#webrtc — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #webrtc, aggregated by home.social.
-
🚨 Alert: #Developers have reached #peak #laziness with this 'watch videos with friends' hack. Instead of meeting IRL, let's just let #WebRTC handle the heavy lifting of hitting "pause" for us. 🙄 Because, you know, #sharing the #remote is *so* 2019. 📺🤦♂️
https://github.com/pion/rtwatch #watch #together #HackerNews #ngated -
Another great MoQ.dev blog post about why #WebRTC is horrible and #QUIC is lovely: https://moq.dev/blog/webrtc-is-the-problem/
-
Another great MoQ.dev blog post about why #WebRTC is horrible and #QUIC is lovely: https://moq.dev/blog/webrtc-is-the-problem/
-
Another great MoQ.dev blog post about why #WebRTC is horrible and #QUIC is lovely: https://moq.dev/blog/webrtc-is-the-problem/
-
Another great MoQ.dev blog post about why #WebRTC is horrible and #QUIC is lovely: https://moq.dev/blog/webrtc-is-the-problem/
-
Another great MoQ.dev blog post about why #WebRTC is horrible and #QUIC is lovely: https://moq.dev/blog/webrtc-is-the-problem/
-
C'est un des projets tech qui m'impressionne le plus en ce moment.
Demain matin on va tester Galene.
https://github.com/jech/galene
C'est un outil de visio (WebRTC), développé par une seule personne (un chercheur).
- Binaire Go sans dépendance (20mo de RAM IDLE)
- Un quart de coeur CPU utilisé pour 100 personnes dans une conf
- Soutenu par NLnet
- Outil officiel de LibrePlanet 24
- Utilisé dans 2 universités (Sorbonne et Paris Cité)
Et seulement 1,3k ⭐ sur Github...
En quittant CalCom j'ai perdu l'accès à leur outil de visio, j'ai donc dû en trouver un nouveau.
Jitsi et BigBlueButton sont des outils incroyables, mais très gourmand en ressource (et en administration).
Je suis tombé sur Galene en me perdant dans les recherches (Lightweignt alternative to...) et j'ai pas été déçu.
Je ne comprends pas que ça ne soit pas plus connu.
On en parle demain matin en live à 9h.
Sur PeerTube : https://videos.stackgui.de/w/tqLgvcWeHkjjVLSpFTw6Tz
Sur Twitch : https://batst.co/twitch
Sur YouTube : https://youtube.com/live/_T2Wj4Nf8II?feature=share
#galene #webrtc #sfu #go #lightweight -
C'est un des projets tech qui m'impressionne le plus en ce moment.
Demain matin on va tester Galene.
https://github.com/jech/galene
C'est un outil de visio (WebRTC), développé par une seule personne (un chercheur).
- Binaire Go sans dépendance (20mo de RAM IDLE)
- Un quart de coeur CPU utilisé pour 100 personnes dans une conf
- Soutenu par NLnet
- Outil officiel de LibrePlanet 24
- Utilisé dans 2 universités (Sorbonne et Paris Cité)
Et seulement 1,3k ⭐ sur Github...
En quittant CalCom j'ai perdu l'accès à leur outil de visio, j'ai donc dû en trouver un nouveau.
Jitsi et BigBlueButton sont des outils incroyables, mais très gourmand en ressource (et en administration).
Je suis tombé sur Galene en me perdant dans les recherches (Lightweignt alternative to...) et j'ai pas été déçu.
Je ne comprends pas que ça ne soit pas plus connu.
On en parle demain matin en live à 9h.
Sur PeerTube : https://videos.stackgui.de/w/tqLgvcWeHkjjVLSpFTw6Tz
Sur Twitch : https://batst.co/twitch
Sur YouTube : https://youtube.com/live/_T2Wj4Nf8II?feature=share
#galene #webrtc #sfu #go #lightweight -
C'est un des projets tech qui m'impressionne le plus en ce moment.
Demain matin on va tester Galene.
https://github.com/jech/galene
C'est un outil de visio (WebRTC), développé par une seule personne (un chercheur).
- Binaire Go sans dépendance (20mo de RAM IDLE)
- Un quart de coeur CPU utilisé pour 100 personnes dans une conf
- Soutenu par NLnet
- Outil officiel de LibrePlanet 24
- Utilisé dans 2 universités (Sorbonne et Paris Cité)
Et seulement 1,3k ⭐ sur Github...
