If you know nodejs pretty well, try https://wildduck.email

Unaffiliated BTW. Just find that their storage saves space compare to Maildir and pretty scalable compare postfix. It also allows unicode email addresses.

Interesting that it is using x-ray, seems like x-ray is still using PhantomJS as the plugin, is PhantomJS deprecated? Would it be using Puppeteer instead?

So as the group members increased it also increases network usage on the SFU server?

Correct.

Hmmm, what happened to the WebRTC using p2p method, where as the member increase so does the bandwidth? Like torrent?

>As for e2e encryption over webrtc via an SFU - yes, this is possible, but its currently very messy (wasm video encoding and encryption streamed over an SFU-bound datachannel with full mesh distribution of the encryption key). There are plans to implement "Insertable Streams" which you will be able to transform (e.g. encrypt) which will allow this to work without the hacks.

So currently Jitsi meet the one on the web site is NOT e2e encrypted?

Yeah, not e2e encrypted when it goes through videobridge (as per this article).

I haven't checked, but its possible for 1-to-1 or small meetings they may go full mesh, which would be e2e encrypted - a few platforms do this.

edit: just checked and jitsi is "full mesh" for 2 participants - if you have 3 or more (video) participants, it switches over to SFU.

Very interesting. I have heard that from some people as well. Any tips on how to get started in *nix/FreeBSD/Mac ecosystem? Last I tried was in mono. Any tips appreciated.

It's super easy to download and get started on Linux/Mac:

https://dotnet.microsoft.com/download/dotnet-core/3.1

I even managed to get it to run on an Android tablet via Termux by downloading the ARM64 binaries.

One can always rely on cordova/phonegap type of app with a C++ plugin to address this issue.

Personally, not having web app storing large amount of data is a good thing.

Has anyone try to go the site.

it gets redirected to:

http://107.170.104.233/online/

Says secure payment on a NON-SSL site. Sounds pretty shady.

Can you name a legit site for the general public that doesn't even have a domain name?

1.1.1.1 does have a domain name (and of course is operated by Cloudflare) but it doesn't redirect you or anything, it's totally happy to advertise itself as https://1.1.1.1/ which seems more memorable than most possible names.

Yes the DNS companies are an exception because the number is meaningful to humans.

Well on the site it was said

"We encrypt the content with that random key. In this case, we only encrypt the content once with the random key so we don’t need an iv and can leave it filled with 0 (I hope…)."

Anyone think that is a good idea?

It's a good idea if you encrypt with the same key _once_ — you can avoid attaching nonces to your ciphertext (less code and data), and have only 16-byte key in the URL.

In fact, using a random IV with AES-GCM is not exactly safe: 12-byte nonce is too small to avoid collisions with many encryptions. The recommendation is to not encrypt more than 2^32 messages with the same key if you use the random nonce.

What would happen if an attacker gets two different messages with identical IV and key?

They'll get the XOR of the two original messages, and also can break authentication: https://crypto.stackexchange.com/questions/26790/how-bad-it-...

That's scary, thanks!

If the key is securely random AND only used once, it won't compromise the encryption. But it's a bad idea, since it requires enforcing that the key is a nonce, instead of just a key. It's a bad habit, and can easily lead to compromise (when someone inevitably uses it as example code in a situation where those guarantees don't hold, for instance.)

Can't really get it working. All I see is a white bar in the middle of screen.

https://i.imgur.com/mOWAJwg.png

probably the trial watermark