Skip to comments.WebRTC Leak Vulnerability – SOLVED (For all Browsers)
Posted on 04/01/2019 4:31:27 AM PDT by Texas Fossil
When discussing online privacy and VPNs, the topic of WebRTC leaks and vulnerabilities often comes up.
While the WebRTC issue is often discussed with VPN services, this is in fact a vulnerability with web browsers Firefox, Opera, Chrome, and Brave.
So what is WebRTC?
WebRTC stands for Web Real-Time Communication. This basically allows for voice, video chat, and P2P sharing within the browser (real-time communication) without adding extra browser extensions further described on Wikipedia here.
While this feature may be useful for some users, it poses a threat to anyone using a VPN and seeking to maintain online anonymity.
The fundamental vulnerability with WebRTC is that your true IP address can be exposed via STUN requests with Firefox, Chrome, Opera and Brave browsers, even when you are using a VPN.
Daniel Roesler exposed this vulnerability in 2015 on his GitHub page, where he stated:
Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console or able to be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking if an advertiser sets up a STUN server with a wildcard domain.
Just like with browser fingerprinting, the WebRTC issue is a vulnerability with web browsers..>.
(Excerpt) Read more at restoreprivacy.com ...
Simply upgrading from Debian 8 to Debian 9 is not a simple process, so I did the next best thing and upgraded all of what was available for Debian 8.
But when I upgraded the Firefox browser I found a lot of instability that I did not have before. I had no active plugins (I thought).
In my search for a solution to that I stumbled onto a security issue related to WebRTC. What is that? Looks like a programmers nightmare to me now. It is said to be an improvement allowing java script from one computer to another. But it appears it makes even VPN connections vulnerable to being viewed by a simple java attack.
So I followed the instructions on this page and it seems to have fixed my recent crash issue. I edited the about:config in Firefox and disabled WebRTC. It is a little early to be sure, but I've been planning to add VPN to my connection when I get moved to the farm in the near future. If VPN is not secure because of WebRTC, we should at least know about it.
Any opinions of the merit of this type of software?
Thanks. For later.
Do you have an opinion about WebRTC security issues?
How do you handle the STUN queries?
Use the M.O.O.S.E interface
“WebRTC. Apart from opening up a whole can of worms security/privacy-wise, “Web Real Time Chat” (comparable with Skype video calls and the likes) is not considered useful or desired functionality for Pale Moon (both according to the developers and the users of the browser at large). This is best left to dedicated programs or at most a browser plug-in.”
Sending data on the internet is STILL like shouting it from the street corner... so be careful.
*PING* to your respective lists.
I stopped using Windows long ago.
Still have 2 Windows machines in my house.
I keep one of them for referencing things my wife checked on it.
Security in general is better using Linux, but some changes are going on with Firefox and security in general that affect both Windows and Linux systems. Get error message of “wrong user name or password”. When I go to Internet Explorer under the Windows machine it logs in fine.
I have found my old email provider will no longer work under Firefox under Windows or Linux.
The login handshake has changed. Have not fixed that yet.
I will have to make some changes on my Debian 8 machine to install Palemoon. I looked at it. It suggested an actual upgrade to Debian 9, which has some issues that will have to be manually worked around. Right now don’t have the time for along project.
Thanks I will not forget “Palemoon”. I’m taking my security more serious lately and plan to add VPN soon.
Yes, sir. I’m aware and totally sure you are correct.
The vulnerability you posted in this thread is a good example of how platform-independent applications carry potential problems everywhere.
With regard to Windows, I have multiple Win7 instances, of which all but one are VMs; the exception is a dual-boot (BootCamp) on my Mac. They're for running Windows-only applications -- I don't use them for internet access other than updates. My internet work is done primarily on MacOS and Linux (CentOS and Ubuntu), but that's mostly because a lot of my real work is done at an SSH xterm, which are properly integrated into those platforms; none of the third-party bolt-on xterm/SSH solutions for Windows are nearly as handy for my work.
I've been using Palemoon for a few years now. Never looked back when Mozilla went to the dark side. But while we're on the subject of VPN, can anyone suggest a good one because with the heightened sense of security going around now I'll be looking for now one.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.