This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was closed and archived. Please ask a new question if you need help.

WebRTC - IP Security leak with VPN

  • 4 replies
  • 1 has this problem
  • 8 views
  • Last reply by John99

more options

Can someone please tell me that this security issue is being worked on? This is a serious problem. I don't know anything about programming but from what I have read, plugin developers are being forced to use WebRTC webextensions. But the issue is, WebRTC has a serious leak of exposing your IP when using VPN. Totally unacceptable and I can't believe Mozilla is ok with this. Us users need the ability to use both VPN and our plugins to defeat tracking and keep secured. Does any one have information about this high risk issue?

Can someone please tell me that this security issue is being worked on? This is a serious problem. I don't know anything about programming but from what I have read, plugin developers are being forced to use WebRTC webextensions. But the issue is, WebRTC has a serious leak of exposing your IP when using VPN. Totally unacceptable and I can't believe Mozilla is ok with this. Us users need the ability to use both VPN and our plugins to defeat tracking and keep secured. Does any one have information about this high risk issue?

All Replies (4)

more options

Hello ice_blue, unfortunately, mozilla will still support the underlying webrtc technology in the browser, even after Hello discontinued in Firefox 49.

please see : https://wiki.mozilla.org/Media/WebRTC/Privacy

from what i known, the vpn that is not affected by WebRTC, are : HotSpot Shield, IPVanish, CyberGhost, StrongVPN, ExpressVPN.

thank you

more options

Thanks for your reply ideato. I bookmarked the link.

ideato said

from what i known, the vpn that is not affected by WebRTC, are : HotSpot Shield, IPVanish, CyberGhost, StrongVPN, ExpressVPN.

It looks like you're saying that the IP exposure is the fault of the VPN provider and not Firefox. Do you have a link to a resource site to confirm this?

more options

Hello

ice_blue said

It looks like you're saying that the IP exposure is the fault of the VPN provider and not Firefox. Do you have a link to a resource site to confirm this?

No, the ip exposure is "fault" (not exactly the correct word) in firefox, edge, chrome and opera browsers that use technology like Firefox Hello (Web Real-Time Communication or WebRTC), this technology is not mature yet.

yes i have a link but it is in Greek language :-)

https://www.pcsteps.gr/109541-%CF%84%CE%BF-%CF%80%CE%B9%CE%BF-%CF%83%CF%84%CE%B1%CE%B8%CE%B5%CF%81%CF%8C-%CE%B3%CF%81%CE%AE%CE%B3%CE%BF%CF%81%CE%BF-vpn-%CF%83%CF%84%CE%B7%CE%BD-%CE%B5%CE%BB%CE%BB%CE%AC%CE%B4%CE%B1/

the above vpn providers use different technology than the others and because of that, does not affected by WebRTC.

see the screenshots

Υπέρ, means, Pros : Δεν επηρεάζεται από το WebRTC, means Does not affected by WebRTC

Κατά, means, Cons : Επηρεάζεται από το WebRTC, means, Affected by WebRTC

thanks again

more options

It is probably better to keep this to the original thread. Thanks for cross linking them Ideato.

It is also worth noting you are not forced to use WebRTC you are able to disable it.

We do not have Developers and security experts here. If you consider there is an unadressed security issue then you would be better asking in the Mozilla security forum.