[Logo] Air Video Forum
  [Search] Search   [Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [Groups] Back to home page 
[Moderation Log] Moderation Log   [Register] Register / 
[Login] Login 
PIN and WiFi  XML
Forum Index » Air Video General
Author Message
Jazzy Jazzy



Joined: 09/16/2010 08:32:29
Messages: 8
Offline

Hello,


I dont really know who can see my videos while Im playing them back. Usually I tend to use SSL. But this seem not to be possible with Air Video Server.

When I have the Videoserver in AirVideo for iPhone connected with the PIN will it go over the internet anyway, even when Im with WiFi connected to the same LAN or will it find the direct way to the server. So if Im at home no bad guy can see my videos while I m watching them?

Only if Im off and connected from outside, the video plays back to my iphone and any bad guy can see the stream too?

Can anybody give me some information how this works.

Thank you.

Best
pavram



Joined: 03/07/2011 22:02:51
Messages: 32
Offline

First up, I don't actually know the direct answer to your question. (I don't know exactly what address the PIN system gives you) But I will help out with some networking info which should allay your worst fears.

Short answer:
If you are inside your house, your traffic doesn't ever leave your house. (Except as radio waves on the wifi, but I presume you know about any potential problems with wifi security)

Long answer:
In your house there are likely 2 networks, these are represented by the IP addresses you use in your house. (you probably don't know about the second one).

Your ADSL/Cable (wifi) modem has 2 different addresses.
Something like: 192.168.x.x (this is your modems LAN)
And something the cable modem gets from your ISP. (This is your modems WAN, I'll use 1.1.1.1 but it could be almost anything, and most ISP's change this - it can change as often as your ISP wants!)
The PIN system, helps you find out which particular address (1.1.1.1 type) you are using at any one time.

When you use PIN from OUTSIDE your home..
When you are outside your house, the "PIN" tells your phone to connect to your house via 1.1.1.1 (because your phone is in the "Internet" so its obviously the only way back to your house!)
Your data goes form iPhone -> 3G network (Internet)
3G network -> ADSL modem (WAN side - 1.1.1.1)
ADSL modem (WAN) -> ADSL modem (LAN) -this step is a kind of fake step, as the data doesn't "go" anywhere
ADSL Modem (LAN) -> AirVideoServer

When you connect WITHOUT PIN from INSIDE
You usually talk to your server on the direct 192.168.x.x address that the server has when detected via bonjour.
Your data goes from iPhone -> ADSL modem (LAN side)
then ADSL modem (LAN side) -> AirVideoServer

In a Worst Case Scenario, using PIN INSIDE, IF PIN uses 'Internet' (1.1.1.1) Address only
You are at home. You use the PIN, the PIN makes your phone talk to 1.1.1.1 Your data never leaves your house.
Your data goes from iPhone -> ADSL modem (LAN side)
ADSL modem (LAN side) -> ADSL modem (WAN side) Yes, it is slightly less efficient, but I guarantee you won't notice
ADSL modem (WAN side) -> ADSL modem (LAN side)
ADSL modem (LAN side) -> AirVideoServer

Nothing leaves your house when it doesn't have to. (it is all still over Wifi, and people can always sniff your wifi, its a radio afterall. But they do have to be near by)

There is a chance ofcourse that the PIN resolution does the right thing, this is why I can't actually answer your question. Though even if it doesn't do the "right" thing, it is no less secure this way.
Jazzy Jazzy



Joined: 09/16/2010 08:32:29
Messages: 8
Offline

Ok - thank you for this very detailed answer.

The only thing is that the stream via Internet is not secure because of no SSL - right?

Thank you.

Best

This message was edited 1 time. Last update was at 05/06/2011 00:16:28

pavram



Joined: 03/07/2011 22:02:51
Messages: 32
Offline

Technically speaking yes, via the internet the content isn't encrypted.

There are 2 scenarios.
Viewing content via 3G
Over 3G there are a variety of places to intercept traffic.
Your home ISP has traffic running over it,
Any Data Carriers between your home ISP and Telephone network obviously receives the traffic.
Your Telephone network has traffic running over it,

And then there is the 3G wireless traffic itself.
I am not aware of any "interception" mechanisms for 3G traffic. (This leads me to think it is encrypted in some way).

Obviously, the various ISPs between yourself and your home could intercept the traffic.
Obviously your Government could get a warrant or use some other institutional means of access to intercept the traffic.
Unless you can't trust your government/ISP and the content you are viewing is fundamentally in contravention with their policies (for instance if you are in china and you view Pro-taiwanese seperatist videos) I would rate this as low risk.

Overall, other than the situations where you are genuinely scared of your government, this is pretty low risk. Also, the people involved with the sniffing when on 3G are very very unlikely to *actually know you*.

Viewing content from a remote wifi network (like a coffee shop)
If you are ever going to worry, This is one situation to be worried about.
Open-Access Wifi is not encrypted.
Additionally, computers not controlled by any authority (like other people like you) are often allowed onto the same "network" as you are with your iPhone and could potentially "sniff" your traffic.

This is a situation in which it is possible for people to know who you actually are, can "see" your traffic, and "see" you. (because you are likely in the same coffee shop!)

The information itself is very easy to sniff. (the Apple Live Streaming protocol actually makes it easier to get "viewable" segments of video via Traffic Sniffing than traditional Streaming technologies, this is related to the way apples live streaming protocol becomes so scalable for large live streams).

Though, you have to temper all of these concerns with the following fact. If they are in the same coffee shop as you, they can look over your shoulder and see what you are watching anyway.

Final Thoughts
Even with SSL encryption, they will still know your servers "Internet" address. (Encrypted packets can't encrypt the destination, because how would the 3G network know where to send it?)
Even with SSL encryption, they will still know you are watching Video. (It is quite obvious that any continuous large volume of traffic to a mobile phone is going to be video. Phones don't download large files.)
SSL encryption will ONLY secure you from people intercepting your traffic, and being able to view it themselves.
Finally, SSL encryption is impractical given the way the system works. One of the primary purposes for SSL encryption is not just to stop traffic interception, it is to ensure the identity of the other end of the communication. InMethod can't install a "unique" SSL certificate on your AirVideoServer, because they would have to purchase one for every AirVideoServer seperately.
Jazzy Jazzy



Joined: 09/16/2010 08:32:29
Messages: 8
Offline

thank you again for your answer

I tried yesterday to mount die Video Directory via WebDAV to the AirVideo Servers Computer. I dragged it into Air Video and it runs fine. So I use the SSL WebDAV to bring the Folder to a client network and then there the Air Video Server delivers it to e.g. an iPad within the local wifi. (Yes there somebody could make it accessible for internet too with the local air video server.)

It runs fine.

Anyway I would purchase a certificate or make an self made cert to encrypt the Air Video Stream. Probably this could be an option for inmethod to anhance the air video system?
Admin



Joined: 08/23/2009 08:49:34
Messages: 8705
Offline

Hi,

when you are on LAN no communication goes over the internet. Streaming goes within the LAN only.
miller350


[Avatar]

Joined: 08/30/2012 06:21:56
Messages: 1
Offline

tnx
 
Forum Index » Air Video General
Go to:   
Powered by JForum 2.1.8 © JForum Team