WebRTC - crossing borders

From Hackerspace Brussels
Jump to: navigation, search

WebRTC - crossing borders
Mon 30 Jun 2014 19:00
till Mon 30 Jun 2014 22:00
tuesday meeting

"{{{city}}}" cannot be used as a page name in this wiki.
"{{{country}}}" cannot be used as a page name in this wiki.

WebRTC builds on the PeerConnection API. This API abstracts several key components for realtime audio, video, networking and signal. RTC-Web communications are directly controlled by some Web server,...and a Web browser might expose a JavaScript API which allows a server to place a video call [unknowingly by the user]. Unrestricted access to such an API would allow any site which a user visited to "bug" a user's computer, capturing any activity which passed in front of their camera. WebRTC uses IETF communications protocols to assure that media and data flowing between browsers is secure. The level of security in a given call will depend on several factors as well as on the context of the communications application.

  • intro: What is webRTC?
  • Is it safe (enough), how can we make it safer?
  • security & State Machine in JS
  • Share some defenses against html penetration , cross-site scripting & XSS - OWASP

More info[edit]