Re: [rtcweb] Please require user consent for data channels
Roman Shpount <roman@telurix.com> Thu, 30 July 2015 19:26 UTC
Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BA011ACC91 for <rtcweb@ietfa.amsl.com>; Thu, 30 Jul 2015 12:26:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.079
X-Spam-Level:
X-Spam-Status: No, score=-0.079 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id diEEAYlSeb0I for <rtcweb@ietfa.amsl.com>; Thu, 30 Jul 2015 12:26:50 -0700 (PDT)
Received: from mail-ig0-f176.google.com (mail-ig0-f176.google.com [209.85.213.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABA3B1ACCF2 for <rtcweb@ietf.org>; Thu, 30 Jul 2015 12:26:47 -0700 (PDT)
Received: by igbpg9 with SMTP id pg9so17749128igb.0 for <rtcweb@ietf.org>; Thu, 30 Jul 2015 12:26:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=3C0KQ2zfMVgov/UmpzzWVRv+CRkb8dcYHgJyC4IqYgA=; b=U4PMWf8AlTzSmwtKNm8v9bBe6pez/twaHtppifEq4glo9PB08TF0S+Av1alBGod8Fa 4cKEBIUutgnEF3uduYXjcBpiONt89X6BQGXeFurALxkk4KciJowVRMF2pWN8pLU1HtD7 YCm9mQVwwoHgY4u3kzXH82Xd5Z093vF2YHYpPT+CYMSfzZij/ewATKnz/L/BCbm/oSUP 6m28EpO+hjejdx7EbPcwQJKZ3Mrlp9lwcnDy2ICHtwYB7QPFHWSUL9cBQN3824WPGFEa KfqAo5cYeY93jmEWCrVQwwF47GgA3IvK7jRHntZVxh353lb15nNCp6Gp6PyPwZi0UsG7 iERg==
X-Gm-Message-State: ALoCoQmspRs5A+j0HCwDfwKiHgnbbQ3y4zauMn3qT0uRnl8nfuyBGAq+Wz06NCHbrBLsWihAIh/f
X-Received: by 10.50.40.39 with SMTP id u7mr7578324igk.71.1438284407197; Thu, 30 Jul 2015 12:26:47 -0700 (PDT)
Received: from mail-io0-f176.google.com (mail-io0-f176.google.com. [209.85.223.176]) by smtp.gmail.com with ESMTPSA id q12sm1968529igr.2.2015.07.30.12.26.45 for <rtcweb@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 30 Jul 2015 12:26:45 -0700 (PDT)
Received: by ioea135 with SMTP id a135so63962253ioe.1 for <rtcweb@ietf.org>; Thu, 30 Jul 2015 12:26:44 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.107.152.81 with SMTP id a78mr13393462ioe.145.1438284404730; Thu, 30 Jul 2015 12:26:44 -0700 (PDT)
Received: by 10.36.89.70 with HTTP; Thu, 30 Jul 2015 12:26:44 -0700 (PDT)
In-Reply-To: <55B9C503.4050807@jesup.org>
References: <CA+65OspMD_PVjk0BXh7t4LtjmFDcDatoeNjFQOO_OVtC-Br+OA@mail.gmail.com> <55B9C503.4050807@jesup.org>
Date: Thu, 30 Jul 2015 15:26:44 -0400
Message-ID: <CAD5OKxsmTWNrtv7OM_Zo3iazmmEfmtdpdBbfM9ZAPxYf3BFsWg@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Randell Jesup <randell-ietf@jesup.org>
Content-Type: multipart/alternative; boundary="001a114043c607b567051c1cafcb"
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtcweb/QMge-U2tkfkTdZy2X_qA9vjd5fY>
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Please require user consent for data channels
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2015 19:26:52 -0000
Hi Randell, I do agree with most of your argument regarding fingerprinting and gUM. I also agree that this is not just the data channel issue and similar exploits can be created using audio or video connections. Furthermore, these usage patterns are very difficult to distinguish from legitimate applications. On the other hand I would argue that all of this exploits do not matter, since you can get the same information using non webrtc related HTML functionality. One thing that I do not agree with is that PeerConnection introduced a significant new behavior -- routing data over the non-default network interface. This is something that was not possible before. There is no way to overwrite default routing with HTTP request or anything similar generated by the browser. Overwriting default routing would allow creation of a whole new class of exploits, from determining user other IP addresses to forcing traffic over unexpected networks and generating expenses for the user. My suggestion is that until system wide preferences are exposed via some other mechanism defined by MIF, web browser should follow the local policy and do not overwrite local routing metrics by sending ICE requests over specific interfaces. At the very least, this should only be enabled via some sort of configuration option which should be disabled by default. I understand that using only default routes can decrease the chances of connection, but from my experience* we are talking about less then 0.1% of all the users. Also, please note that a lot of software VPNs do allow routing over secondary gateways. There is nothing fake or unusual about them. For instance Microsoft default PPTP VPN simply creates a virtual adapter for the VPN connection and creates a route with lower metric. This virtual adapter, on the other hand is using the previous default route for PPTP connection. * We have deployed a VoIP system with 500K users that used ICE in combination with TURNs over default route with HTTP connect option. Total number of users who could not place a call even though they could connect to the web server was less then 0.1%. _____________ Roman Shpount
- [rtcweb] Please require user consent for data cha… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Matthew Kaufman
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Lorenzo Miniero
- Re: [rtcweb] Please require user consent for data… Michael Tuexen
- Re: [rtcweb] Please require user consent for data… tim panton
- Re: [rtcweb] Please require user consent for data… Bernard Aboba
- Re: [rtcweb] Please require user consent for data… Matthew Kaufman
- Re: [rtcweb] Please require user consent for data… Timothy B. Terriberry
- Re: [rtcweb] Please require user consent for data… Victor Pascual Avila
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Eric Rescorla
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Stephen Farrell
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Martin Thomson
- Re: [rtcweb] Please require user consent for data… Martin Thomson
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Justin Uberti
- Re: [rtcweb] Please require user consent for data… Martin Thomson
- Re: [rtcweb] Please require user consent for data… Harald Alvestrand
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] Please require user consent for data… Harald Alvestrand
- Re: [rtcweb] Please require user consent for data… Sergio Garcia Murillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Daniel Roesler
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Simon Perreault
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Jonathan Lennox
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Iñaki Baz Castillo
- Re: [rtcweb] Please require user consent for data… Tim Panton
- Re: [rtcweb] Please require user consent for data… Ted Hardie
- Re: [rtcweb] Please require user consent for data… Roman Shpount
- Re: [rtcweb] Please require user consent for data… Ted Hardie
- Re: [rtcweb] Please require user consent for data… Randell Jesup
- Re: [rtcweb] Please require user consent for data… Roman Shpount