En quittant CalCom j'ai perdu l'accès à leur outil de visio, j'ai donc dû en trouver un nouveau.
Jitsi et BigBlueButton sont des outils incroyables, mais très gourmand en ressource (et en administration).
Je suis tombé sur Galene en me perdant dans les recherches (Lightweignt alternative to...) et j'ai pas été déçu.
Je ne comprends pas que ça ne soit pas plus connu.
On en parle demain matin en live à 9h.
Sur PeerTube : https://videos.stackgui.de/w/tqLgvcWeHkjjVLSpFTw6Tz
Sur Twitch : https://batst.co/twitch
Sur YouTube : https://youtube.com/live/_T2Wj4Nf8II?feature=share
#galene #webrtc #sfu #go #lightweight -
Decentralized WhatsApp Clone - No Setup or Signup
https://positive-intentions.com
This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort. A fairly unique offering for a messaging app.
No need for things like phone numbers or registering to any app stores. There are no databases to be hacked Allowing users to send E2EE messages; no cloud, no trace.
#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics
-
Decentralized WhatsApp Clone - No Setup or Signup
https://positive-intentions.com
This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort. A fairly unique offering for a messaging app.
No need for things like phone numbers or registering to any app stores. There are no databases to be hacked Allowing users to send E2EE messages; no cloud, no trace.
#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics
-
Decentralized WhatsApp Clone - No Setup or Signup
https://positive-intentions.com
This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort. A fairly unique offering for a messaging app.
No need for things like phone numbers or registering to any app stores. There are no databases to be hacked Allowing users to send E2EE messages; no cloud, no trace.
#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics
-
Decentralized WhatsApp Clone - No Setup or Signup
https://positive-intentions.com
This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort. A fairly unique offering for a messaging app.
No need for things like phone numbers or registering to any app stores. There are no databases to be hacked Allowing users to send E2EE messages; no cloud, no trace.
#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics
-
Decentralized WhatsApp Clone - No Setup or Signup
https://positive-intentions.com
This is intended to introduce a new paradigm in client-side managed secure cryptography. We can avoid registration of any sort. A fairly unique offering for a messaging app.
No need for things like phone numbers or registering to any app stores. There are no databases to be hacked Allowing users to send E2EE messages; no cloud, no trace.
#Privacy #OpenSource #P2P #WebRTC #Decentralization #DigitalSovereignty #CyberSecurity #FOSS #SelfHosted #NoCloud #AntiCorp #Encryption #WebDev #TechLiberty #PrivateMessaging #Networking #DataPrivacy #InternetFreedom #LocalFirst #SoftwareEngineering #WebApps #ZeroKnowledge #PrivacyTech #IndieDev #NoSignup #NoInstall #DecentralizedWeb #SecureMessaging #BrowserApp #TechEthics
-
MiroTalk is a self-hosted video conferencing tool built on peer-to-peer WebRTC.
Run it in your browser, host private calls, and avoid accounts or tracking , no central servers needed.
A simple, privacy-focused alternative to Zoom or Google Meet for small setups.
👉 https://github.com/miroslavpejic85/mirotalk
👉 More privacy-friendly tools: https://digital-escape-tools-phi.vercel.app/#OpenSource #SelfHosting #Privacy #WebRTC #VideoCalls #DigitalMinimalism
-
Is there a way to configure #Coturn like this?
-
dc.send(file) не существует: что на самом деле нужно для передачи файла в браузере
dc.send(file) не означает, что файл уже доставлен. Между отправкой и реальной доставкой – буфер, relay, запись на диск, ACK, reconnect и потерянный после refresh File. Разбираю шесть production-проблем WebRTC-файлообмена, которые обычно остаются за пределами туториалов.
https://habr.com/ru/articles/1022522/
#WebRTC #RTCDataChannel #TURN #SCTP #File_System_Access_API #backpressure #signaling #ACK #P2P #передача_файлов
-
🚀 Oh joy, another groundbreaking innovation: moving #WebRTC from the browser to Go! Because what the world really needs is more ways to complicate a simple video call. 🙄 But hey, at least now you can run it "somewhere else"—wherever that is. 🎉
https://github.com/pion/handoff #Go #Innovation #VideoCalls #TechTrends #HackerNews #ngated -
Is this a #secure #MessagingApp? Maybe not yet, but it’s time to think about #DigitalPrivacy.
