Medical Usage, confidentiality

Security concern. Is on on one communication can be compromised (p2p), Man in the middle. In this Covid crisis, I think using it for medical consultations. An if I own the meet server, is it secure?

An if I own the meet server, is it secure?

What does “secure” mean to you – what is your threat model?

It’s not end-to-end encrypted, but there is encryption between the clients and the server.

You’d likely want to:

  • enable the “secure domain” configuration (so that only registered users can start a meeting)
  • use a unique room name for each patient
  • remind all registered users to set a password on each room they open, to minimise the risk of unauthorised third parties joining

If it’s one on one. Can a third person can enters without being noticed By the two?

I imagine, with a complex roomname, with a password to the room, nearly impossible unless someone has hacked the video bridge server.

If it’s one on one. Can a third person can enters without being noticed By the two?

You’d want to test it to make sure you are comfortable with it, but if they are joining via the user interface, you get notified.

You might be able to set the maximum number of occupants in a room to 2, to prevent anyone else joining — but I haven’t tried that.

Thanks.

So, the server can force a 2 persons limit?

In this way, nobody can enters the room even they have the room name.

That would be perfect to me.

And if the app is P2P connected, no data pass in the server.

I think I’ll take my old laptop off the closet and install Ubuntu to try to build my video bridge with theses settings.

I’m not expert Linux user, intermediate maybe. I’ll try. If it works, I’ll redirect my own domain to use it with my patients.