Authentication on meet.jit.si

2GB RAM for idling isn't what I would call "not that much memory" :)

2GB of RAM would basically make it the largest VPS I rent. It's a pretty beefy server, IMHO.

This gets worse if you only have a few calls per month. The cost and management overhead doesn't scale at all.

> does not need me or my friends to create $BIGTECH account.

So, who is the OAuth provider?

Glad to hear it’s gotten easier to run, back in peak covid times it was absolute nightmare fuel to self-host when it came time to update it. Even self hosting email is easier than Jitsi was at that time

My guess would be pornography. That seems like the most obvious use of a video calling service, and something that would cause them to run afoul of various legal requirements (e.g. age verification / records keeping).

Given what they provided you can be sure it involved stuff like CP, human traffican, forced prostitution.

All things you don't want your company to be associated with so you don't name it.

If it would just have been things which are illegal but not that problematic like copyright violations or a bit of (legal, non forced) porn they might have spelled it out.

Child pornography, ISIS, Wagner, Cartels, there's plenty of candidates that you really don't want to name in public.

Bet you dollars to donuts its CSAM

just remember some ways in which Zoom was used.

> Requiring a login puts them at a level of "why not just use Google Meet?" to me [...]

Because... it's not Google? For some people that may be a plus.

There are a number of instances hosted by others, see for example:

https://pads.ccc.de/jitsiliste

Is there possibility to turn it off in self hosting?

I hosted my own instance once via digital ocean; they have a preconfigured vps droplet that works pretty much instanously

Only the creator needs to have an account, not all users. If you like jitsi or don't want google, etc, then just start it and nobody else needs an account.

Peer to peer doesn't really work for group video calls, like more than 5 or so participants. As n goes up, each peer is sending n video/audio streams and receiving n video/audio streams. This will quickly saturate your/your peers network and burden your CPU doing video encoding.

Suffice it to say there are other things you can do besides just a central relaying server, but it's the most common architecture.

For obscurity (and some security) reasons.

My ISP supports ipv6 and i have it configured - however their software on the router/AP is bad and does not allow setting up a firewall for ipv6. This is inherent with ipv4 NAT (with uPnP disabled). So it forced me to use my own router - still the interface for ipv6 firewall is non-existent, but at least i can write firewall rules manually.

Why do I need firewall on router? Because devices on my network have services open on all interfaces - For example "smart" weather station has web service open for all to see. This is absolutely non-issue when only using ipv4 behind NAT.

Another issue is revealing of internal network topology to outside world - this is something that NAT hides really well.

STUN, TURN servers, NAT hole punching, proxies for especially unlucky situations, connection setup helper to allow finding people using human readable ways, trans-encoding of video if necessary because of different platforms working only well with different codecs, in case of many people meeting full p2p between all people also can be an issue (bandwidth and keeping them in sync)

Through a lot of their code isn't being a middleman but making the video streaming on all clients work, which is easy for some MVP hobby project but hard to make it actually work reliable across the many different devices and software versions used in the wield.

Then there are features like noise filters, background video filters etc.

Don't forget battery life, roaming, discoverability etc.

The days of everybody having exactly one computer with a rarely-changing IP address are over. These days, most people have a phone which changes its IP address a few times a day (when you leave your house and switch from WiFi to cellular and then go back.) If you wanted to be directly reachable, you'd need to share these changes publicly, which would make it pretty trivial to figure out when you leave home, who you visit, which cafes with free WiFi you frequent and which countries you go to for your business trips. The stalking potential here is enormous.

I reckon it’s also expensive to stream your audio/video to N different participants in a peer-to-peer fashion.

> Also, why exactly did we introduce IPv6 again?

I sure wish my (small, rural) ISP finally did. They're still "evaluating" it.

At least one part of the problem is the WebRTC design. It requires a middle man (or side channel) for session initiation. You can't host a static website that does WebRTC between peers because you can't just input an IP+Port to connect to a peer like you can do with real end-to-end protocols.

You don't.

https://github.com/miroslavpejic85/mirotalk

It's even faster for 1 on 1 conversations, but as others said, if there are too much participants it will be slower.

Capitalism.

The demise of end-to-end connectivity brought on by NAT was a boon to capitalists who can now be middlemen and charge rent for it (either in the form of money or "engagement" aka advertising/spam, tracking, etc). They aren't particularly interested in going back to the old standard even if we now have the technology to do so.

Software that can take advantage of end-to-end connectivity is nowadays very rare, so even if tomorrow we magically had full IPv6 deployment worldwide, not much software would take advantage of it and I'm not sure there would be any commercial pressure to develop it.

Even if your Mac and iPhone had IPv6 and were end-to-end connectable, Apple would rather have you use FaceTime with an Apple account rather than just type in the IP address/DNS of the other side and call them directly. Same with all the other tech companies.

That's a nice perk! According to their site: Annual Associate Member - $USD 120.00

> Only the first user needs to be authenticated

Is it the first user to join the meeting (so it could be the host or a guest)? Or is it the person who created the room (and may likely be the first person to join the room)? I’m glad to get this answer here, but it’d be useful to document this on your help or support pages and share the link as well.

You could self host it

I guess those services already treat identity seriously, making a trade off where you swap some end user privacy for a free as in beer system that on the whole tries to prevent sock puppet accounts.

They need login to effectively ban people.

Using email login doesn't archive that (and is more work).

Using providers like Facebook, Google, GitHub is good enough, through e.g. in case of GitHub definitely not perfect. But good enough is good enough.

I just which there would be more anonymity protecting *independent* auth providers you could widely use (which still could allow you to properly ban someone).