Reporting vulnerabilites (became a bug reporting topic)

Which email address should we report vulnerabilities to? I don’t think posting them publicly on forums would be much appreciated

I send that here because I can’t make any more topics for today.
Here’s a list of bugs in Abeedesk:

  • Size of each user’s stream sucks, we can’t see it fully ;
  • Phone version can’t see chat ;
  • The whiteboard doesn’t work anymore ;
  • There’s a way to unlock any room (with a bit of code) ;
  • There are ways to kick people out of rooms (with some of code) ;
  • People get kicked out of rooms for no reason ;
  • Sometimes nobody can join any rooms any more ;
  • There are ways to flood the chat, so much that it crashes Abeedesk entirely ;
  • I don’t even see users’ nicknames if I don’t enable my microphone ;
  • Some “ghosts” users appear in the peers list, even if they don’t exist, making the room max user limit even lower ;
  • The whiteboard (when it was still working) was horrible to use.

There are for sure other bugs I haven’t found yet, or that I’ve forgotten.

Fix your app.
Imma go use Zoom.

1 Like

Hey @hi-therealone,

  • The stream size may change depending on the number of concurrent users.

  • The mobile version will be developed at a later time.

  • The whiteboard works but in a different way. The whiteboard activation button is located in the top bar, next to the unlock button.

  • In order to unlock a room you need to know its name, which is not that easy.

  • Kicking people out of the room - a bug, we’re going to look into that.

  • We are aware of this, however, we are not sure yet what causes it.

  • Chat - it may be caused by too many characters.

  • A bug - we’ll look into it.

  • A bug - we’ll look into it.

  • The whiteboard - we wanted to see if anybody would use it at all, given that the screen sharing option is available.

Thanx a million for your feedback!

Merry Christmas!

Thanks for the answer!

I’d prefer being able to see the stream of each user fully (well, everyone does).
I didn’t realize that there was now a button to enable the whiteboard, thanks.
Many room names are not very complex, and usually guessable or findable in popular wordlists found on Internet. People shouldn’t have to use a complex room name to prevent people (outside of the room) from unlocking it. It’s indeed a bug, which should be fixed.
Kicking people out of the room is due to a listener reconnecting the user once a SYSTEM_ERR event is received, emitted when another peer sends invalid candidate packets (such as null).

I really hope that all of these problems will be fixed!
Merry Christmas,

hi-therealone (that’s also my snap username, in case any girl’s checking the forums lol)