This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Has Mozilla developers fixed security issues wtih WebRTC?

  • 6 iimpendulo
  • 1 inayo le ngxaki
  • 3 views
  • Impendulo yokugqibela ngu wangziheng

more options

[code] System: Host: The-Punisher-MX Kernel: 4.19.0-5-amd64 x86_64 bits: 64 compiler: gcc v: 6.3.0

          Desktop: Xfce 4.12.3 Distro: MX-18.3_x64 Continuum May 26  2019 
          base: Debian GNU/Linux 9 (stretch) 

Machine: Type: Desktop System: ASUS product: All Series v: N/A serial: <filter>

          Mobo: ASUSTeK model: X99-DELUXE II v: Rev 1.xx serial: <filter> 
          UEFI [Legacy]: American Megatrends v: 1902 date: 04/19/2018 

Battery: Device-1: hidpp_battery_0 model: Logitech K520 charge: N/A status: N/A

          Device-2: hidpp_battery_1 model: Logitech Wireless Mouse charge: Normal 
          status: Discharging 

CPU: Topology: 6-Core model: Intel Core i7-6850K bits: 64 type: MT MCP arch: Broadwell

          rev: 1 L2 cache: 15.0 MiB 
          flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 86350 
          Speed: 1834 MHz min/max: 1200/4000 MHz Core speeds (MHz): 1: 1834 2: 1361 3: 1405 
          4: 1477 5: 1957 6: 1434 7: 1475 8: 2005 9: 1396 10: 1617 11: 1464 12: 1428 

Graphics: Device-1: AMD Ellesmere [Radeon RX 470/480] vendor: ASUSTeK driver: amdgpu v: kernel

          bus ID: 01:00.0 
          Display: x11 server: X.Org 1.19.2 driver: amdgpu,ati 
          unloaded: fbdev,modesetting,radeon,vesa resolution: 1920x1080~60Hz 
          OpenGL: 
          renderer: AMD Radeon RX 480 Graphics (POLARIS10 DRM 3.27.0 4.19.0-5-amd64 LLVM 7.0.0) 
          v: 4.5 Mesa 18.2.6 direct render: Yes 

Audio: Device-1: Intel C610/X99 series HD Audio vendor: ASUSTeK driver: snd_hda_intel

          v: kernel bus ID: 00:1b.0 
          Device-2: AMD vendor: ASUSTeK driver: snd_hda_intel v: kernel bus ID: 01:00.1 
          Device-3: Realtek type: USB driver: snd-usb-audio,uvcvideo bus ID: 2-2.4:4 
          Sound Server: ALSA v: k4.19.0-5-amd64 

Network: Device-1: Intel Ethernet I218-V vendor: ASUSTeK driver: e1000e v: 3.2.6-k port: f000

          bus ID: 00:19.0 
          IF: eth1 state: down mac: <filter> 
          Device-2: Intel I211 Gigabit Network vendor: ASUSTeK driver: igb v: 5.4.0-k 
          port: d000 bus ID: 0c:00.0 
          IF: eth0 state: down mac: <filter> 
          Device-3: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter vendor: ASUSTeK 
          driver: wl v: kernel port: d000 bus ID: 0e:00.0 
          IF: wlan0 state: up mac: <filter> 

Drives: Local Storage: total: 10.23 TiB used: 2.42 TiB (23.6%)

          ID-1: /dev/nvme0n1 vendor: Samsung model: SSD 970 EVO Plus 250GB size: 232.89 GiB 
          ID-2: /dev/sda vendor: SanDisk model: SDSSDH3 1T00 size: 931.51 GiB 
          ID-3: /dev/sdb vendor: Seagate model: ST2000DX002-2DV164 size: 1.82 TiB 
          ID-4: /dev/sdc type: USB vendor: Seagate model: Desktop size: 7.28 TiB 

Partition: ID-1: / size: 31.00 GiB used: 7.02 GiB (22.6%) fs: ext4 dev: /dev/nvme0n1p2

