search

dkrivoruchko / ScreenStream

ScreenStream Android App
https://screenstream.io
MIT License
1.56k stars 320 forks source link

self signed httpS certificate #157

Open OmlineEditor opened 3 years ago

OmlineEditor commented 3 years ago

Please add a self-signed https certificate to improve security. Now broadcasting occurs without encryption via http and this is dangerous and not secure ---- RUS --- Прошу добавить самоподписанный https сертификат для повышения безопасности. Сейчас трансляция происходит без шифрования по http и это опасно и не безопасно

dkrivoruchko commented 3 years ago

I dont see any reason to add HTTPS if it's with not valid certificate. I will be flooded with questions from users: Why my browser shows that connection is insecure?

OmlineEditor commented 3 years ago

I dont see any reason to add HTTPS if it's with not valid certificate. I will be flooded with questions from users: Why my browser shows that connection is insecure?

the problem is not with the certificate. you need encryption and not a certificate. it will always show what is not safe. there are two options, not secure without encryption and not secure with encryption. I choose not secure with encryption. Please think about it. --- RUS --- проблема не в сертификате. нужно шифрования а не сертификат. показывать будет всегда что не безопасно. есть два варианта, небезопасно без шифрования и не безопасно с шифрованием. я выбираю не безопасно с шифрованием. Прошу подумать над этим.

dkrivoruchko commented 3 years ago
  1. This app does not provide any NAT/PAT bypass, so but default it will work with user controlled local net, so risks for traffic sniffing is small.
  2. To get streaming accessible worldwide you must configure port forwarding on you border router which has public IP. This obviously not a task for regular user. So in such case you can just proxy stream through some http server which will be accessible outside via correct HTTPS.
OmlineEditor commented 3 years ago
  1. This app does not provide any NAT/PAT bypass, so but default it will work with user controlled local net, so risks for traffic sniffing is small.
  2. To get streaming accessible worldwide you must configure port forwarding on you border router which has public IP. This obviously not a task for regular user. So in such case you can just proxy stream through some http server which will be accessible outside via correct HTTPS.

1) now the IPv6 protocol is becoming popular and my provider gives it, I wanted to use it. IPv6 requires encryption. I will not use the program only on the local network, I want to use it on the global network to help remote users. 2) i am an experienced user i know how to do it. I wanted the same users to be able to use your program without fear of traffic interception. --- RUS ---- 1) сейчас становится популярным IPv6 протокол и мой провайдер его дает, я хотела его использовать. Для IPv6 нужно шифрование. Я не буду использовать программу только в локальной сети, я хочу ее использовать в глобальной сети для помощи удаленным пользоваелям. 2) я опытный пользователь я знаю как это сделать. я хотела чтобы такие же пользователи смогли использовать вашу программу без опасения перехвата трафика.

dkrivoruchko commented 3 years ago

Well, the only reasonably good option for me now is to add option to import/set certificate to the app server. Will look in my free time.

OmlineEditor commented 3 years ago

Well, the only reasonably good option for me now is to add option to import/set certificate to the app server. Will look in my free time.

open a ticket if you want to do something for httpS

LanceCedSolleza commented 2 years ago

Any news about this?

dkrivoruchko commented 2 years ago

Noop. I don't have time for this now. If you can - make a PR