Imagine a #Messaging platform that’s as #secure as #Signal but requires #NoRegistration and #NoInstallation. By leveraging #WebRTC for direct #BrowserToBrowser communication, this #OpenSource project eliminates the #Middleman entirely. Simply share a unique #URL to establish an #Encrypted #PrivateChannel. It is a #Lightweight, #Disposable method to bypass #DataHarvesting and reclaim #DigitalSovereignty.
This project introduces a new #Paradigm in #ClientSide managed #Encryption. Send #Secure messages with #NoSetup, #NoCloud, and #NoTrace.
Experience the #Features:
* #PWA (#ProgressiveWebApp) for instant access
* #P2P (#PeerToPeer) connectivity
* #EndToEndEncryption (#E2EE)
* #SignalProtocol & #PostQuantum #Cryptography
* #Multimedia, #FileTransfer, & #VideoCalls
* #NoDatabase & #Stateless architecture
* #TURN server support for reliable connectionsWhile not yet a direct replacement for #Simplex or #WhatsApp, this introduces a unique approach to #SecureCommunication.
Try the #LiveDemo now:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=storyExplore the #Technical roadmap:
https://positive-intentions.com/docs/technical/p2p-messaging-technical-breakdownRead the full #Documentation:
https://positive-intentions.com/docs/technical#PrivacyTech #Privacy #CyberSecurity #Infosec #WebDev #JavaScript #Decentralized #EncryptionProtocol #QuantumResistant #Tech #FOSS #SoftwareEngineering #DataPrivacy #SecureChat #NoLog #P2PChat #WebRTCProtocol #Coding #DevCommunity #DigitalPrivacy #InternetFreedom #SecureMessaging #WebTech #AppDevelopment #CryptographyResearch #PrivateMessaging #WebPlatform #ZeroTrust #Innovation
-
Is this a #secure #MessagingApp? Maybe not yet, but it’s time to think about #DigitalPrivacy.
Imagine a #Messaging platform that’s as #secure as #Signal but requires #NoRegistration and #NoInstallation. By leveraging #WebRTC for direct #BrowserToBrowser communication, this #OpenSource project eliminates the #Middleman entirely. Simply share a unique #URL to establish an #Encrypted #PrivateChannel. It is a #Lightweight, #Disposable method to bypass #DataHarvesting and reclaim #DigitalSovereignty.
This project introduces a new #Paradigm in #ClientSide managed #Encryption. Send #Secure messages with #NoSetup, #NoCloud, and #NoTrace.
Experience the #Features:
* #PWA (#ProgressiveWebApp) for instant access
* #P2P (#PeerToPeer) connectivity
* #EndToEndEncryption (#E2EE)
* #SignalProtocol & #PostQuantum #Cryptography
* #Multimedia, #FileTransfer, & #VideoCalls
* #NoDatabase & #Stateless architecture
* #TURN server support for reliable connectionsWhile not yet a direct replacement for #Simplex or #WhatsApp, this introduces a unique approach to #SecureCommunication.
Try the #LiveDemo now:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=storyExplore the #Technical roadmap:
https://positive-intentions.com/docs/technical/p2p-messaging-technical-breakdownRead the full #Documentation:
https://positive-intentions.com/docs/technical#PrivacyTech #Privacy #CyberSecurity #Infosec #WebDev #JavaScript #Decentralized #EncryptionProtocol #QuantumResistant #Tech #FOSS #SoftwareEngineering #DataPrivacy #SecureChat #NoLog #P2PChat #WebRTCProtocol #Coding #DevCommunity #DigitalPrivacy #InternetFreedom #SecureMessaging #WebTech #AppDevelopment #CryptographyResearch #PrivateMessaging #WebPlatform #ZeroTrust #Innovation
-
Is this a #secure #MessagingApp? Maybe not yet, but it’s time to think about #DigitalPrivacy.
Imagine a #Messaging platform that’s as #secure as #Signal but requires #NoRegistration and #NoInstallation. By leveraging #WebRTC for direct #BrowserToBrowser communication, this #OpenSource project eliminates the #Middleman entirely. Simply share a unique #URL to establish an #Encrypted #PrivateChannel. It is a #Lightweight, #Disposable method to bypass #DataHarvesting and reclaim #DigitalSovereignty.