          ID-2: /home size: 133.59 GiB used: 18.26 GiB (13.7%) fs: ext4 dev: /dev/nvme0n1p3 

Sensors: System Temperatures: cpu: 24.0 C mobo: N/A gpu: amdgpu temp: 28 C

          Fan Speeds (RPM): cpu: 0 gpu: amdgpu fan: 1122 

Repos: Active apt repos in: /etc/apt/sources.list.d/antix.list

          1: deb http://iso.mxrepo.com/antix/stretch stretch main
          Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list 
          1: deb http://ftp.us.debian.org/debian/ stretch-updates main contrib non-free
          Active apt repos in: /etc/apt/sources.list.d/debian.list 
          1: deb http://ftp.us.debian.org/debian/ stretch main contrib non-free
          2: deb http://security.debian.org/ stretch/updates main contrib non-free
          Active apt repos in: /etc/apt/sources.list.d/enpass.list 
          1: deb https://apt.enpass.io/ stable main
          Active apt repos in: /etc/apt/sources.list.d/google-chrome.list 
          1: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main
          Active apt repos in: /etc/apt/sources.list.d/mx.list 
          1: deb http://mirrors.rit.edu/mxlinux/mx-packages/mx/repo/ stretch main non-free
          Active apt repos in: /etc/apt/sources.list.d/teamviewer.list 
          1: deb http://linux.teamviewer.com/deb stable main
          No active apt repos in: /etc/apt/sources.list.d/various.list 

Info: Processes: 316 Uptime: 21h 12m Memory: 23.45 GiB used: 2.82 GiB (12.0%)

          Init: SysVinit runlevel: 5 Compilers: gcc: 6.3.0 Shell: bash v: 4.4.12 inxi: 3.0.36 

/code The above should give enough info on my system. The information I am interested in is whether or not Mozilla Devs have solved the Security issues involved with using WebRTC apps.?

