Search the Community
Showing results for tags 'critical'.
Found 1 result
-
EDIT: a deeper study of improperly called "WebRTC leak" has brought up how the initial approach by a wide part of communities discussing it has been totally wrong, has missed the core reasons and has proposed "solutions" which are questionable. Please see here to get a more balanced and informed view of the so called "problem". http://www.clodo.it/blog/an-alternative-approach-to-so-called-webrtc-leaks WARNING: the following post was written hours after "WebRTC leak" hit the news. It is now to be considered outdated. It is also inappropriate when it uses the word "vulnerability". However, the way to prevent applications to talk outside the tunnel is the same, enable Network Lock or set proper firewall rules. It is absolutely nothing new, just like the whole fabricated "WebRTC leak" affair. ============================================================================ Hello! Browsers supporting WebRTC run in a Windows-environment can seriously compromise the security of VPN-tunnels by allowing the true IP address of the user to be read. https://en.wikipedia.org/wiki/WebRTC#Concerns WebRTC is supported in the following browsers: https://en.wikipedia.org/wiki/WebRTC#Support According to our tests we can at this moment confirm that Linux and OS X appear to be not affected. EDIT: OS X users please see here, according to this report OS X is vulnerable as well. https://airvpn.org/topic/13490-vpn-security-flaw-does-this-affect-airvpn/?do=findComment&comment=24757 You can test your system here: http://ipleak.net Windows users can fix the vulnerability in one of the following ways: - by enabling "Network Lock" in our free and open source client Eddie - by configuring a firewall to prevent leaks. In our "How-To" section we have guides for Comodo and Windows Firewall - by disabling WebRTC on the browser (WARNING: you can't do that in Google Chrome desktop edition, you'll need an extension). This page seems quite accurate https://www.browserleaks.com/webrtc#webrtc-disable EDIT: in the above linked page, the extension recommended for Chrome does not really prevent leaks - by running a browser which does not support WebRTC Kind regards AirVPN Support Team