This project introduces a new #Paradigm in #ClientSide managed #Encryption. Send #Secure messages with #NoSetup, #NoCloud, and #NoTrace.
Experience the #Features:
* #PWA (#ProgressiveWebApp) for instant access
* #P2P (#PeerToPeer) connectivity
* #EndToEndEncryption (#E2EE)
* #SignalProtocol & #PostQuantum #Cryptography
* #Multimedia, #FileTransfer, & #VideoCalls
* #NoDatabase & #Stateless architecture
* #TURN server support for reliable connectionsWhile not yet a direct replacement for #Simplex or #WhatsApp, this introduces a unique approach to #SecureCommunication.
Try the #LiveDemo now:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=storyExplore the #Technical roadmap:
https://positive-intentions.com/docs/technical/p2p-messaging-technical-breakdownRead the full #Documentation:
https://positive-intentions.com/docs/technical#PrivacyTech #Privacy #CyberSecurity #Infosec #WebDev #JavaScript #Decentralized #EncryptionProtocol #QuantumResistant #Tech #FOSS #SoftwareEngineering #DataPrivacy #SecureChat #NoLog #P2PChat #WebRTCProtocol #Coding #DevCommunity #DigitalPrivacy #InternetFreedom #SecureMessaging #WebTech #AppDevelopment #CryptographyResearch #PrivateMessaging #WebPlatform #ZeroTrust #Innovation
-
Is this a #secure #MessagingApp? Maybe not yet, but it’s time to think about #DigitalPrivacy.
Imagine a #Messaging platform that’s as #secure as #Signal but requires #NoRegistration and #NoInstallation. By leveraging #WebRTC for direct #BrowserToBrowser communication, this #OpenSource project eliminates the #Middleman entirely. Simply share a unique #URL to establish an #Encrypted #PrivateChannel. It is a #Lightweight, #Disposable method to bypass #DataHarvesting and reclaim #DigitalSovereignty.
This project introduces a new #Paradigm in #ClientSide managed #Encryption. Send #Secure messages with #NoSetup, #NoCloud, and #NoTrace.
Experience the #Features:
* #PWA (#ProgressiveWebApp) for instant access
* #P2P (#PeerToPeer) connectivity
* #EndToEndEncryption (#E2EE)
* #SignalProtocol & #PostQuantum #Cryptography
* #Multimedia, #FileTransfer, & #VideoCalls
* #NoDatabase & #Stateless architecture
* #TURN server support for reliable connectionsWhile not yet a direct replacement for #Simplex or #WhatsApp, this introduces a unique approach to #SecureCommunication.
Try the #LiveDemo now:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=storyExplore the #Technical roadmap:
https://positive-intentions.com/docs/technical/p2p-messaging-technical-breakdownRead the full #Documentation:
https://positive-intentions.com/docs/technical#PrivacyTech #Privacy #CyberSecurity #Infosec #WebDev #JavaScript #Decentralized #EncryptionProtocol #QuantumResistant #Tech #FOSS #SoftwareEngineering #DataPrivacy #SecureChat #NoLog #P2PChat #WebRTCProtocol #Coding #DevCommunity #DigitalPrivacy #InternetFreedom #SecureMessaging #WebTech #AppDevelopment #CryptographyResearch #PrivateMessaging #WebPlatform #ZeroTrust #Innovation
-
Is this a #secure #MessagingApp? Maybe not yet, but it’s time to think about #DigitalPrivacy.
Imagine a #Messaging platform that’s as #secure as #Signal but requires #NoRegistration and #NoInstallation. By leveraging #WebRTC for direct #BrowserToBrowser communication, this #OpenSource project eliminates the #Middleman entirely. Simply share a unique #URL to establish an #Encrypted #PrivateChannel. It is a #Lightweight, #Disposable method to bypass #DataHarvesting and reclaim #DigitalSovereignty.
This project introduces a new #Paradigm in #ClientSide managed #Encryption. Send #Secure messages with #NoSetup, #NoCloud, and #NoTrace.
Experience the #Features:
* #PWA (#ProgressiveWebApp) for instant access
* #P2P (#PeerToPeer) connectivity
* #EndToEndEncryption (#E2EE)
* #SignalProtocol & #PostQuantum #Cryptography
* #Multimedia, #FileTransfer, & #VideoCalls
* #NoDatabase & #Stateless architecture
* #TURN server support for reliable connectionsWhile not yet a direct replacement for #Simplex or #WhatsApp, this introduces a unique approach to #SecureCommunication.
