Within the tech security community, Zoom got called out today for a potential security vulnerability for the usage of the Mac...
Mobile WebRTC – the challenge aheadChris Koehncke
It’s not gonna take long for WebRTC to hit mobile. All the trends lines pointing to mobile data usage increasing. But with this usage, operators are running smack into a potential nasty PR situation, one they could avert, but my guess is they won’t (fear weighs heavier than opportunity). I want to raise two issues.
Port blocking – many mobile operators block all sorts of ports from your access. Mostly you haven’t noticed for typical web browsing, but as the complexity of the applications you use increase, this becomes more problematic. The operator cite security for their port blocking, but this strikes me as lame. There are numerous vendors selling sniffing & port blocking appliances to mobile operators. Here’s a link to Bluecoat Systems pitch on how to block Skype on a mobile network (I especially like how they don’t say “block” but rather the word “control”!).
Mobile operators also use all sorts of NAT’ing technology which introduce a more complex network topology for my little application to traverse. Finally (as if that weren’t enough) operators employ caching techniques which work really good for a web browsing but have a large potential to screw up an application that is feeding real time information.
WebRTC has a serious limitation today in that it expects it can find an open UDP port to send/receive media. Failing that, well things just simply fail. WebRTC, unlike Skype, does not, today, have the ability to tunnel itself over an open TCP port. It should, it will, but it doesn’t today. This, by the way, isn’t a problem restricted to mobile networks, but some over zealous IT corporate guys highly restrict port access killing all hope of a WebRTC application working in some business settings.
Mobile P2P – the era of client/server is changing and this presents significant challenges to how we’ve engineered our networks. Mobile networks are going to get particularly impacted in this transition. Mainly because they’re optimized for web browsing and operators have inserted all sorts of ”boxes’ in the middle of the transaction. But mobile data usage assumes that all of my data is destined for the public Internet.
If I make a P2P transaction with another mobile colleague 5 feet away from me, most local base station controllers can’t deal with that. Instead, my data may travel thousands of miles to reach my colleague. Clearly this is not very efficient but for today, this rarely happens, so who cares. The issue is the P2p world of tomorrow is well on it’s way and inefficiency won’t be tolerated.
As our percentage of Internet experience moves from fixed broadband to mobile, we’re going to all run into these limitations. There will be work arounds but the largest agony will be with mobile operators, already smarting from LTE investments, realizing that their data management infrastructure needs over hauling (again). This is, of course, opportunity for a smart vendor to offer a solution and while operators may not recognize this immediately, higher efficiency of their network can sharply decrease their operating costs.