search

tradel / hassio-addons

Apache License 2.0
3 stars 2 forks source link

Security issue with WebRTC Magic shared links? #3

Closed bobbeims closed 8 months ago

bobbeims commented 8 months ago

I've created links using the add-on UI > Links > WebRTC Magic section. I see that the generated links are in the form of 

https://alexxit.github.io/go2rtc/#share=<GUID>&media=video+audio

Does this mean I'm exposing my camera streams URLs to some sort of cloud db that could potentially be breached?

tradel commented 8 months ago

I've never used the WebRTC Magic addon, so I can't speak to it. I configured my camera URLs directly in Lovelace.

Note that your camera streams are already in the cloud. Abode sends all of the video to Amazon KVS for processing. Go2rtc is fetching the streams from Amazon, not directly from your camera.

On Tue, Jan 9, 2024 at 5:08 PM Bob Beims @.***> wrote:

I've created links using the add-on UI > Links > WebRTC Magic section. I see that the generated links are in the form of

https://alexxit.github.io/go2rtc/#share=&media=video+audio

Does this mean I'm exposing my camera streams URLs to some sort of cloud db that could potentially be breached?

— Reply to this email directly, view it on GitHub https://github.com/tradel/hassio-addons/issues/3, or unsubscribe https://github.com/notifications/unsubscribe-auth/AANRHPY2PH2IWXLW5E2WKRDYNW5UJAVCNFSM6AAAAABBTZM65KVHI2DSMVQWIX3LMV43ASLTON2WKOZSGA3TGMRVGMYDKMQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

bobbeims commented 8 months ago

Thanks for that reminder. As a computer system architect with 40 years of experience, I'm embarrassed that I didn't intuitively jump to that conclusion. Offloading all of the image processing to AWS is the only way Abode can keep the cost of the Cam 2 so low.

tradel commented 8 months ago

No worries. And on the plus side, we got to learn a bit about Amazon Kinesis!

Todd Radel

[image: icon] +1 (484) 557-5699 <+1(484)557-5699> [image: icon] links.tradel.me

[image: icon] @.***

[image: github] https://github.com/tradel

[image: threads] https://threads.net/toddradel

[image: facebook] https://facebook.com/todd.radel

[image: instagram] https://instagram.com/toddradel/

[image: linkedin] https://linkedin.com/in/tradel/

[image: twitter] https://twitter.com/tradel [image: photo] https://links.tradel.me

[image: tpx]

On Thu, Jan 11, 2024 at 10:46 AM Bob Beims @.***> wrote:

Thanks for that reminder. As a computer system architect with 40 years of experience, I'm embarrassed that I didn't intuitively jump to that conclusion. Offloading all of the image processing to AWS is the only way Abode can keep the cost of the Cam 2 so low.

— Reply to this email directly, view it on GitHub https://github.com/tradel/hassio-addons/issues/3#issuecomment-1887449443, or unsubscribe https://github.com/notifications/unsubscribe-auth/AANRHP2X2GDUIDAJVS6V4OLYOACLTAVCNFSM6AAAAABBTZM65KVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQOBXGQ2DSNBUGM . You are receiving this because you commented.Message ID: @.***>