I have some very basic queries on synapse and client communication. Thanks in advance.
I thought normal Android phones do not have secure storage with them (although some high end phones do have secure storage in the form of TEE). Right? So, how keys (if any) stored in android client are secured?
Where actually the keys are stored/located in matrix server and android/ios client. I could not get a confirmative answer on this.
How a normal android mobile phone is able to protect the key (without secure storage)? Does it use user's pattern or passphrase to protect it (which may provide weak entropy)?
Android Element can send data securely to Server using server side SSL, but how does the server sends data securely to Android client (without secure storage and hence without client side SSL)?
Related
Perhaps a bit of a silly question, but, is the traffic from/to firebase DB server compressed?
If so, what algorithm(s)?
What compression ratios are usually occurring, for plain-text data being sent/received by firebase client?
Does the compression have a noticeable impact on CPU usage on today's devices?
Does the client code have some control over this aspect?
Are there differences in that regard, between the Java/Android/Web/iOS SDK-s?
EDIT: also, on which communication/transport layer(s) does the compression occur?
The communication between a Firebase client and its Database Servers goes over a secured web socket connection. The data is not compressed.
You can easily see this yourself by accessing the Firebase Database from your browser and then looking at the network tab. It'll show you exactly what data is being exchanged and in which format.
This is an architectural question. I haven't implemented FCM yet, but as far as I understand someone needs to deploy an XMPP server in a real world scenario which provisions the inventory of the registered device tokens.
In my use case I'd like to just broadcast short messages about important update information, like "XY presenter's session at 15:00 got cancelled" and I'm not interested in the device tokens. My application is a Progressive Web App, so I would use FCM for Web.
The demos I saw so far showed a client receiving the device token, then that specific device token was picked up from the debug environment and used to send the demo message to the client - thus bypassing the need of a deployed stand-alone XMPP server, but just for demo purposes.
I'd want to avoid the use of an XMPP server, I'm not interested in dealing with the device tokens at all - if possible. Firebase's FCM/GCM server have them anyway. My plan is to pick a single topic name for that channel (the only topic what my app would use actually at this point), and push messages to the devices who listen to that topic. Is this a viable plan? I haven't found any mention of this whatsoever. Firebase knows all the tokens internally and it would make the architecture simpler if I don't have to deploy a server.
I don't know how the decomission/expiration of the device tokens would happen on Firebase's side, but that's another issue I'd have to deal with if I'll run my own XMPP server and provision tokens.
To send messages to a device (so-called downstream messages), you need to specify the server key. As its name implies, this key should only be present on a server or in some other trusted environment. So to send messages to devices you will need to run code in a trusted environment.
The server doesn't have to speak the XMPP protocol however. You can also just use HTTP to call the FCM servers. But a server will be needed, simply because sending downstream messages can only be done from a server.
For a simple example of sending device-to-device messages with this approach, see my blog post Sending notifications between Android devices with Firebase Database and Cloud Messaging. It's about Android, but the same approach of using the Firebase Database as a message queue will work across all platforms.
The tricky bit to map will be (as you already mention) the fact that topics are not available to FCM for the web yet. Last time I tested, you could call a server-side end-point to subscribe to a topic, like described in this answer: GCM: How do you subscribe a device to a topic?.
High Level Description
Let's say I have a client program (an iOS app in my specific case) that should communicate with a server program running on a remote host. The system should work as follows:
The server has a set of indexed audio files and exposes them to the client using the indexes as identifiers
The client can query the server for an item with a given identifier and the server should stream its contents so the client can play it in real time
The data streamed by the server should only be used by the client itself, i.e. someone sniffing the traffic should not be able to interpret the contents and the user should not be able to access the data.
From my perspective, this is a simple implementation of what Spotify does.
Technical Questions
How should the audio data be streamed between server and client? What protocols should be used? I'm aware that using something on top of TLS will protect the information from someone sniffing the traffic, however it won't protect it from the user himself if he has access to the encryption keys.
The data streamed by the server should only be used by the client itself, i.e. someone sniffing the traffic should not be able to interpret the contents…
HTTPS is the best way for this.
…and the user should not be able to access the data.
That's not possible. Even if you had some sort of magic to prevent capture of decrypted data (which isn't possible), someone can always record the audio output, even digitally.
From my perspective, this is a simple implementation of what Spotify does.
Spotify doesn't do this. Nobody does, and nobody can. It's impossible. If the client must decode data, then you can't stop someone from modifying how that data gets decoded.
What you can do
Use HTTPS
Sign your URLs so that the raw media is only accessible for short periods of time. Everyone effectively gets their own URL to the media. (Check out how AWS S3 handles this, for an excellent example.)
If you're really concerned, you can watermark your files on-the-fly, encoding an ID within them so that should someone leak the media, you can go after them based on their account data. This is expensive, so make sure you really have a business case for doing so.
I am trying to understand how exactly push notification services work.
Are these real push services with constant connection to server or just mimics by polling?
How does a server with heavy traffic maintain so many connections?
In general push notifications work both by establishing a long-lived TCP connection, or using long-polling. The maximum number of connected clients is determined by the server resources.
Take a look at the Socket.io protocol stack for an example. Or better yet, at the XMPP/Jabber protocol, which relies on TCP principally and falls back on long polling.
Fusio is correct. For mobile phones, a single push service is typically used (Google cloud messaging for android, Apple Push Notification Service for Apple/iPhone) to limit the amount of connections from the phone. 3rd party applications register to these services and push messages through them.
I want to implement push notifications to my client application working on windows mobile with compact framework 3.5.
For accessing remote data it uses servicestack/protobuf on the server (self hosted in my server application) and standard httpwebrequests (servicestack is not supported on CF) with protobuf on the clients.
My idea is to use httprequests with long timeouts, where connection is kept open and the notification sent as answer when available.
Considering less than 300 operating clients, my question, before starting to code this (and eventually fail miserably) is: is it acceptable for a servicestack selfhosted server to keep 300 connections continuously open? plus the "normal" opening/closing calls.
Thanks!