WebRTC vulnerability

[ritterralf 1]

For Wlan users this could be interesting:

 

http://html5demos.com/geo

 

 

The test determines your location so well that Mr. Obama could send you a drone although you` re connected with VPN .

In Firefox helps:

 

About: config      geo.enabled.false

About:config       geo.wife.uri.false

[TunnelRat 0]

Just a friendly update for those Chrome users...

 

CyberGhost WebRTC-Leak Protection Extension has been updated: 1.1 (26.02.15) Updated protection to protect for latest bypass tricks

 

https://chrome.google.com/webstore/detail/cyberghost-webrtc-leak-pr/fcacplgecnjoapkgbbfdijidojncpijc?utm_source=chrome-app-launcher-info-dialog

[Guest JWW]

Yes, and they'll have to do this more and more frequently as the WebRTC exploit changes. You'll need to check that it works on a daily, if not hourly basis. The vpn.av 'WebRTC Stopper' extension that did work until yesterday has been withdrawn by the developers for this very reason. They are currently llking at the possibility of developing a more robust solution. Meanwhile I'm dropping Chrome and returning to Firefox where at least you can turn WebRTC off.

[hangpang 1]

What about for android use ?

 

How do we fix it ?

 

Will Eddie work on android ?

[Hades666 1]

I strictly utilize Safari Browser for Windows and it's Good To Go, no leaks and no worries. 

 

Safari is a nice browser, but sadly enough it hasn't been updated since end of 2012 for windows and it won't recieve any more updates. So there should and will be some securities issues. I've just switched to Firefox altho I don't like that browser that much.

[DanielJackson 0]

WebRTC leak is specifies for Chrome and Firefox but;

Do we know of WebRTC leaks with "µTorrent , BitTorrent ..." and "Emule , amule ..." ?

I think P2P is based WebRTC or am I wrong?

Thank you to enlighten me

[Corsair28 8]

 

Hello @JWW,

 

Eddie's "Network Lock" works on every browser and every program because it solves the Windows problem at its roots. What you cite is a Chrome extension, unrelated to VPN or other services. It can't prevent WebRTC leaks from other than Chrome programs. Currently we do not have developers for browsers extensions, but who knows, it could be an idea. Anyway, good to know that such an extension now exists. Previously available extension did not work properly.

 

Kind regards

 

Sure, NL covers any browser, but there are issues with it that I personally don't like, plus it still reveals my Air IP, local IP and TAP Adaptor IP. Now, although that may not be a major issue (?) and as a Chrome user, I'd rather take advantage of an extension that blocks the lot!

 

I looked at their info page after you replied and I can see that their new Chrome extension 'WebRTC Stopper' was released today. That wasn't there yesterday, so what I'd installed was their VPN / Secure Proxy extension which includes the same WebRTC blocking functionality. 'WebRTC Stopper' however is neat, works, and successfully replaces the defunct 'WeRTC Block' extension that's now broken. Maybe you could update your info post on this and point people at 'https://chrome.google.com/webstore/detail/webrtc-stopper/mfehokchlmjlkmlgjhkmlpcldcbcooec'

 

Thanks.

 

EDIT: Cyberghost have also released one today that works:

 

https://chrome.google.com/webstore/detail/cyberghost-webrtc-leak-pr/fcacplgecnjoapkgbbfdijidojncpijc?utm_source=chrome-app-launcher-info-dialog

 

Be nice to see one from AirVPN - just to show you care ;-)

 

It appears the developer is no longer making this as the extension has been taken down.  The link on their site send you to download WebRTC block from here --> https://chrome.google.com/webstore/detail/webrtc-block/nphkkbaidamjmhfanlpblblcadhfbkdm

[SpeedAccuracyTimingTargets 0]

The WebRTC block extension is NOT working in Flashpeak's Slimbrowser at this time, and there is no way to disable WebRTC device enumeration in chrome://flags either with this particular browser. ScriptBlock and ScriptSafe work as along as you never allow a website to use javascript which is pretty unreasonable for just general browsing.

