spreed icon indicating copy to clipboard operation
spreed copied to clipboard
verified publisher icon nextcloud

Show a warning when enabling "Open conversation"

Open Githopp192 opened this issue 1 year ago • 2 comments

How to use GitHub

  • Please use the 👍 reaction to show that you are affected by the same issue.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Steps to reproduce

Nextcloud Talk is a fantastic app. Thanks for the great work - very impressive. There would be a few precautions regarding security and privacy:

  • Hanging up calls: It happens again and again that participants in a call do not end the call (i.e. do not hang up).

Expected behaviour

  • If one party hangs up the call (unless it is a conf call), the other party should also be switched to inactive (= hang up call). This should at least be regulated by a timeout.

Actual behaviour

  • Hanging up calls: It happens again and again that participants in a call do not end the call (i.e. do not hang up).

This leads to the call remaining "open". If this happens unconsciously, the other participant or participants in this call can reconnect at any time - without the other participant ringing. Many concerned users have told me that this is exactly what happened to them and that there were very embarrassing moments when this happened.

For the people concerned, this was a very big problem in dealing with privacy and further trust in the Talk app.

Secondly

There is a setting: "Open conversation to registered users"

This setting means that in group conversations, any registered user in the cloud (i.e. anyone with an account) can "join" the call.

Some users were not aware that this setting was active (either set by themselves or not) and that suddenly unkown people in the cloud could read the chat. This also led to a breach of trust in the app for these users, who no longer use the TALK app anymore.

It is also clear that these users lacked a basic understanding - i.e. that there are two basic TALK conversations: one-2-one and group conversations.

Actual behaviour

Users who activate this flag (Open conversation to registered users) should receive a warning message that with this setting they explicitly allow EVERYONE within the cloud to participate in the call. There may be fine settings in the Group Folder/Circles area, but these would be under the admin's control

Talk app: spreed: 17.1.6

Custom Signaling server configured: yes/no and version (see additional admin settings: /index.php/index.php/settings/admin/talk#signaling_server)

Custom TURN server configured: yes/no (see additional admin settings: /index.php/settings/admin/talk#turn_server)

Custom STUN server configured: yes/no (see additional admin settings: /index.php/settings/admin/talk#stun_server)

Browser

Microphone available: yes

Camera available: yes

Operating system: Windows

Browser name: MS Edge (newest version)

Operating system: RHEL

Web server: Apache

Database: Maria

PHP version: 8.2

Nextcloud Version: 27.1.7

Githopp192 avatar Mar 07 '24 13:03 Githopp192

This leads to the call remaining "open". If this happens unconsciously, the other participant or participants in this call can reconnect at any time - without the other participant ringing. Many concerned users have told me that this is exactly what happened to them and that there were very embarrassing moments when this happened.

That is exactly why we have sounds playing by default when people join and leave a call. Terminating by default when someone else leaves might be trouble some on weak internet connections, etc where one of the parties has breaks/reconnects quite frequently, so we don't plan this at the moment.

Users who activate this flag (Open conversation to registered users) should receive a warning message that with this setting they explicitly allow EVERYONE within the cloud to participate in the call. There may be fine settings in the Group Folder/Circles area, but these would be under the admin's control

Kind of makes sense. CC Frontenders: Could use an NcNoteCard for that

nickvergessen avatar Mar 07 '24 15:03 nickvergessen

Yes, it makes sense to play sounds - the only thing to consider here is the risk of unwanted disconnections or the focus on privacy. I would focus on privacy because this is exactly what Nextcloud is all about.

Experience has shown that some users do not hear sounds or are not aware that only one party (usually themselves) is still in the call. Making calls that can be automatically accepted by the other party - without the other party being aware of this - can certainly be declared critical in terms of privacy.

Suggestion: Set a timeout that is relatively generous - let's say 10 minutes. That would at least be a compromise.

Githopp192 avatar Mar 07 '24 15:03 Githopp192