In the light of recent events and the pandemic that’s taken the world and brought most of the functionalities to its knees, we are all under quarantine. And each one of us is facing a lot of problems when it comes to communicating with our co-workers, or to our students as teachers are facing consistent challenges. A secure, good, and powerful video conferencing software is need of the hour.
Navigate this article easily, topics covered are:
After most of the institutions shut down, most of us started looking for solutions to communicate among ourselves, and we found the solution right in front of us, Zoom Video Communications! But after a few days when it rose to popularity, it became the target of some notorious people who started exploiting the application with its flaws and making it really unsafe to use. Mistakes were made on Zoom’s side also, where they falsely advertised a lot of security features, which weren’t really there in the first place. Which brings me to the next thing I am going to be talking about, what defines a good video-conferencing application. The issues that are most criticized are:
- End to End Encryption (E2EE) – End to End encryption is a system of communication, where the message can only be seen by the true sender and receiver. That is, if you are using a service to communicate, only you as the sender and the receiver should be able to view the message, not even the people who made or own the channel you are using to communicate. Examples of applications that provide end-to-end communication include Telegram and WhatsApp. Although a point that must be noted is that WhatsApp provides end-to-end encryption only while you are communicating with someone directly. Group conversations are not encrypted. Why? I will tell you in a while.
- In April 2020, a data-mining feature on Zoom automatically sent user names and email addresses to LinkedIn via a tool meant to match user profiles, allowing some participants to surreptitiously access LinkedIn profile data about other users. Zoom and LinkedIn disabled their integration.
- Sharing of meeting links over the internet – Most of the time the meeting could be “zoom-bombed” meaning, any unintended user could enter the meeting showing up obscenity and pornographic content, if the meeting links and ID is shared over the internet, making it highly insecure.
- In July 2019, security researcher Jonathan Leitschuh disclosed a zero-day vulnerability allowing any website to force a macOS user to join a Zoom call, with their video camera activated, without the user’s permission. In addition, attempts to uninstall the Zoom client on macOS would prompt the software to re-install automatically in the background, using a hidden web server that was set up on the machine during the first installation and remained active even after attempting to remove the client. This vulnerability has since been fixed.
- In April 2020, security researchers found vulnerabilities where Windows users’ credentials could be exposed. Another vulnerability allowing unprompted access to cameras and microphones was made public.
As of April 2020, Zoom has been banned from usage at most institutions by governments and educational boards due to its lack of security.
Which brings us to the solution to the problem, Jitsi!
What is Jitsi?
Jitsi is a set of open-source projects that allows you to easily build and deploy secure videoconferencing solutions. Now since Jitsi is open source by nature, that gives you total control over your data.
History of Jitsi
Jitsi surpasses 10 million monthly average users!
8×8 acquires the Jitsi Technology and team from Atlassian. Which helps keep the Jitsi project alive and well-funded.
Atlassian acquires Blue Jimp, making a long-term investment in keeping Jitsi open source, community-based, and pushing the envelope of great video conferences.
Using a prototype from Philipp Hancke as a basis, the Jitsi community starts the Jitsi Meet project: a Web Conferencing application that rivals Hangouts and Skype
Jitsi’s video routing capabilities are extracted in a separate server application and Jitsi Videobridge is born. Later this year Jitsi Videobridge adds support for ICE and DTLS/SRTP, thus becoming compatible with WebRTC clients. This is a first step to its importance in today’s WebRTC ecosystem.
Jitsi adds video conferencing capabilities based on the concept of routing video streams. The client of the conference organizer acts as a video router.
SIP Communicator is renamed Jitsi (from the Bulgarian “жици”, or “wires”), since it now also supports audio and video over XMMP’s Jingle extensions and it would be silly to still call it SIP Communicator.
Emil Ivov founds the Blue Jimp company, which employs some of Jitsi’s main contributors. They offer professional support and development services.
JsPhone departs from the JAIN SIP reference implementation project, and becomes a separate project on java.net. It’s renamed SIP Communicator, since it mostly made audio/video calls through the Session Initiation Protocol (SIP).
We get our own Wikipedia entry. Look out, world.
SIP communicator is completely rearchitected, adopting a new OSGi based design to make it easier to write plugins for the project.
Emil Ivov, a student at the University of Strasbourg, France, creates JsPhone. He also teaches salsa and West Coast swing.
Features of Jitsi:
- Free to develop and Open-Source
- Uses WebRTC for communication, making it able to use without any downloads.
- Provides true end-to-end communication between all pairs of participants for free, you can read more about it here (It’s a great blog).
- No call-time limit, talk for as long as you want.
- If you still have thoughts about security, you can always download the server software and install it on your own server (perks of open-source software)
- Your data isn’t shared with any third party without your consent.
- Most importantly, the software is free to use, and you don’t have to compromise on any security.
Now let us see how to use Jitsi.
Starting your first Jitsi meeting
Setting up a meeting on Jitsi is extremely easy, all you have to do is download the application from your required repository:
Google Android: https://play.google.com/store/apps/details?id=org.jitsi.meet
Desktop version (Linux / MacOS / Windows): https://jitsi.org/downloads/
Or you can simply head over to https://meet.jit.si/ to quickly start your meeting using a browser on your phone, tablet or laptop without any downloading!
Setting up your own Jitsi Meet server
Setting up your own Jitsi Meet server is the best possible way to ensure that your communications stay private, the Jitsi Meet software makes use of Jitsi Videobridge to provide high-quality scalable video communication.
Setting up your own web-server is a complicated process, so we recommend you to consult professionals to do this or you can continue reading and try it out yourself.
- The first step will be to download the compatible package from here. You must be aware of which version to download depending upon the configuration of your webserver (please keep in mind you need a webserver for this to work and not a simple web hosting, I personally recommend you to use Digital Ocean, where if you register using our special link you get 100$ worth credits to scale your webserver).
- Installing the pre-compiled version of the Jitsi Meet server software that you just downloaded.
- Pointing your browsers to the installation path!
And that’s it, you are setup with your own personal video conferencing web service, and no one can eavesdrop on your conversations anymore.
Or if you want you can always set up the web-server manually, where you will have to change a lot of things (increasing chances of breaking up things even more)
For more detailed instructions head over the GitHub repository for the code here.
I hope this has been informative and will help you get started with Jitsi, for any more questions or queries you can contact me at [email protected] or [email protected] and if you are based out in India, give us a call on 8181914448 or 8005251034 and we’ll be happy to get you started.!