Project

General

Profile

Feature #11241

Feature #5709: VoIP support

Consider including mumble-server and mumble in Tails

Added by sajolida almost 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
03/15/2016
Due date:
% Done:

0%

Feature Branch:
feature/mumble
Type of work:
Discuss
Blueprint:
Starter:
Affected tool:

Description

So we know have a script to run a mumble server in Tails (#9993) and anonym got so excited that he wrote a branch to include it in Tails (#9993#note-13).

Having VoIP support (#5709) has been on our roadmap for years and this branch could solve this.

This ticket is meant to discuss whether:

  • Mumble qualifies as a good-enough VoIP solution for the use cases we want to support.
  • What needs to be done before the branch feature/mumble is good enough.

mumble-expose-cert-digest.png View (31.7 KB) anonym, 03/16/2016 01:02 PM


Related issues

Related to Tails - Feature #6222: Test OnionCat unidirectional mode for VoIP Rejected 08/08/2013
Blocked by Tails - Feature #9993: Write a script to start a Mumble server in Tails Resolved 08/13/2015

History

#1 Updated by sajolida almost 4 years ago

  • Status changed from New to Confirmed
  • Assignee set to anonym
  • QA Check set to Info Needed

I tested the build from feature/mumble and here are some notes. It definitely works but I find the user experience very rough. Let's see if we should improve it, document it, or advertize it for advanced users only.

  • The "Audio Tuning Wizard" of Mumble is super complicated. Could we preconfigure some settings to make it lighter? For example:
    • Device selection since we're in Tails and everybody will have PulseAudio.
    • Quality Settings if we think that Low is enough for our use cases.
    • Positional Audio if we think that this is not relevant for our use cases.
    • Submit anonymous statistics if we can skip this screen to make the setting faster. Statistics from Tails would anyway spam their stats with tons of redundant data.
    • Certificate Authentication if we think that Automatic certificate creation is a good default for us.
  • Then when connecting to a server the certificate verification is quite messy. People have to check the fingerprint by hand and they have different formats. Could we do the verification differently? Skip it? Advertise it as optional?
  • Should we have a persistence feature to save the mumble settings? But then the servers are meant to be ephimeral...

#2 Updated by sajolida almost 4 years ago

And regarding persistence of the server itself:

  • Do we want to offer only ephimeral servers?
  • Do we want to allow configuring a new mumble server if people want to have different conversations? Otherwise do they have to restart?

#3 Updated by sajolida almost 4 years ago

  • Blocked by Feature #9993: Write a script to start a Mumble server in Tails added

#4 Updated by sajolida almost 4 years ago

Also, we said we wanted to get rid of bach scripts and this is bash :)

#5 Updated by segfault almost 4 years ago

Do we want to offer only ephimeral servers?

I think we should at least offer to store the configuration. And maybe also the onion address. I think it makes it more usable if the admin doesn't have to spread a new onion address after every boot.

Do we want to allow configuring a new mumble server if people want to have different conversations? Otherwise do they have to restart?

That would also be a nice feature.

#6 Updated by anonym almost 4 years ago

sajolida wrote:

I tested the build from feature/mumble and here are some notes. It definitely works but I find the user experience very rough. Let's see if we should improve it, document it, or advertize it for advanced users only.

  • The "Audio Tuning Wizard" of Mumble is super complicated. Could we preconfigure some settings to make it lighter? For example:
    • Device selection since we're in Tails and everybody will have PulseAudio.
    • Quality Settings if we think that Low is enough for our use cases.
    • Positional Audio if we think that this is not relevant for our use cases.
    • Submit anonymous statistics if we can skip this screen to make the setting faster. Statistics from Tails would anyway spam their stats with tons of redundant data.

We can either show the complete wizard with some preselected settings, or not show it at all and then have users depend on our static configuration. Since we use pulseaudio, I think this should work in the vase majority of cases (otherwise audio is probably broken in the rest of Tails). We can document the users may need to go Configure -> Audio wizard or Configure -> Settings -> (Audio Input or Audeio Output) to fix volume levels.

  • Certificate Authentication if we think that Automatic certificate creation is a good default for us.

It can be silently auto-generated.

  • Then when connecting to a server the certificate verification is quite messy. People have to check the fingerprint by hand and they have different formats. Could we do the verification differently? Skip it? Advertise it as optional?

Agreed.

I wrote a very simple patch that adds a more readable version of the fingerprint to the initial SSL error prompt:

It will also show both the actual and expected fingerprints if there's a mismatch, for whatever reason (this is unlikely to be a problem for .onion:s, but it makes sense upstream, I guess).

If I can upstream it, is that good enough for you?

  • Should we have a persistence feature to save the mumble settings?

I don't see it as strictly necessary, but I think it would be nice.

But then the servers are meant to be ephimeral...

IMHO we should allow both ephemeral, throwaway server (when the Mumble Server persistence preset is disabled) and persistent servers (when the preset is enabled).

Do we want to allow configuring a new mumble server if people want to have different conversations? Otherwise do they have to restart?

This sounds like overkill. Besides, Mumble servers supports different channels, for separate conversations. I think the admin user is needed for that though, so if we want to support it, we need to generate (easy) and communicate the administration password in addition to the normal password (bloat!).

Also, we said we wanted to get rid of bach scripts and this is bash :)

Yeah, yeah. That branch isn't merged yet, and who knows when it will be? :)

#7 Updated by sajolida almost 4 years ago

  • Assignee changed from sajolida to anonym
  • QA Check set to Info Needed

Now that the Tails Server GSoC got approved and we have a clear plan on how to allow starting this kind of services in Tails in the relatively near future, I'm pretty much against introducing such a quick fix and extra packages in Tails outside of the GSoC.

anonym: What do you think? If you're still in favor of this I suggest adding to the agenda for the next monthly meeting.

#8 Updated by anonym almost 4 years ago

  • Status changed from Confirmed to Resolved
  • Assignee deleted (anonym)
  • QA Check deleted (Info Needed)

sajolida wrote:

Now that the Tails Server GSoC got approved and we have a clear plan on how to allow starting this kind of services in Tails in the relatively near future, I'm pretty much against introducing such a quick fix and extra packages in Tails outside of the GSoC.

anonym: What do you think? If you're still in favor of this I suggest adding to the agenda for the next monthly meeting.

I 100% agree => rejecting. Likely we'll want to open a new ticket about including the Mumble client (but not the server part) in Tails once the Tails server is done.

#9 Updated by anonym over 3 years ago

#10 Updated by Anonymous over 2 years ago

#11 Updated by Anonymous about 2 years ago

  • Related to Feature #6222: Test OnionCat unidirectional mode for VoIP added

Also available in: Atom PDF