[liberationtech] Zoom admitted, then denied, then admitted again that it censored an activist
Tom Ritter
tom at ritter.vg
Mon Jun 15 07:29:12 CEST 2020
On Sun, 14 Jun 2020 at 02:42, Seth David Schoen <schoen at eff.org> wrote:
>
> Aaron van Meerten writes:
>
> > I admit this part isn’t my focus, but my understanding is that the
> > technology is called “Insertable Streams”. The basic idea is a
> > hook within the WebRTC engine that allows media to be transformed
> > after capture, but still delivers certain identifiers such as which
> > packet contains a keyframe, or what volume levels to expect, while
> > keep the media itself from being parseable by the server, only the end
> > clients who have the key.
Thanks for this; this is immediately understandable why it's blocking
E2E multiparty video.
E2E two-person voice/video should still be achievable easily in
Firefox by exposing the peer's certificate fingerprints and allowing
the parties to compare them audibly. You know, minus the whole bit
where they wrote a paper about ZRTP where they apparently tricked
people successfully. =/
> I hope someone (other than surveillance vendors) has thought through
> whether any of the unencrypted metadata can leak something interesting.
> E.g. profiling the compression patterns in order to get some kind of
> statistics about the plaintext.
>
> https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/schuster
> https://ieeexplore.ieee.org/abstract/document/4531143
> https://ieeexplore.ieee.org/abstract/document/5958018
> https://dl.acm.org/doi/abs/10.1145/3029806.3029821
>
> Real-time video and audio compression with variable-rate codecs is
> (like other uses of compression together with encryption) already pretty
> risky. Adding more metadata about the streams might make it worse.
>
> It might be good to ask the researchers on some of these and similar
> papers whether the cleartext information that is still provided in this
> WebRTC model is an eavesdropping risk.
I think the answer is probably "Yes these attacks can work." And my
response would be "Let's solve one problem at a time." Insertable
streams allow you to tackle this problem as well: you can pad a
variable-bit codec out to fixed-bit, or swap the codec entirely. So
once you've got multiparty E2E we can take the next step.
-tom
More information about the LT
mailing list