Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Mulongo oyo ekangemaki mpe etiyamaki na archive. Tuna motuna mosusu soki osengeli na lisalisi

WebRTC - IP Security leak with VPN

  • 4 biyano
  • 1 eza na nkokoso oyo
  • 8 views
  • Eyano yasuka ya John99

ice_blue
ice_blue
more options

Can someone please tell me that this security issue is being worked on? This is a serious problem. I don't know anything about programming but from what I have read, plugin developers are being forced to use WebRTC webextensions. But the issue is, WebRTC has a serious leak of exposing your IP when using VPN. Totally unacceptable and I can't believe Mozilla is ok with this. Us users need the ability to use both VPN and our plugins to defeat tracking and keep secured. Does any one have information about this high risk issue?

Can someone please tell me that this security issue is being worked on? This is a serious problem. I don't know anything about programming but from what I have read, plugin developers are being forced to use WebRTC webextensions. But the issue is, WebRTC has a serious leak of exposing your IP when using VPN. Totally unacceptable and I can't believe Mozilla is ok with this. Us users need the ability to use both VPN and our plugins to defeat tracking and keep secured. Does any one have information about this high risk issue?

All Replies (4)

ideato
ideato
more options

Hello ice_blue, unfortunately, mozilla will still support the underlying webrtc technology in the browser, even after Hello discontinued in Firefox 49.

please see : https://wiki.mozilla.org/Media/WebRTC/Privacy

from what i known, the vpn that is not affected by WebRTC, are : HotSpot Shield, IPVanish, CyberGhost, StrongVPN, ExpressVPN.

thank you

ice_blue
ice_blue Nkolo motuna
more options

Thanks for your reply ideato. I bookmarked the link.

ideato said

from what i known, the vpn that is not affected by WebRTC, are : HotSpot Shield, IPVanish, CyberGhost, StrongVPN, ExpressVPN.

It looks like you're saying that the IP exposure is the fault of the VPN provider and not Firefox. Do you have a link to a resource site to confirm this?

ideato
ideato
more options

Hello

ice_blue said

It looks like you're saying that the IP exposure is the fault of the VPN provider and not Firefox. Do you have a link to a resource site to confirm this?

No, the ip exposure is "fault" (not exactly the correct word) in firefox, edge, chrome and opera browsers that use technology like Firefox Hello (Web Real-Time Communication or WebRTC), this technology is not mature yet.

yes i have a link but it is in Greek language :-)

https://www.pcsteps.gr/109541-%CF%84%CE%BF-%CF%80%CE%B9%CE%BF-%CF%83%CF%84%CE%B1%CE%B8%CE%B5%CF%81%CF%8C-%CE%B3%CF%81%CE%AE%CE%B3%CE%BF%CF%81%CE%BF-vpn-%CF%83%CF%84%CE%B7%CE%BD-%CE%B5%CE%BB%CE%BB%CE%AC%CE%B4%CE%B1/

the above vpn providers use different technology than the others and because of that, does not affected by WebRTC.

see the screenshots

Υπέρ, means, Pros : Δεν επηρεάζεται από το WebRTC, means Does not affected by WebRTC

Κατά, means, Cons : Επηρεάζεται από το WebRTC, means, Affected by WebRTC

thanks again

John99
John99
more options

It is probably better to keep this to the original thread. Thanks for cross linking them Ideato.

It is also worth noting you are not forced to use WebRTC you are able to disable it.

We do not have Developers and security experts here. If you consider there is an unadressed security issue then you would be better asking in the Mozilla security forum.