 

I just got through verifying this at http://ipleak.net/. When I allowed the use of javascript it gave up my real IP and my router's IP.

 

Curiously, what did work was PeerBlock. I have http allowed, so that I'm able to browse without having to allow access on a site by site basis (several block lists block advertisers/spammers etc and this hamstrings one's browsing experience and appears to be unnecessary to block the WebRTC vulnerability). I'm also using about 20 block lists too so I can't be sure which is blocking access to the STUN servers without disabling them all and enabling them one at a time so YMMV.

 

The other browser I use is Torch browser (a Chrome variation like Slimbrowser) with WebRTC device enumeration disabled and the WebRTC block extension installed and it does not leak my IP address when I allow javascript with ScriptBlock even with PeerBlock disabled.

 

I did try to use the network block function in AirVPN's Eddie client but it didn't work since Windows Firewall is currently disabled.

 

Additionally, I use the Location Guard extension in both browsers and it works perfectly to circumvent geolocation. With that extension one can place their "location" anywhere on the planet. I do realize one can disable geolocation but I've found deception to be a better option.

 

I also use use the IPfuck for Chromium extension (apologies -- I didn't name the extension!) and it generates random IP addresses apparently by faking the use of proxies with http headers -- this works in both browsers when tested at the http://ipleak.net/ site. Reloading that page changes my IP in the Forwarded For section every time I do it.

 

FWIW I've set up Comodo Firewall to only allow internet access through AirVPN -- if I lose my connection (which has not been a problem in a very long time!), my internet access is completely disabled. I block ipv6 traffic in Comodo and have it disabled in Windows 7 as well. I've also been using the AirVPN DNS servers. In utorrent, I use the net.bind_ip and net.outgoing_ip functions as a redundant kill switch so if I lose the AirVPN connection, utorrent is unable to access the internet.

 

 

Hope this info helps.

[PortlyNinja 17]

@ JWW "Be nice to see one from AirVPN - just to show you care ;-)" 

 

I would say Network Lock is more than good enough.Like Staff said extensions only help in the browser where as Network Lock or good firewall rules protects the whole system. I do wonder how many other quirks of the operating systems there are that leak our IPs or personal info. Me i just leave my PC in the garden put voice recognition on  and shout at it out the windows. Works for me but i do get some funny looks.

[CPU 0]

You also need 'Check if the tunnel use AirVPN DNS'.

 

I had the same problem with Win7 and it work well now, but sometimes connection isn't established and i need to close and restart eddie. I'm thinking to replace dns in my router with airvpn dns:

preferred 10.4.0.1

alternate  10.5.0.1

is right?

[CPU 0]

It's ok, I understood the problem.

[96f8c4638fa3873b5097eb745d 0]

Seriously am I the only one who run Linux and are affected by this? Debian based linux distro with Google Chrome 41 and www.ipleak.com shows my private ipv4 addresses!

[Khariz 109]

Seriously am I the only one who run Linux and are affected by this? Debian based linux distro with Google Chrome 41 and www.ipleak.com shows my private ipv4 addresses!

Basically, the one rule for avoiding RTC Vulnerability right now is: use anything but chrome. You can turn it off in Firefox and IE and Safari don't have the vulnerability right now. You surely aren't the only one affected though. I highly suggest: https://wiki.debian.org/Firefox

[96f8c4638fa3873b5097eb745d 0]

 

Seriously am I the only one who run Linux and are affected by this? Debian based linux distro with Google Chrome 41 and www.ipleak.com shows my private ipv4 addresses!

Basically, the one rule for avoiding RTC Vulnerability right now is: use anything but chrome. You can turn it off in Firefox and IE and Safari don't have the vulnerability right now. You surely aren't the only one affected though. I highly suggest: https://wiki.debian.org/Firefox

 

Thnx for the reply! I think you're right.. I was just browsing this thread about the rtc and on the first page it said that linux users are not affected. Got a bit scared when my private ips were listed

[zsam288 36]

 

You also need 'Check if the tunnel use AirVPN DNS'.