Try the #LiveDemo now:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=storyExplore the #Technical roadmap:
https://positive-intentions.com/docs/technical/p2p-messaging-technical-breakdownRead the full #Documentation:
https://positive-intentions.com/docs/technical#PrivacyTech #Privacy #CyberSecurity #Infosec #WebDev #JavaScript #Decentralized #EncryptionProtocol #QuantumResistant #Tech #FOSS #SoftwareEngineering #DataPrivacy #SecureChat #NoLog #P2PChat #WebRTCProtocol #Coding #DevCommunity #DigitalPrivacy #InternetFreedom #SecureMessaging #WebTech #AppDevelopment #CryptographyResearch #PrivateMessaging #WebPlatform #ZeroTrust #Innovation
-
Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.
We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.
7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.
https://www.enablesecurity.com/blog/introducing-dvrtc-damn-vulnerable-real-time-communications/
GitHub: https://github.com/EnableSecurity/DVRTC/
#infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN
-
Анатомия PhaaS-кита: как коммерческая фишинговая платформа фильтрует песочницы через browser fingerprinting
Разбираем фишинговое письмо, пришедшее на адрес НКО: от SendGrid-доставки с SPF/DKIM pass до реверса JavaScript-фреймворка collector.js, который собирает GPU fingerprint, ломает WebRTC для раскрытия IP за VPN и детектирует DevTools — до того как жертва увидит фишинговую форму.
https://habr.com/ru/articles/1014420/
#phishing #phishingasaservice #browser_fingerprinting #webrtc #sendgrid #incident_response #threat_intelligence #javascript
-
The Settings GUI in #konform #browser was in need of some love and is now having a refresh. Several new knobs, some shuffling around to make things more cohesive and less scattered, and some edits of hints to hopefully reduce potential for confusion.
New options for:
- First-Party Isolation
- Enhanced #tracking Protection tweaking in Custom mode (useful mostly for FPI users)
- #webrtc and ICE
- #dom Push and its optional network connection
- #jit features
- WebAssembly (#wasm)
- Geolocation
- WebGPU
- Async callstacks support
- Persisting of browser historyHints and the "advanced" options expand when clicking the "?" for parent option.
Still a bit hesitant on where global toggles for #webgpu and #webgl belong. And perhaps configuration for cross-origin referrer could also move to Browser Privacy controls?
Otherwise feels like things are coming together - What do you think? Anything you're missing or that feels out of place?
#privacy #websecurity #browsers #firefox #librewolf #userinterface #prerelease
-
via @dotnet : RT.Assistant: A Multi-Agent Voice Bot Using .NET and OpenAI
https://ift.tt/F9j4UYI
#RTAssitant #MultiAgent #VoiceBot #NET #OpenAI #RealtimeAPI #WebRTC #FSharp #FlowBusAgents #RTFlow #Prolog #TauProlog #RAG #PrologFacts #SQLtoProlog #MAUI #Fabulous … -
Разворачиваем self-hosted Matrix: Synapse + OIDC + LiveKit + подписанные обновления
Привет. Мне стало интересно, насколько реально одному разработчику собрать продакшн‑подобную инфраструктуру мессенджера без managed‑решений и «облачной магии». Не стартап‑презентацию, а инженерный эксперимент: развернуть стек, заставить его жить, увидеть слабые места и понять, что в этой системе действительно критично. На Хабре уже есть материалы про базовую установку Synapse + Element, но моя цель чуть другая — показать сборку, где к Matrix добавляется внешний слой идентификации (OIDC), VoIP‑инфраструктура (LiveKit + TURN) и механизм подписанных обновлений Android‑клиента. В статье — архитектура, ключевые конфиги и границы ответственности компонентов. В следующих частях разберу грабли, потому что в этом стеке они не побочный эффект, а часть реальности.
https://habr.com/ru/articles/1006904/
#Matrix #Synapse #OIDC #LiveKit #WebRTC #Docker #PostgreSQL #Android #Ed25519 #мессенджеры
-
RE: https://infosec.exchange/@enablesecurity/116130697375709804
Published the "how to fix it" companion to our TURN security threats post. Best practices guide + coturn config templates at three security levels.
