I have a website a little bit like Chatroulette and I am using WebRTC so that the users can use their webcam to communicate which each other.
How can I prevent and check if a user is using a fake webcam software like ManyCam? Is that even possible to recognize a user with a fake webcam (or virtual webcam)?
Thanks.
Related
I have to create a webrtc application (using JsSIP) where the goal is only to be able to listen to the remote call.
I am searching a way to setup my JsSIP sip stack / sip session to disable the local microphone.
I want to make it that the browser doesn't ask for access to the microphone, as it is not needed.
Thanks.
Currently, it is not possible with JsSip, and to make it clear it is not possible on modern secure browsers.
The problem is not with JsSip but with the browsers, for security reasons browsers don't allow websites to access the microphone without the user permission as hackers can use this to monitor user conversations without their permission.
But I have observed from using JsSip on some browsers, the browser will automatically allow the user after permission has been giving to your site for the first time, ( at least on google chrome).
Solution
If there is a need to allow a smooth transition of audio permission-giving to your website, you should prompt your users to enable their browsers to always allow the permission. This has worked on chrome mobile and Firefox web browsers. Permissions are giving automatically.
I hope this solves your problem. you can contact me for anything with JsSip, ready to help you.
I want to use circuit as a videocall system in a B2C environment in which only the backend call agents are Circuit users (but the end-clients are not!!).
The only way I see to establish a videocall would be by creating a new conversation, get the url guest link and send it to the end-client.
This could be a “not-that-bad” possibility in a PC web portal front end….but in the case of a smartphone app (ie Ionic-Cordova) that link would redirect the end client to the Circuit app download site, forcing the user to install Circuit app which would not be accepted in the general case.
Is there any other possibility to implement a use case like this from Smartphone apps by embedding the guest connectivity in the app making Circuit transparent for the end client? Any possibility by using a pool of dummy Circuit users to be assigned temporarily to the app users?
That's a good question. There are two problems as pointed out by you.
1. SDK cannot be used without an authenticated Circuit user
I.e. the SDK has no support for guest access other than retrieving the guest access link. Workarounds are:
a) use the guest link and have the non-Circuit users join using their Circuit web or mobile client, or
b) create a new conversation each time and use a pool of users. But this workaround does not look intuitive and have actually never tried it in an app.
2. Guest users require Circuit app
Again as pointed out correctly, if going with a) above, the mobile client users would need the Circuit app to join a guest session.
Conclusion
For desktop users 1a is probably the best option. But for mobile users you'd have to try a workaround with a pool of users.
We are aware of these limitation and are looking into a better solution to address your use case. I will update this post once we have more information of the details and timeframe.
I am having a requirement to broadcast live audio on my website. Scenario is
1) one user will talk/sing in my application and
2) his followers will have to listen that live audio instantly in the same application.
Can you please suggest me any 3rd party libraries for this?
Note: I am developing my web application in ASP.Net MVC5.
Thanks in advance.
Towards that goal, if you plan on using WebRTC, you'll need to add media servers that route media around.
Look at Kurento, Jitsi or Janus for open source alternatives - especially if you plan on adding video support to it.
You can also try using Asterisk or FreeSWITCH - these are telephony based solutions but can be re-purposed to use WebRTC and offer a conference call like experience where you mute everyone and have a single speaker "broadcast" his audio to all the rest.
I want to identify and authenticate a user's device permanently so that he doesn't need to authenticate again and again from the same device. How can I identify the user's device uniquely?
One approach could be to use Client IP, but there may be more than one devices using the same IP. I may use local storage or cookies but what if someone copies local storage's device identification data to a different device or sniff cookies (having the same IP)?
Is it possible to identify a device uniquely and permanently authenticate it for a particular user in a foolproof manner?
I think this is a standard and long solved problem. Use HTTPS, set http_only and secure attributes on your cookie and you should be fine, unless someone replicates the whole browser data on device, which anyway is out of your control, and hence you shouldn't bother about solving a problem that you don't have control over.
I have a Youtube video set to private so nobody can watch it via Youtube or the embedded player. However I do want people be to be able to watch it on my website. The goal is to make the video available exclusively on my website for a while before I open it to the world. I was thinking to login to my Youtube account seemlessly using Youtube's API and log out after the video's finished but that doesn't make security sense. What's your take on that?
I agree with your intuition. Making the private sharing secure seems tricky at best. Although the Data API has procedural authentication options, I don't think Player API has that facility. Furthermore even if it did, it's hard to see how it might work without exposing your password.
Your best bet is probably to directly host the video on your website. You would use your website's authentication for restricting access limited release video. Then when your ready for the public release you can either switch to YouTube hosting or relax the authentication of your self hosting. The Video for Everybody site has examples of several options for self hosting of videos.