 

I had the same problem with Win7 and it work well now, but sometimes connection isn't established and i need to close and restart eddie. I'm thinking to replace dns in my router with airvpn dns:

preferred 10.4.0.1

alternate  10.5.0.1

is right?

 

All DNS IPs for different configs are here

https://airvpn.org/specs/

[Khariz 109]

Actually, if you are using AIrVPN, there's no need to have your router set to a DNS server anyway. Just leave it blank in the router (or set it to the gateway) and just let the VPN handle the routing if the DNS requests like it already does. Then if Eddie crashes (and you werent using network lock) you will go back to your ISP's DNS until you reopen Eddie. Or just throw 8.8.8.8 and 8.8.4.4 in your router so that google's public DNS is your fallback (Or use OpenDns 208.67.222.222 and 208.67.220.220)

[openanonym 0]

Hi, I am trying to make Eddie block this vulnerability on Windows.

 

Here are some screenshots that show my settings:

 

 

IP Leak can still detect my actual IP address using WebRTC. I appreciate any help.

[win8 7]

To be clear: Is it a problem, when my private ip is shown (like 192.168.1.x) or only when the ISP assigned routable IP shows up?

[Guest]

To be clear: Is it a problem, when my private ip is shown (like 192.168.1.x) or only when the ISP assigned routable IP shows up?

It's a problem when your isp assigned ip is showing.

[Khariz 109]

WebRTC is not a VPN issue. It's a browser issue. Stop using chrome. WebRTC leaks don't happen in Firefox (with the correct setting turned off) or in IE or safari.

[ofiris 15]

WebRTC is not a VPN issue. It's a browser issue. Stop using chrome. WebRTC leaks don't happen in Firefox (with the correct setting turned off) or in IE or safari.

 

We need a solution for chromium however. Some people just prefer chromium to firefox (for several reasons). I'm eagerly awaiting for a solution as my private ipv4 is being detected.

[Staff 9972]

 

WebRTC is not a VPN issue. It's a browser issue. Stop using chrome. WebRTC leaks don't happen in Firefox (with the correct setting turned off) or in IE or safari.

 

We need a solution for chromium however. Some people just prefer chromium to firefox (for several reasons). I'm eagerly awaiting for a solution as my private ipv4 is being detected.

 

Hello!

 

If it's viable for you, enabling Eddie's "Network Lock" is a solution.

 

Kind regards

[ofiris 15]

 

 

WebRTC is not a VPN issue. It's a browser issue. Stop using chrome. WebRTC leaks don't happen in Firefox (with the correct setting turned off) or in IE or safari.

 

We need a solution for chromium however. Some people just prefer chromium to firefox (for several reasons). I'm eagerly awaiting for a solution as my private ipv4 is being detected.

 

Hello!

 

If it's viable for you, enabling Eddie's "Network Lock" is a solution.

 

Kind regards

 

Hello,

 

Thank you for the reply, but I do have network lock enabled (I always do). It's still leaking private ipv4 however.

 

I'm using ubuntu 14.04 btw, if that changes anything.

[Staff 9972]

Thank you for the reply, but I do have network lock enabled (I always do). It's still leaking private ipv4 however.

 

 

Hello!

 

We don't see this leak... anyway, how is that a problem?

 

Kind regards

[ofiris 15]

 

Thank you for the reply, but I do have network lock enabled (I always do). It's still leaking private ipv4 however.

 

 

Hello!

 

We don't see this leak... anyway, how is that a problem?

 

Kind regards

 

You're the expert in this conversation, not me

 

Is it not a problem? I imagine that it could identify me, or at the very least, might identify me. I think not everyone has the same private ipv4, do they? If that is true, imagine I am using a VPN server which has 20 users. If only 25% have the same private ipv4, then it's pretty much down to 5 users.

 

Is my thinking wrong?