Also discussing TURN security on WebRTC Live today: https://webrtc.ventures/webrtc-live/
https://www.enablesecurity.com/blog/turn-security-best-practices/
https://www.enablesecurity.com/blog/coturn-security-configuration-guide/ -
Two weeks ago we published our analysis of TURN security threats. Today: how to fix them.
New guides covering implementation-agnostic best practices (IP range blocking, protocol hardening, rate limiting, deployment patterns) and coturn-specific configuration with copy-paste templates at three security levels.
Best practices: https://www.enablesecurity.com/blog/turn-security-best-practices/
coturn guide: https://www.enablesecurity.com/blog/coturn-security-configuration-guide/
Config templates on GitHub: https://github.com/EnableSecurity/coturn-secure-configcoturn 4.9.0 dropped yesterday with fixes for CVE-2026-27624 (IPv4-mapped IPv6 bypass of deny rules) and an inverted web admin password check that had been broken since ~2019. The guides cover workarounds for older versions.
#infosec #webrtc #security #TURN #coturn #penetrationtesting #voip #serversecurity
-
Chaos Monkey but for Audio Video Testing (WebRTC and UDP)
https://github.com/MdSadiqMd/AV-Chaos-Monkey
#HackerNews #ChaosMonkey #AudioVideoTesting #WebRTC #UDP #GitHub
-
RE: https://infosec.exchange/@enablesecurity/116057294204565643
Wrote up our RTCon 2025 talk on TURN security threats. TURN servers are basically open proxies with extra steps. At DEF CON someone showed C2 over Zoom's TURN infra.
https://www.enablesecurity.com/blog/turn-server-security-threats/
#infosec #webrtc #security #TURN #penetrationtesting #voip -
TURN servers are meant to relay WebRTC media. To an attacker, they're just proxies.
We wrote up the threats we've been finding since 2017: relay abuse, DoS amplification, and software vulns.
https://www.enablesecurity.com/blog/turn-server-security-threats/
-
WhatsApp Clone... But Decentralized and P2P Encrypted (No Install or Signup)
The following is a technical breakdown of progress and how it works.
https://programming.dev/c/SecureComs@lemmy.ml
#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging
-
https://glitr.positive-intentions.com
Secure decentralized P2P messaging PWA
Progress update:
- UI improvements throughout
- Passkey-based encrypted data at rest.
- Introducing giphy integration
- Bug fixes throughoutNOTE: This is still a work-in-progress and a close-source project. Its far from finished and doesnt have the user-experience needed to promote the project to a wider audience. The implementation is based on the open source MVP seen here: https://github.com/positive-intentions/chat. It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.
* Docs: https://positive-intentions.com/docs/category/sparcle
* Reddit: https://www.reddit.com/r/positive/_intentions
* More: https://positive-intentions.com#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging #PWA
-
Want E2E encrypted messages and video calls with no downloads, no sign-ups and no tracking?
This prototype uses webRTC to establish a secure browser-to-browser connection. Everything is ephemeral and cleared when you refresh the page—true zerodata privacy!
Check out the pre-release demo here: https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story
(For those who have seen it before, i've added fixes and improvements throughout, so it might still be worth checking out)
NOTE: This is still a work-in-progress and a close-source project. Its far from finished and doesnt have the user-experience needed to promote the project to a wider audience. The implementation is based on the open source MVP seen [here](https://github.com/positive-intentions/chat). It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.
* Docs: https://positive-intentions.com/docs/category/sparcle
* Reddit: https://www.reddit.com/r/positive/_intentions
* More: https://positive-intentions.com#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging
-
Want E2E encrypted messages and video calls with no downloads, no sign-ups and no tracking?
This prototype uses webRTC to establish a secure browser-to-browser connection. Everything is ephemeral and cleared when you refresh the page—true zerodata privacy!
Check out the pre-release demo here: https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story
(For those who have seen it before, i've added fixes and improvements throughout, so it might still be worth checking out)
NOTE: This is still a work-in-progress and a close-source project. Its far from finished and doesnt have the user-experience needed to promote the project to a wider audience. The implementation is based on the open source MVP seen [here](https://github.com/positive-intentions/chat). It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.
* Docs: https://positive-intentions.com/docs/category/sparcle
* Reddit: https://www.reddit.com/r/positive/_intentions
* More: https://positive-intentions.com#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging
-
P2P Whatsapp Clone
Check out the pre-release demo: https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story).
