Information about Jitsi


#1

Hi,

I just found this service and it seems great. Can you clarify the following points:

  1. Does it provide 2FA? It seems no…
  2. Does it provide self destructing messages? It seems no…
  3. Does it provide forward secrecy?
  4. What is the Monthly Average Users (MAU)?
  5. What is the business model? No donation, no ads, no selling data
  6. What is the jurisdiction of the server?

Thank you


#2

I suppose you are talking about meet.jit.si?

There is no authentication enabled on meet.jit.si, but authentication is available for custom deployments of meet.jit.si without 2FA.

No history for a room is kept after the room is destroyed, which is when the last person leaves. So all messages are destroyed.

What do you mean?

Most of the active jitsi-meet maintainers are working for a company where we develop a video conferencing solution, meet.jit.si is a free service, which the developers use to improve with every new version and monitor in order to spot problems and add new features.

What do you want to know? meet.jit.si is currently deployed in 6 regions across the globe.


#3

That all depends on the SSL settings of the web server and with the right ciphers it’s totally achievable. I believe that the current default settings in the deb package are ok.


#4

Yes.

Ok

Forward secrecy in particular, perfect forward secrecy is an important security feature.

Where are the servers in which the data are stored?


#5

According to wikipedia:

In Transport Layer Security (TLS), cipher suites based on Diffie–Hellman key exchange (DHE-RSA, DHE-DSA) and elliptic curve Diffie–Hellman key exchange (ECDHE-RSA, ECDHE-ECDSA) are available.

So, yes meet.jit.si supports it. Good!


#6

No personal data is stored.


#7

What about IP, metadata and so on?


#8

There are some analytics stored about usage, but they do not include ip addresses.
Meet.jit.si is using callstats.io for call statistics, where I think Ip address is stored, but they are GDPR compliant if this is what you are asking.
I’m not sure what metadata do you mean other the one explained above.


#9

The problem is related to WebRTC that can leak IP even behind VPN connection.

About metadata, they include timestamp, location, etc. I’m talking about this review. Maybe you could contact the author in order to add your project.


#10

Meet.jit.si is not a messaging app - it is a video conferencing solution.


#11

Ok, even Wire, Signal, Skype and others are videoconferencing solutions…


#12

I’m not familiar with Wire and Signal, but Skype is a messaging app with option for video and videoconferencing. Meet.jit.si is not at all messaging app, doesn’t have accounts, you cannot send a personal message to a user … it is just adhoc meetings, with exchanging messages only inside meeting with no history.
I don’t see it in anyway categorized as messaging app/service where you need to be able to send messages to users, but you cannot as there are no user accounts :slight_smile:


#13

Is there at least one in that list that can be used without creating an account?


#14

No, all of them need an account. I think that meet.jit.si without an account cannot ever compete with the other.
Thank you for all the answers…


#15

@erotavlas

Hi,

Is it possible to get statistic detail as per conference ID? For example, duration of conference, conference(runnning/stop), number of participant alive etc??

I have gone through colibri and callstat.io, but it provides overall statistics detail, i just want statistic detail for given conference name (serverIp/roomname).

One more query,
is it possible to differentiate conferences in groups? Like, con1 and con2 belong to group1 and con3 and con4 belong to group2.

Thanks


#16

@aneri.fumtiwala
Hi,
I do not know. I’m not expert of Jitsi or meet.jit.si. You should open a new thread.
Best Regards


#17

Callstats.io also gives information per conference.

Checking roomname/conference for number of participants smells like the room_size prosody module: https://github.com/jitsi/jitsi-meet/blob/master/resources/prosody-plugins/mod_muc_size.lua

Duration, I think is available in jvb REST stats.

Overall I think there are people that are doing jicofo logs parsing and extracting all those stats and pushing them to a backend of their choice.