We covered End-to-end encryption (E2EE) before, first back in 2020 when Zoom’s claims to do E2EE were demystified (not just by us; they later got fined $85m for this), followed by the quite exciting beta implementation of E2EE in Jitsi using Chromium’s Insertable Streams API. A bit later we had Matrix explain how their approach […]
e2ee
Meet vs. Duo – 2 faces of Google’s WebRTC
A very detailed look at the WebRTC implementations of Google Meet and Google Duo and how they compare using webrtc-internals and some reverse engineering.
How does WebRTC End-to-End Encryption work? Matrix.org example (Dave Baker)
One of WebRTC’s great features is its mandated strong encryption. Encryption mechanisms are built-in, meaning developers don’t (often) need to deal with the details. However, these easy, built-in encryption mechanisms assume you have: 1) media is communicated peer-to-peer and 2) a secure signaling channel setup. Most group-calling services make use of a media server device, […]
FaceTime finally faces WebRTC – implementation deep dive
Deep dive analysis on how FaceTime for Web uses WebRTC. Philipp “Fippo” Hancke uses webrtc-internals, Wireshark, and reviews the JavaScript implementation to expose Apple’s implementation details.
True End-to-End Encryption with WebRTC Insertable Streams
A couple of weeks ago, the Chrome team announced an interesting Intent to Experiment on the blink-dev list about an API to do some custom processing on top of WebRTC. The intent comes with an explainer document written by Harald Alvestrand which shows the basic API usage. As I mentioned in my last post, this is the […]