Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

How to disable recording feature?

Help
Jay
2012-05-02
2012-10-30
  • Jay
    Jay
    2012-05-02

    Is there such a way to do so internally? .ini config?

    or must I compile from source and remove the lines of code for the recording
    button?

    (and yes muting is not enough)

     
  • fwaggle
    fwaggle
    2012-05-02

    Do you mean to stop yourself recording, or to stop someone recording you?

    If it's the latter, there really is no way. I don't mean that in that "this
    feature doesn't exist yet", it's that "it's impossible to do, so we don't even
    try, because that would give people a false sense of security."

     
  • Jay
    Jay
    2012-05-02

    I mean in the context that I'm a mumble admin and would like users not to have
    the option to record within the application. Yes is impossible to have a third
    party program recording the audio channel but what I mean is at the very least
    remove the icon or "hide" it from users to have easy access from within
    mumble.

     
  • fwaggle
    fwaggle
    2012-05-02

    Correct, there is no way. We keep the recording function available, un-
    molested, because at least that way other users are notified when someone's
    recording (hacked clients or 3rd party apps notwithstanding).

     
  • Jay
    Jay
    2012-05-02

    Be the admin

     
  • Jay
    Jay
    2012-05-02

    What I mean to say, notifications are good but recording still take place.
    There should be enforcement of recording restrictions. Even ventrilo does this
    via a quick checkbox option. It shouldn't be hard to implement... and would
    help protect mitigate unsolicited recordings.

     
  • It's not hard to implement and we accept patches if someone really wants that
    feature, but it's not possible to prevent older clients from recording (you
    could kick them if you wanted to...).

     
  • Jay
    Jay
    2012-05-02

    it should be done. A little security is better than no security. There is
    already a general sense of false security on the internet where so much can
    happen and so little that we are aware of. I feel that this idea to enforce
    privacy on Mumble will go a long way for the privacy of it's users...

     
  • Philip Cass
    Philip Cass
    2012-05-02

    "There is already a general sense of false security on the internet where so
    much can happen and so little that we are aware of."

    I agree with this, but I feel your conclusions are erroneous. The point is, it
    is literally impossible to prevent recording - it's a clientside only thing
    that need not notify the server at all. The current system allows unrestricted
    recording, but sends out a message telling people. If you restrict recording,
    people will either switch to what-u-hear style approaches, or someone will
    make an altered client that ignores the restriction and doesn't notify people.
    Thus, recording restrictions are false security - they don't actually prevent
    recording from taking place, they just drive it underground.

    At least with the current system, people are dis-incentivised from creating
    such a malicious client, since they can record anyway.

     
  • Jay
    Jay
    2012-05-02

    Yeah removing the recording feature will drive it underground but that is more
    security than doing nothing at all about it. Regardless, we can agree someone
    may always compile an altered client in any scenario. The attacker will always
    get away with recording via a modified client or using third party recording
    software BUT removing the recording feature from being so easily available
    inside Mumble or having an option to hide client side/restrict it server
    side... at least creates a deterring agent and more work for those that want
    to do unsolicited recording.

    I still feel that in the best interests of worldwide user privacy the
    recording feature must be restricted instead of leaving it alone for all to
    use. We can still keep the notification for unmodified clients in place but
    recording should be restricted more or an option in the *.ini to hide it.