Within the tech security community, Zoom got called out today for a potential security vulnerability for the usage of the Mac...
A P2P WebRTC server – inside your browser? What next!Chris Koehncke
Sophia Westwood and Brie Bunge are two computer science graduate students at Stanford University. They recently submitted a closing school project (judged by external technology companies) and received “Best Technical Innovation” (along with other top awards!), with the comment, “we don’t know the exact use yet, but it will be awesome.” It’s a WebRTC application and (wait for it) is based upon the data channel. Intrigued? So was I.
Their 8-week project resulted in PeerServer, which basically turns your browser into a server so that other browsers can connect to it. But unlike a typical HTTP client-server, all the data moves from the client to the on-the-fly PC server via the WebRTC data channel. Makes total sense right? In what is a classic Abbott & Costello, “Who’s on first, what’s on second” you’re gonna have to unthink what you’re thinking before you recognize the brilliance (and complexity) of what these two students have developed. It’s Web 3.0!
I know you already clicked on the link above (who said patience was a virtue) and wondering what is this. So I’ll give you a very brief tutorial (peck along). First type in a unique serve name (your name for example) and enter and you’ll get dropped into the development environment of “your” server (in fact “your” server has now been created and running ta da!). Next, click on “index.html” on the left column and the main screen will show you the html HTML code. Modify this code (for you simpletons, just change the “Hello World” to something else). Hit CTRL-S (to save) and then hit the open browser link (upper left) which will open up a new tab. You’ll see your HTML code executed.
Before you say, “that’s not all that exciting.” You need to stop and walk thru the steps on what has transpired. Only then can you truly be enlightened.
Indeed I had to shift thru the HTML on both sides to really get what was going on (I’m convinced Stanford students are on earth mostly to keep the rest of us confused). PeerServer not only had to figure out how to package up your HTML and send it via the WebRTC data channel and unbundle on the remote client. But imagine you (god forbid) put a hyperlink in your HTML code (like a link to the next page). Normally, your Chrome Browser would execute the hyperlink, however, this wouldn’t work on a virtual WebRTC server. Thus PeerServer hijacks the way Chrome deals with hyperlinks and tunnels it back over the WebRTC data channel.
Now what’s all this good for?. How should I know (I didn’t go to Stanford)? It’s a school project so they’re not out pitching VC’s (but maybe they should be). At first glance, you might imagine this would be good for a training environment for those learning programming (think Code Academy). What’s exciting to me is the total rethink about client-server and the notion that a server is some box with blinking lights in a data center. Strip away the development aspect of this project and you might see the ability for me to create a flash server. I load a web page and suddenly I’m a temporal web server for a group application (think gaming).
I love the bold thinking from Sophia and Brie and if I could buy stock in them, I’d double down now.