ZagButNoZig
commented
1 year ago @jrose-signal any updates on this? It still seems to be on main one year later. Is this a security/privacy concern?
Open lgrahl opened 2 years ago
ZagButNoZig
commented
1 year ago @jrose-signal any updates on this? It still seems to be on main one year later. Is this a security/privacy concern?
awaitlink
commented
7 months ago Looks like there's some movement to make it encrypted: https://github.com/signalapp/webrtc/pull/164.
lgrahl
commented
7 months ago Looks like there's some movement to make it encrypted: signalapp/webrtc#164.
Nah, that's just audio atm (although I'm not sure why one would need to leave parts of an audio frame unencrypted).
There's an open todo you probably don't want left unresolved in production.
AFAIK this means that the first 7 bytes of the VP8 payload after the header are usually left unencrypted. The fix should be very simple by looking at the P bit (as done by your SFU) to determine whether to leave 3 or 10 bytes unencrypted.