5 minutes since you last successfully posted a comment

    Resetting to factory defaults after ten bad password attempts would deprive you of access to your portable's treasures, which is plain stupid since now your lovely coworker has your stuff and you don't.

  24. Simple! by Squozen · · Score: 1

    Drawer + key = win.

    If you're using a Mac, you can easily create an encrypted disk image to protect any files you might store on an iPod. If you're running Windows, I'm sorry.

  25. DRM is evil by binaryspiral · · Score: 1

    You insensitive clod - DRM is evil!

    If your co-workers are doing anything to your stuff without your permission - then you got other issues. Don't rely on the greed of the RIAA to solve your problems... and in the process f*** it up for the rest of us.

    Lazy moron... confront the asshat(s) and tell them to keep their dickbeaters off your stuff. If they continue to "borrow" music off your device - then take it to the next level -

    use a audio tool like KISS to generate screeching audio tracks or clips from porn movies or just your coworker's conversations when you're gone. Encode them in MP3 and name them after popular songs.

    Leave the bait.

    Or my personal favorite - find a dead mp3 player on ebay and rip out the insides. Rewire the recharging connection inside so that it passes 110v or 220v directly to the data i/o port. When your coworkers come by to "borrow" some music they suddenly find their USB ports are toasted. Problem solved.

  26. Forget about ! Don't be an idiot! by haplo21112 · · Score: 1

    What are you some kind of ass monkey media nazi!

    Don't buy in to the RIAA/MPAA mindshare, their koolaid is bad for you. Music is meant to be shared, don't worry about your friends and coworkers sneaking your files off your DMP and just give them the tunes.

    You make me want to puke! Don't legitimize DRM technologies and such forth. No one needs the RIAA and such forth to actually think its a good idea.

    --
    Power Corrupts,Absolute Power Corrupts Absolutely, leaving one person(group)in charge is absolutely corrupt.