Apple released iOS 15 with iCloud Private Relay broken for WebRTC – it still divulges your IP address. This post walks through why and how the WebRTC API’s use your IP address information and how you can check what IP addresses are gathered.
ip leakage
So your VPN is leaking because of Chrome’s WebRTC…
We have covered the “WebRTC is leaking your IP address” topic a few times, like when I reported what the NY Times was doing and in my WebRTC-Notifier. Periodically this topic comes up now and again in the blogosphere, generally with great shock and horror. This happened again recently, so here is an updated look into […]
Are we There Yet? WebRTC standards Q&A with Dan Burnett
If you are new to WebRTC then you have missed out on years of drama in the standards bodies over various issues like SDP and codecs. These standards dictate what vendors must implement so they ultimately dictate the industry roadmap. To get a deep perspective and appreciation of the issues, we like to ask Dan Burnett, W3C […]
How to stop a leak – the WebRTC notifier
The “IP Address Leakage” topic has turned into a public relations issue for WebRTC. It is a fact that the WebRTC API’s can be used to share one’s private IP address(es) without any user consent today. Nefarious websites could potentially use this information to fingerprint individuals who do not want to be tracked. Why is this […]
Dear NY Times, if you’re going to hack people, at least do it cleanly!
So the New York times uses WebRTC to gather your local ip addresses… Tsahi describes the non-technical parts of the issue in his blog. Let’s look at the technical details… it turns out that the Javascript code used is very clunky and inefficient. First thing to do is to check chrome://webrtc-internals (my favorite tool since […]