The “IP Address Leakage” topic has turned into a public relations issue for WebRTC. It is a fact that the WebRTC API’s can be used to share one’s private IP address(es) without any user consent today. Nefarious websites could potentially use this information to fingerprint individuals who do not want to be tracked. Why is this an issue? Can this be stopped? Can I tell when someone is trying to use WebRTC without my knowledge? We try to cover those questions below along with a walkthrough of a Chrome extension that you can install or modify for yourself that provides a notification if WebRTC is being used without your knowledge.
Ring! Sometimes you need an alert to get your attention. Traditional phone systems make this easy – if someone calls you your phone rings. The traditional telephony model assumes the called device is always on an available to ring and this is how it generally works across analog phones, mobiles, VoIP phones, and even desktop calling replacements like Skype. The challenge in the web model is that you can no longer assume the remote device is available to run your program’s ring command. Even if the called party has a browser open, it does not mean they have a tab running your app. This means you need to find some other means of telling the called party to go to your URL. That can be limiting for a lot of apps. Fortunately there are solutions for this.