Ever get the feeling that someone’s listening in on your conversation?
Around the office? Perhaps while you make that unavoidable, important call while on public transport?
What about when you speak and exchange documents during a video conferencing call? Do we even think about the security risks of sending all that confidential chatter around the world, or do we still consider such methods of communication as being beyond the internet, like an old-fashioned telephone call?
And just think about the kinds of things that could be overheard or stealthily seen in a hacked video call between, and within, all manner of businesses. The ramifications of this kind of privacy violation are why one European company is letting people take personal control over their video conferencing security, and it may be the way of the future for sensitive internet conversations.
Video Conferencing Has Already Been Hacked
In June this year hackers found a weakness in the video call setup of the Quebec Liberal Party and were able to listen in on strategy meetings between the Party’s Montreal and Quebec City offices.
Read that again.
Outside eavesdroppers were able to listen to the live, private strategy meetings of a political party via its own video conferencing equipment. Luckily, the anonymous hacker in question was of the White Hat variety and alerted the Party, although screenshots of the infiltration were sent to a Canadian newspaper.
In that instance the hacker gained access by trampling over some rather weak password protections, but there are other potential frailties in the system.
Earlier in the decade, another white hatter, this time the far more famous HD Moore, found flaws within more than 5000 unsecured video conferencing systems in little more than two hours of trying. In most cases the video systems existed beyond the company firewall and were designed to auto-answer incoming calls.
Moore was able to not only eavesdrop on conversations–including a call between a prison inmate and his lawyer–but also to activate and operate the company’s video and audio equipment.
Take Care of Your Own Video Call Security
It’s those kinds of systemic failures that Spreedbox was built to avoid.
Designed by German software engineering firm Struktur AG, and partially funded by Kickstarter, Spreedbox is billed as a private video conferencing server that lets users maintain control of their data at all times. It’s an open source platform that accesses webRTC to allow browser-based video conferencing and file sharing.
This means you can transfer and store all your information within a closed server, and not have it bounce around a bunch of destinations the way public video conferencing providers, such as Google Hangouts and Skype, operate.
That’s managed through a partnership with ownCloud, which provides all the benefits of shared cloud computing while keeping everything on a single server.
And it’s pretty too.
Essentially, if you can afford the $1200 asking price–expensive, but certainly within reach of most companies serious about security–you’re cutting out the middlemen of video conferencing and speaking directly to friends, clients, and colleagues. There’s no limit to download sizes and duration of calls as you’re handling the information yourself.
A Private Security Firm
The idea has potential applications beyond businesses. It could be used wherever video conferencing involves sensitive information, or the callers themselves need the utmost protection. Schools, for instance could create private networks to ensure the safety of students and their personal information.
As each Spreedbox acts as a kind of telephone exchange, you don’t need to scatter the hardware across the school district to use it. Each central box can be accessed by up to six desktop and mobile devices at a time, and each access point can carry up to 10 participants. So 60 users can chat remotely and securely in real time, face-to-face.
It’s a step toward an internet where every business or organization that communicates sensitive or confidential information can act like its own self-sufficient, private home, and the cable and satellite connections between them merely transportation devices.
Safe as houses.