Want to send #encrypted #WebRTC #messages and #videoCalls with #noDownloads, #noSignUps and #noTracking?
This prototype uses #PeerJS to establish a #secure #browserToBrowser #connection. Everything is ephemeral and cleared when you refresh the page—true #zerodata #privacy!
NOTE: This is still a work-in-progress and a #closeSource project. To view the #openSource version see [here](https://github.com/positive-intentions/chat). it has NOT been audited or reviewed. For #testing purposes only, not a replacement for your current messaging app.
- Docs: https://positive-intentions.com/docs/category/sparcle
- Reddit: https://www.reddit.com/r/positive_intentions
- GitHub: https://github.com/positive-intentions#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #Encrypted #infosec #cryptography #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #WebDev #TechDevelopment #ChatApp #javascript #InstantMessaging
-
WEBRTC MCU на основе браузерного движка
Сегодня видеоконференции — стандартный инструмент для бизнеса, образования и повседневного общения. Одной из ключевых технологий, лежащих в их основе, является WebRTC — открытый стандарт для обмена аудио, видео и данными в реальном времени. Однако качество работы и масштабируемость зависят от выбранной топологии взаимодействия участников. В этой статье разберем плюсы и минусы разных топологий.
-
E2EE P2P Messaging App
I recently introduced [metered.ca](http://metered.ca) for the STUN/TURN servers and the stability has hugely improved and so i'd like to ask for your feedback if you'd like to try it out.
Data isnt persisted (yet), so each page refresh will clear all keys.
(IMPORTANT: For testing and demo purposes only. This is a work-in-progress and far from finished. It has not been reviewed or audited. Do not use it for sensitive data.)
#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #Encrypted #infosec #cryptography #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #WebDev #TechDevelopment #ChatApp #javascript #InstantMessaging
-
Want to send messages and video calls with:
* no installs
* no sign-ups
* no tracking
* end-to-end encryptionThis new prototype uses PeerJS to establish a secure browser-to-browser connection. Everything is ephemeral and cleared when you refresh the page—true zerodata privacy!
Check out the [testable demo here](https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story).
I am working towards a look-and-feel to match Whatsapp as seen in this [hardcoded UI demo](http://glitr.positive-intentions.com).
IMPORTANT NOTE: This is still a work-in-progress and a close-source project. It is based on the open source MVP see [here](https://github.com/positive-intentions/chat). It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.
* Docs: https://positive-intentions.com/docs/category/sparcle
* Reddit: https://www.reddit.com/r/positive_intentions
* GitHub: https://github.com/positive-intentions#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging
-
🎮 Oh, joy! Another "groundbreaking" discovery: using #WebRTC #Datachannels to make #cross-platform games in Go! 🤦♂️ Because heaven forbid we use proven, reliable methods when we can overcomplicate things for no reason. 🚀 Let's all pretend this isn't just a glorified "why-am-I-doing-this" project.
https://pion.ly/blog/making-a-game-with-pion/ #Go #gaming #overcomplication #groundbreaking #HackerNews #ngated -
Send files privately. No cloud. No trace.
I’m working towards something for #secure / #private / #simple #P2P #filetransfer. It isnt as “simple” as it could be, im still working on it, but ive got it down to:
Zero-installation as a #PWA
Zero-registration by using local-only storage
#P2P-authentication using #WebCryptoAPI
Fast #datatransfer using #WebRTC, #syncthing, #croc, #sphynctershare and countless others. the key difference in my approach is that its a #webapp thats ready to go without any "real" setup process. you just need a browser.
I’m aware there are things like #SFTP and several other established protocols and tools. I started doing this because I was learning about #WebRTC and it seems suprisingly capable. This isnt ready to replace any existing apps or services.
(Note: I know you guys are typically interested in #opensource code. this project is a spin-off from a bigger project: https://github.com/positive-intentions/chat)
Let me know what you think about the app, features and experience you would expect from a tool like this.
---
SUPER IMPORTANT NOTES TO PREVENT MISLEADING:
These projects are not ready to replace any existing apps or services.
These projects are not peer-reviewed or security audited.
The chat-app is #opensource for transparency (as linked above)... but the file-app is not open souce at all (especially spicy when not reviewed or audited.).
All projects behind positive-intentions are provided for testing and demo purposes only.
