SecureMeeting is end-to-end encrypted
The worlds safest meeting place just got safer
Uniting humanity on a browser
One meeting at a time.
SecureMeeting proudly serves thousands of daily patrons spread over 90 different countries in every time-zone and continent imaginable.
Today, we are proud to announce that every video-call and chat on our platform is end-to-end encrypted. This means that nobody can ever snoop into your conversation. No ISP, hostile nation, hackers/snoopers — heck, most certainly not us — get to decrypt your content.
Despite our traction, we are clueless about the identity of our users or their activities — and we are proud of that fact. Communication is a basic human right. We’re privileged to be the vanguard of that freedom.
Some of our users have reached out and say they use it for work, some say they use it for fun. Regardless, we unite people all over the world and thats really all we need to know.
The rest of this post will talk about how we implemented Insertable-streams (in simple terms) to make e2e encryption happen.
Background
If you’ve ever had a video or audio call using your computer, you’ve most likely interacted with a piece of technology known as WebRTC. WebRTC is a free and open-source project providing web browsers and mobile applications with real-time communication via application programming interfaces. Thousands of applications such as Discord, WhatsApp, Google Meet, and SecureMeeting all rely on WebRTC to facilitate all the calls on their platforms.
Issues with WebRTC
WebRTC was built to facilitate Peer-to-Peer communications on the web. When WebRTC is used with a peer-to-peer architecture, all of the content is end-to-end encrypted via DTLS. While this sounds perfect, the issue is that peer-to-peer calls do not scale well as more people join the call. To fix these scaling issues developers use a selective forwarding unit(SFU) to reduce the number of connections that each peer needs to maintain(learn more about WebRTC and WebRTC architectures here).
While this helps calls scale, it sacrifices the end-to-end encryption in WebRTC. This is because when a call is made with an SFU, two P2P connections are created. The first peer connection is established between the user and the SFU. The second peer connection is established between the SFU and the other user in the call. WebRTC encryption occurs over the peer connections, but as the first peer connection passes the video and audio over to the next peer connection, there is a period where the content is not encrypted. This is known as hop-to-hop encryption and is an issue that continues to plague online communications. This vulnerability allows the ability for the SFU to record and listen in on all of the calls going through it. The good news is that a recent update in chromium-based browsers included an API called insertable streams. This new feature in chromium browsers enables us to bring end-to-end encryption to WebRTC through an SFU.
What are Insertable Streams?
Insertable Streams defines the interface for manipulating raw media carried by MediaStreamTracks which can be the output of a camera, microphone, or screen capture. It uses WebCodecs interfaces to represent raw media frames and exposes them using streams. We now finally have a way to interact with the video and audio data streams directly and manipulate them before we send the streams out. Now that we can manipulate the data sent in the streams, we can add a layer of encryption to the WebRTC data to make the streams truly end-to-end encrypted. Google has built a demo of an E2E encrypted call which can be experimented further see insertable streams in action.
Thats Great! But what does this mean for me?
This is amazing news for you! This means that web developers now have the tools to build end-to-end encrypted video and audio calls straight from the browser. We will hopefully start seeing E2E becoming the norm for online communications. In the most recent SecureMeeting update, we added E2E encryption via insertable streams. It is possible to verify your streams are being encrypted by clicking on the green shield icon while in the call and then clicking on “Preview”. A video will appear that shows what our servers will see from your video. We did this to ensure we remain the safest place to meet online as well as raise the bar for our expectation for security and privacy online.
SecureMeeting
SecureMeeting is on a mission is to advance human rights and freedom of speech. We do this by designing, developing, and deploying planetary-scale, privacy-preserving communications architectures for all of mankind.
We are a US 501(c)(3) non-profit.
Send us a note, we’d love to hear from you: hello@securemeeting.org
