WebRTC for group calling
As far as I know, WebRTC reveals IP addresses of two peers. Suppose that an app uses WebRTC and all traffic go through application server if group call is used. Can ISP see IP addresses of group participants in this case?
Category Archives: WebRTC
Is the video/audio traffic from WebRTC TURN relay servers encrypted end-to-end? As with the applications Signal and Jitsi Meet
Today I found a video on YouTube that surprised me (https://www.youtube.com/watch?v=Pkc3sE6iKV4). It is by Rob Braxman, a privacy advocate with a lot of expertise.
He talks about all kinds of video conferencing situations. Like one-to-one,… Continue reading Is the video/audio traffic from WebRTC TURN relay servers encrypted end-to-end? As with the applications Signal and Jitsi Meet
What, if anything, are the consequences of temporarily enabling and then disabling WebRTC in Firefox?
For security and privacy purposes, it’s best to keep WebRTC disabled if you aren’t using it. Firefox makes this easy by simply setting media.peerconnection.enabled to false.
Due to COVID-19, the use of teleconferencing has increased drama… Continue reading What, if anything, are the consequences of temporarily enabling and then disabling WebRTC in Firefox?
Can Ed25519 be used to mitigate MITM attack on WebRTC with an untrusted signaling channel?
Based on this question, I’ve discovered that the signaling channel for WebRTC must be trusted in order to prevent MITM attacks. This is unfortunate for a P2P use-cases where the signaling channel is some 3rd party device.
One idea I had i… Continue reading Can Ed25519 be used to mitigate MITM attack on WebRTC with an untrusted signaling channel?
Is the SDP a=crypto attribute relevant when DTLS-SRTP is used?
The a=crypto attribute in RFC 4568 has a separate section 9.2. for SRTP “Crypto” Attribute Grammar. What it basically includes is a list of attribute values required for encrypting media (crypto suite, method, session params… Continue reading Is the SDP a=crypto attribute relevant when DTLS-SRTP is used?
Robot Allows Remote Colleagues To Enjoy Office Shenanigans
[Esther Rietmann] and colleagues built a Telepresence Robot to allow work at home teammates to have a virtual, but physical presence in the office. A telepresence robot is like a tablet mounted on a Roomba, providing motion capability in addition to an audio/video connection. Built during a 48 hour hackathon, …read more
Continue reading Robot Allows Remote Colleagues To Enjoy Office Shenanigans
Is public and local IP addresses of computer behind NAT a sensitive information? [duplicate]
This question already has an answer here:
How bad is the leaking of Internal IP addresses through external DNS
2 answers
Pi Zero Streams Video From “Fake” Security Camera
Fake security cameras are advertised as a cheap way to deter anyone who might be up to no good. This isn’t a crime and punishment blog, so we’re not really in a position to say how accurate that claim actually is, but we see enough of these things for sale …read more
Continue reading Pi Zero Streams Video From “Fake” Security Camera
Fortigate "WebRTC.Local.IP.Addresses.Disclosure" Event
We have a Fortigate perimeter firewall, and today I detected this event.
What should I do to improve protection?
How can someone obtain local IP address through a firewall?
The following alert was observed:
“WebRTC.Loc… Continue reading Fortigate "WebRTC.Local.IP.Addresses.Disclosure" Event
How to decrypt Diffie-Hellman encryption in WebRTC?
I have installed a WebRTC server application, which is designed for Contact Center solutions: communicates with internal PCs in pure RTP (agents), and with external PCs (customers) using encrypted WebRTC. WebRTC is encrypted with Diffie-He… Continue reading How to decrypt Diffie-Hellman encryption in WebRTC?