REVscene Automotive Forum

REVscene Automotive Forum (https://www.revscene.net/forums/)
-   Computer Tech, Gaming & Electronics (https://www.revscene.net/forums/computer-tech-gaming-electronics_32/)
-   -   Websites can now use WebRTC to determine your local IP address (https://www.revscene.net/forums/701405-websites-can-now-use-webrtc-determine-your-local-ip-address.html)

thumper 02-07-2015 01:57 PM

Websites can now use WebRTC to determine your local IP address
 
so this happened recently:

https://www.reddit.com/r/VPN/comment...etermine_your/

is this something i should be worried about for security and privacy issues?

willystyle 02-07-2015 04:17 PM

Yes, so try to disable it if you can.

Correct me if I am wrong, but I don't believe websites can access your location via. your browser without your approval. You need to click 'Allow' or 'Deny' before the website can determine your location.

EDIT: I retract my statement. This has nothing to do with WebRTC.

punkwax 02-07-2015 05:12 PM

So all the girls in the ads really are from Surrey!?!? :ahwow:

:troll:

willystyle 02-07-2015 05:57 PM

1 Attachment(s)
Quote:

Originally Posted by punkwax (Post 8593157)
So all the girls in the ads really are from Surrey!?!? :ahwow:

:troll:

That has nothing to do with WebRTC.

EDIT:

Quote:

Originally Posted by thumper (Post 8593098)
so this happened recently:

https://www.reddit.com/r/VPN/comment...etermine_your/

is this something i should be worried about for security and privacy issues?

I just followed your instruction and installed the Chrome extension (WebRTC Block) on my browser, and IT DOES NOT WORK!

I did a WebRTC test while running PIA VPN using a link provided by one of the comments on Reddit: https://diafygi.github.io/webrtc-ips/

My External IP address, Internal IP address (LAN IP Address), VPN IP address, TAP Server IP Address are ALL EXPOSED!


This is a MAJOR SECURITY LEAK!!!

Info blurred cause it's actually my real IP's.

EDIT2: Just did another WebRTC test with a link provided by WebRTC Block (https://www.browserleaks.com/webrtc). For this test, it says WebRTC is disabled on my browser, but I believe their test is faulty as I am still leaking mad with this link (https://diafygi.github.io/webrtc-ips/).

EDIT3: Apparently this security leak ONLY AFFECTS WINDOWS USERS. OSX, and Android users are safe.

EDIT4: SOLUTION: For Chrome users on WINDOWS, install Scriptsafe (https://chrome.google.com/webstore/d...hbdbdgdf?hl=en) to block WebRTC requests. This was intentionally put in by Google, without an official method to disable it.

EDIT5: I'm switching to Waterfox (has a built-in feature to disable it). The fact that Chrome doesn't have an official way to disable it troubles me. It's not ONLY the VPN address that's leaking. All of my IP addresses are leaking, if shit hits the fan, they can trace directly to my desktop computer that I am using.
EDIT6: Without ScriptSafe extension installed on Chrome, it also leaks on Chromebook as well.


All times are GMT -8. The time now is 05:10 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
SEO by vBSEO ©2011, Crawlability, Inc.
Revscene.net cannot be held accountable for the actions of its members nor does the opinions of the members represent that of Revscene.net