07 Mar Using WebRTC to transfer private data
WebRTC is best known for its video and audio chat capabilities, but a number of WebRTC pundits have been predicting for a while that the most revolutionary WebRTC apps will be more focused on the Data Channel. Recently I heard about Glirup, and it’s a great example of a creative use of the WebRTC Data Channel.
Imagine that you have some piece of information that is very private to you, but you need to transfer it to someone else over the internet. Perhaps it’s a copy of your passport, a bank account number, or medical information. Sending that by email is not secure. You could use Dropbox, but there’s still that little voice in the back of your head wondering “What if Dropbox gets hacked?” Out there on some company’s servers is your data, just sitting there.
Instead, imagine transferring the file directly from your computer to the person you want to see it, with no intermediary server involved. Directly peer to peer. Oh, and encrypt it in transport too, just for extra security.
That is exactly the sort of thing possible with WebRTC, and Orfeo Morello has built an interesting app called GLIR-UP which allows you to do just that. I became aware of GLIR-UP because of this article that Orfeo wrote on Medium about using GLIR-UP to transfer medical data. I didn’t quite get it at first, but I saved the link and came back to it later.
This is how the GLIR-UP home page summarizes what it does:
Sounds cool, but Orfeo is a much smarter person than me obviously, because I had to think for a minute “what the heck does ephemeral mean?”. Thank you Google….
Of course! Ephemeral is something that is fleeting and transient. This is starting to sound very cool … I am transferring the data to someone else over an encrypted peer-to-peer WebRTC connection, and then that data is going to disappear if the other person doesn’t download it to their computer. I don’t have to worry about any servers or hackers in the middle, and it’s not going to be permanently archived in my gmail account or on some server backup.
It sounds cool, so I had to give it a spin. Here are steps, as outlined on the GLIR-UP site:
Seems pretty easy, so let’s take a look at it in action…
When you click on the “Use it for Free” link from the home page, you immediately go to a page to upload your document. No user account or other login is necessary … this tool is all about privacy and just gets you straight to the point. I uploaded a PDF document containing a screen shot.
When I take that URL and look at it in another browser, I can see what my colleague would see.
This is cool! Both users have to be in a WebRTC enabled browser of course, otherwise you’ll get a message like this when I tried to open the same URL in Safari:
But here’s the coolest part. Now that I was sure what the word ephemeral means, I had to test if this link truly was fleeting. I closed my original browser where I had uploaded the file. That browser was the one that contained the “web server” where the file could be transferred via WebRTC’s Data Channel. Then I took the same URL and pulled it up again in a new browser…
It’s gone! I have no fear of leaving the auto generated GLIR-UP URL’s in this article, because as soon as I closed that browser, there was no way any of you can get to the same document I had uploaded to it.
GLIR-UP is a very simple and interesting application of the DataChannel, and Orfeo may be on to something big here. That shouldn’t be a surprise, this is not Orfeo’s first product utilizing WebRTC. He also built SecretlyMeet.me, a “line for your private encounters” using WebRTC. Tsahi Levent-Levi had an interesting interview with Orfeo about this product in the past.
Not to leave out the more well known parts of WebRTC, it is also possible in GLIR-UP to have an audio conversation with the person you transferred this file to, but the real focus of this app is all about the Data. And all about privacy and security, just as it should be.
What are you building with WebRTC? If you’ve got an interesting framework or application of WebRTC or other real time technologies that you want to share with us, or if you need help with building your WebRTC application, drop me a line at firstname.lastname@example.org.