2. WebRTC
Plug-in free real-time communication …
WebRTC is a free, open project that enables web browsers
with Real-Time Communications (RTC) capabilities via
simple Javascript APIs.
source: webrtc.org
3. WebRTC
Just another JS API
or
WebRTC is a new front in the long
war for an open and
unencumbered web
Brendan Eich (Mozilla CTO and inventor of JavaScript)
?
4. WebRTC
Just another JS API
or
WebRTC is a new front in the long
war for an open and
unencumbered web
Brendan Eich (Mozilla CTO and inventor of JavaScript)
?
5. Once upon a time … browsers
(js-)applications
were sandboxed and
kept far away from
the hosting
computer’s
resources.
6. Once upon a time … browsers
(js-)applications
were sandboxed and
kept far away from
the hosting
computer’s
resources.
7. Browser Piercing (aka HTML5)
a Javascript Application cannot
➔ access the filesystem
➔ open f/d socket connections
➔ use graphics accelerator
➔ span multiple threads
8. Browser Piercing (aka HTML5)
a Javascript Application cannot
➔ access the filesystem → and then FileAPI
➔ open f/d socket connections → and then WebSockets
➔ use graphics accelerator → and then WebGL
➔ span multiple threads → and then WebWorkers
11. WebRTC … secure enough?
“… WebRTC has encryption baked right into
it; there's actually no way to send
unencrypted media using a WebRTC
implementation … both Chrome and Firefox
implement.”
12. WebRTC … secure enough?
But ...
“If the developers fail to carefully consider the
security implications of their choices, the
safeguards mandated by the specification will
not be enough to guarantee the security of
their WebRTC-based applications and the
users.”
13. WebRTC … secure enough?
Do not ...
“... it would be very easy to inadvertently click
on something that gave camera or microphone
control to someone I don't know and don't care
to know.”
Courtney Sato - nerd queen @ConstellationRG
14. WebRTC … secure enough?
See also:
WebRTC: APIs, Protocols and Security
Considerations - Part 1 / Part 2
WebRTC Security and Confidentiality
Security Considerations for WebRTC
WebRTC Security Architecture
15. WebRTC across platforms
● Chrome (mobile too)
● Firefox (mobile too)
● Opera
● Native Java and Obj-C
39. Our target
● getUserMedia: gives us real time stream from the camera
● we can draw the <video/> into a <canvas/>
● from the canvas we can extract pixel data getImageData()
and then elaborate.
40. Computing in the browser
goals
- Almost native performance
- Manage complex algorithms and applications
on the browser
41. Our target
cam WebRTC <video/>
canvas ImageData
UInt8ArrayGWT(NyARToolkit)mv matrix
WebGL OBJ Model
Loader3D Shaders
WebGL
video
effects
Video
42. Computing in the browser
constraints
- reuse existing code
- cross-browser (as much as possible)
43. Computing in the browser
our approach
- javascript as a target language (GWT)
- hand written optimized pieces of code
44. GWT
GWT Web Toolkit
- java to javascript (optimizing) compiler
- emulated jre
- widget set
- develop in java and execute in javascript
49. What’s next
Strategy
● use TypedArrays everywhere
● offload computation to the graphic
accelerator through WebGL
● help the JIT compiler/optimizer with asm.js