Chrome and Firefox give real IP address VPN user price via WebRTC




Through the protocol WebRTC let Chrome and Firefox the IP addresses of drain VPN users to websites. This can happen in the background. Browsers other than Firefox and Chrome do not suffer from the privacy issue.

Who uses a VPN connection to be used to hide his identity will be disappointed if he Chrome or Firefox. WebRTC has the support of both browsers means that websites can still read the identity of the user using javascript, warns researcher Daniel Roesler, a proof-of-concept made.

WebRTC is a standard that allows users to communicate via video and audio files or send late without plug-ins are required. To make that possible, it may be necessary to find out someone’s real ip address. Chrome and Firefox offer that functionality, but which can thus be misused to identify a person who uses a VPN connection. Before a website need to use any javascript code.

Both the desktop versions of Chrome and Firefox as the Android version of Chrome are susceptible; the Android version of Firefox does not seem to be vulnerable. The potential privacy breach can only be countered by disabling WebRTC. Firefox can do so via about: config; Chrome users can simply disable the functionality with an extension . The Chrome version of Android, however, does not support extensions. Gate, which comes with Firefox is not susceptible.

The loophole is, moreover, only abuse if the VPN connection is running locally; otherwise the browser to the “real” IP address does not know. Running the VPN connection from the router, then the IP address of the user at the provider does not find out.


In: Technology & Gadgets Asked By: [15536 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »