You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
AFAIK, the wyoming protocol currently does not encrypt traffic, nor does it confirm the authenticity of any connected peer, nor does it have any authorization controls.
For the privacy-minded, which this project caters to, there should be some way to secure communication between wyoming nodes.
I think this is a good starting point for discussion:
Encryption. Given that many installs are likely in local environments, without proper SSL certificates set up (which is another issue, but another story), an automatic key exchange is probably favorable.
Authentication. See above - could work hand-in-hand.
Authorization. Control which node (since we now know who we are talking to) can control which features.
There should be a minimum separation between privacy-related and non-privacy-related activities.
e.g.: Streaming audio in either direction, privacy-related. Deciding if streamed audio is a wakeword: Likely not as important.
AFAIK, the wyoming protocol currently does not encrypt traffic, nor does it confirm the authenticity of any connected peer, nor does it have any authorization controls.
For the privacy-minded, which this project caters to, there should be some way to secure communication between wyoming nodes.
I think this is a good starting point for discussion:
There should be a minimum separation between privacy-related and non-privacy-related activities.
e.g.: Streaming audio in either direction, privacy-related. Deciding if streamed audio is a wakeword: Likely not as important.
See also a related discussion here: rhasspy/wyoming-satellite#144 (comment)
Keep in mind that I am no security expert, so take the ideas above with a grain of salt.
The text was updated successfully, but these errors were encountered: