Security and Privacy
Are your group video chats secure?
Video chat has become a way of life for many people stuck at home in the last couple of months. There has been an explosion in the use of video conferencing services: popular video chat service Zoom, for example, went from 10 million daily users to over 300 million. But that growth has highlighted some of the major flaws in video conferencing tools - flaws that people may not be widely aware of.
The biggest issue comes with multi-party video chats, a scenario in which true security is very hard to implement. One-to-one video chats are easy enough to properly secure, and many video chat solutions do offer end-to-end encryption on two person video chats. It’s when you start adding in more people that security becomes a lot harder, and this month we’ll take a look at this issue and what you can do about it.
The difficulty of encrypting multi-party video chats
So why is it hard to properly secure video conferences involving more than two people? The challenge is that nearly every implementation of multi-party video chat requires a “man in the middle”: a server that takes the video streams from all the chat participants and mixes them together to send back out to the other participants. That makes true end to end encryption extremely difficult, if not impossible.
Let’s say you were having a three-way video chat with Mary and Joe. In theory, you could have an independent end-to-end encrypted connection to each of them, sending each a copy of your video stream, and they do the same (this is called clientside fan-out). In practice, however, that’s a problem – you’re sending out multiple copies of your video stream and receiving multiple in return, which will quickly tax your internet connection. And it becomes quadratically harder as you add more people. What if you had ten people in the chat? Your connection would be unlikely to handle it, let alone your PC.
What happens in practice in most solutions instead, then, is that there is a central server (usually run by the company providing the software, such as Zoom, Google or Microsoft) that each participant connects to and sends their stream to. This server, or “bridge”, gathers up all the participant streams and mixes them together into a single stream, which it then sends back out to all participants so that everybody can see everybody else. This is known as server-side fan-out.
This model works, but it has significant security implications. A big one is that there is no end-to-end encryption. There
can (and should) be an encrypted link to the bridge, but the bridge itself is a vulnerability as it needs to be able to decrypt the streams to mix them. Essentially that means that anybody with access to the bridge can see your video chat. If you use Zoom for video chat, then all your conferences can be monitored by Zoom the company if it chooses (or are forced to by government agencies). The same goes for Microsoft, Google and most other multi-party video chat solutions. There’s no real privacy.
There are, of course, security issues other than the lack of end-to-end encryption. “Zoombombing”, for example, has become a common issue as Zoom conferences are invaded by unwanted people who gained access to the conference address and password (if it even has a password). These issues often come down to a lack of secrecy on the chat room address.
What you can do to improve security
Restrict yourself to one-to-one video chats. Many (but not all) video chat apps do offer end-toend encryption on video chats between single parties. If you plan on talking about sensitive information with just one other person you can use FaceTime, Signal, WhatsApp, Jitsi or a number of other applications that offer end-to-end encryption on individual video chats.
Only transfer sensitive information over text chat. Another option is to use text chat only to send sensitive information. Apps that offer secure multi-party text chats very often do provide full end-to-end encryption on text chat, even when they don’t on multi-party video chat. Zoom, for example, does offer end-to-end security on text, so if you have sensitive information to relay then it’s best done using the text chat box rather than saying it out loud over the video.
Don’t use social media to share links to conferences. This has been a major issue with Zoom, in particular, in which its ease of setting up and distributing conference details has led to a phenomenon called Zoombombing where jerks trawl social media for links then drop in unexpectedly on video chats and disrupt meetings.
Run your own server. If you’re concerned about the video chat app owner potentially listening in on your multi-party conversations (which most can do, as we noted above) it is possible to run your own video mixing or relay server. We’ll talk about some of the options for that below.
How to get end-to-end encryption
The mixing problem means that most commercial solutions don’t offer true end-to-end encryption on multi-party video conferences. If you’re using Zoom, Slack, Microsoft Teams, Google Duo or Meet and many others, then it is technically possible for the provider of those services to monitor your video chats. (We should make the very important point here that many such services are often opaque about their security – they will talk about end-to-end encryption on text, voice and one-to-one video chat, but frequently fail to mention that multi-party video chats do not get the same kind of protection.)
But there are some ways you can get around that. Some business solutions do provide truly private chats. Wire ( wire. com), Wickr Pro ( wickr.com) and Cisco Webex ( www.webex.com), for example, do offer genuinely end-to-end encrypted video conferences, although for Webex they are not the default and have to be configured, while Wire is limited to just four participants due to the strain it puts on the clients. All are paid services.
The other option is to create your own messaging server. One of the most capable options for this is Jitsi’s Videobridge ( jitsi. org), a tool that lets you run your own video conferencing server rather than rely on a third party. Unfortunately it’s only available right now for Linux platforms, but can be downloaded for free from the Jitsi website.
Riot ( riot.im) is another platform that lets you use your own communications server rather than relying on a third party – it employs what are called Matrix servers (see matrix.org), which can be hosted or you can create your own using a tool like Synapse. It’s somewhat involved and will take time to set up and understand, but can ensure that no third party can see your communications.
Other than that, just be aware of the current limitations of video conferencing. It’s an area where security protocols are still developing and there are many traps and pitfalls. So take your time, do your research, and stay safe online.