-
WHIP — стандартный протокол общения WebRTC приложений
Всем привет! Давно я ничего не писал на Хабр про WebRTC. Наверное как‑то не было повода, да и WebRTC давно понятен и прост в общих чертах. Пара строк кода с одной стороны, пара строк кода с другой — вот и готово. Наверное. Там дальше есть несколько тонкостей. На самом деле — целое море тонкостей и обстоятельств, которые надо понимать и уметь с ними работать, но такая уж наша инженерная доля — криво неидеально читать и писать стандарты. Но сегодня я хочу рассказать не столько про WebRTC как таковой, сколько про велосипеды в его использовании в продакшн‑среде и о том, как тихо без помпы растёт новый стандарт для его сигналинга. На написание этой серии статей меня натолкнула активность Sean Dubois, создателя и мейнтейнера Pion — отличной WebRTC‑библиотеки для Golang.
https://habr.com/ru/companies/yandex_cloud_and_infra/articles/929936/
-
thanks for the reply! far from being discouraged, i appriciate your engagement. i will try to be reasonably brief in my reponse to your points and give a general update on progress and objective.
> scout out existing solutions
i have seem similar #webapp implementation, i think so far for "that kind" of chat app, the chat app is able to demonstrate similar basic functionality. for a wider adoption, the user interface needs to be more appealing, but i think its important to have a working proof-of-concept first. the project is specifically aiming to be a #javascript #localFirst #webapp.
a couple notable similar implementation to mine are:
- https://github.com/cryptocat/cryptocat
- https://github.com/jeremyckahn/chitchatter
(im sure there are many more, but i think my approach is yet different and unique to the ones i've come across.)> DO NOT DIY ENCRYPTION!
this is indeed a reccomended practice i have seen several times. here is a previsous reddit post on the matter: https://www.reddit.com/r/cryptography/comments/1cint8h/what_are_your_thoughts_on_subtlecrypto_vs_wasm ... tldr; the underlying implementation provided by the browser is the best way to go. i have implemented the #encryption using the #webcrypto #api. i aim to not use a library for this.
i generally try to word things in a way that users can provide feedback on features. the app is still in a very early stage, but has a reasonable amount of features. im generally open to requests and questions.
> minimum viable product
what you see as the chat app is also the #minimum #viable #product. i think its sufficiently demonstrates the basic functionality of a chat app. i think the next step is to make the app more stable and user friendly.
those other apps youve mentions ive come across before. what sets my approach apart is that mine it's purely a webapp. with what id like to describe as #p2p #authentication over #webrtc, im able to remove reliance on a backend for #authenticate #data #connections. in some cases, bypass the internet (wifi/hotspot). while there are several ways to #selfhost, in this approach of a #javascript implementation, im able to store large amounts of data in the browser so things like images and #encryptionKeys can be #selfhosted" in the browser. while this form has nuanced limitations, it also has interesting implications to security and privacy.
there are many nice features from the different apps you mentioned and i think i have some unique features too. the bottle neck in this project is that i dont put in enough time to the app.
> feel free to slowly ibtegrate them.
this is basically already my approach to get the app to where it is now.
thanks for the luck, take care and i hope you stay tuned for updates.
-
WebRTC debugging.
I spent hours debugging and now need to share the solution with the world.
Tried to establish a #WebRTC-based #p2p connection (using #yjs and y-webrtc) in a LAN behind NAT, but ICE failed. Neither STUN nor TURN seemed to help, nor did a local #Coturn or local signaling server.
The solution was to force TURN through TCP, i.e. using something like this as TURN id:
turn:ADDR:PORT?transport=tcp
Kudos for the final hint and other debugging pointers:
-
Python製WebRTCライブラリのaiortcにVP9対応のPRが出されている
Integrate VP9 coding through cffi & libvpx with tests. by R0NAM1 · Pull Request #1185 · aiortc/aiortc : 👀
---
https://github.com/aiortc/aiortc/pull/1185 -
Python製WebRTCライブラリのaiortcにVP9対応のPRが出されている
Integrate VP9 coding through cffi & libvpx with tests. by R0NAM1 · Pull Request #1185 · aiortc/aiortc : 👀
---
https://github.com/aiortc/aiortc/pull/1185 -
Python製WebRTCライブラリのaiortcにVP9対応のPRが出されている
Integrate VP9 coding through cffi & libvpx with tests. by R0NAM1 · Pull Request #1185 · aiortc/aiortc : 👀
---
https://github.com/aiortc/aiortc/pull/1185