[code] System: Host: The-Punisher-MX Kernel: 4.19.0-5-amd64 x86_64 bits: 64 compiler: gcc v: 6.3.0 Desktop: Xfce 4.12.3 Distro: MX-18.3_x64 Continuum May 26 2019 base: Debian GNU/Linux 9 (stretch) Machine: Type: Desktop System: ASUS product: All Series v: N/A serial: <filter> Mobo: ASUSTeK model: X99-DELUXE II v: Rev 1.xx serial: <filter> UEFI [Legacy]: American Megatrends v: 1902 date: 04/19/2018 Battery: Device-1: hidpp_battery_0 model: Logitech K520 charge: N/A status: N/A Device-2: hidpp_battery_1 model: Logitech Wireless Mouse charge: Normal status: Discharging CPU: Topology: 6-Core model: Intel Core i7-6850K bits: 64 type: MT MCP arch: Broadwell rev: 1 L2 cache: 15.0 MiB flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 86350 Speed: 1834 MHz min/max: 1200/4000 MHz Core speeds (MHz): 1: 1834 2: 1361 3: 1405 4: 1477 5: 1957 6: 1434 7: 1475 8: 2005 9: 1396 10: 1617 11: 1464 12: 1428 Graphics: Device-1: AMD Ellesmere [Radeon RX 470/480] vendor: ASUSTeK driver: amdgpu v: kernel bus ID: 01:00.0 Display: x11 server: X.Org 1.19.2 driver: amdgpu,ati unloaded: fbdev,modesetting,radeon,vesa resolution: 1920x1080~60Hz OpenGL: renderer: AMD Radeon RX 480 Graphics (POLARIS10 DRM 3.27.0 4.19.0-5-amd64 LLVM 7.0.0) v: 4.5 Mesa 18.2.6 direct render: Yes Audio: Device-1: Intel C610/X99 series HD Audio vendor: ASUSTeK driver: snd_hda_intel v: kernel bus ID: 00:1b.0 Device-2: AMD vendor: ASUSTeK driver: snd_hda_intel v: kernel bus ID: 01:00.1 Device-3: Realtek type: USB driver: snd-usb-audio,uvcvideo bus ID: 2-2.4:4 Sound Server: ALSA v: k4.19.0-5-amd64 Network: Device-1: Intel Ethernet I218-V vendor: ASUSTeK driver: e1000e v: 3.2.6-k port: f000 bus ID: 00:19.0 IF: eth1 state: down mac: <filter> Device-2: Intel I211 Gigabit Network vendor: ASUSTeK driver: igb v: 5.4.0-k port: d000 bus ID: 0c:00.0 IF: eth0 state: down mac: <filter> Device-3: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter vendor: ASUSTeK driver: wl v: kernel port: d000 bus ID: 0e:00.0 IF: wlan0 state: up mac: <filter> Drives: Local Storage: total: 10.23 TiB used: 2.42 TiB (23.6%) ID-1: /dev/nvme0n1 vendor: Samsung model: SSD 970 EVO Plus 250GB size: 232.89 GiB ID-2: /dev/sda vendor: SanDisk model: SDSSDH3 1T00 size: 931.51 GiB ID-3: /dev/sdb vendor: Seagate model: ST2000DX002-2DV164 size: 1.82 TiB ID-4: /dev/sdc type: USB vendor: Seagate model: Desktop size: 7.28 TiB Partition: ID-1: / size: 31.00 GiB used: 7.02 GiB (22.6%) fs: ext4 dev: /dev/nvme0n1p2 ID-2: /home size: 133.59 GiB used: 18.26 GiB (13.7%) fs: ext4 dev: /dev/nvme0n1p3 Sensors: System Temperatures: cpu: 24.0 C mobo: N/A gpu: amdgpu temp: 28 C Fan Speeds (RPM): cpu: 0 gpu: amdgpu fan: 1122 Repos: Active apt repos in: /etc/apt/sources.list.d/antix.list 1: deb http://iso.mxrepo.com/antix/stretch stretch main Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list 1: deb http://ftp.us.debian.org/debian/ stretch-updates main contrib non-free Active apt repos in: /etc/apt/sources.list.d/debian.list 1: deb http://ftp.us.debian.org/debian/ stretch main contrib non-free 2: deb http://security.debian.org/ stretch/updates main contrib non-free Active apt repos in: /etc/apt/sources.list.d/enpass.list 1: deb https://apt.enpass.io/ stable main Active apt repos in: /etc/apt/sources.list.d/google-chrome.list 1: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main Active apt repos in: /etc/apt/sources.list.d/mx.list 1: deb http://mirrors.rit.edu/mxlinux/mx-packages/mx/repo/ stretch main non-free Active apt repos in: /etc/apt/sources.list.d/teamviewer.list 1: deb http://linux.teamviewer.com/deb stable main No active apt repos in: /etc/apt/sources.list.d/various.list Info: Processes: 316 Uptime: 21h 12m Memory: 23.45 GiB used: 2.82 GiB (12.0%) Init: SysVinit runlevel: 5 Compilers: gcc: 6.3.0 Shell: bash v: 4.4.12 inxi: 3.0.36 [/code] The above should give enough info on my system. The information I am interested in is whether or not Mozilla Devs have solved the Security issues involved with using WebRTC apps.?

All Replies (6)

more options

hi, "the Security issues involved with using WebRTC" is fairly generic - what are you referring to?

more options

WebRTC Leaks public/private ip addresses! Please see this link:

https://restoreprivacy.com/webrtc-leaks/

more options

this is less a security vulnerability but a privacy shortfall in the webrtc spec that browsers have to follow to be standard-compliant.

i don't know any details if there were any recent other developments in this area, but firefox allows for extensions to prevent IP address leakage and also provides multiple prefs to modify this behaviour: https://wiki.mozilla.org/Media/WebRTC/Privacy#Prefs_that_control_ICE_Candidate_generation

more options

That is not really a security issue, but merely a privacy issue that your real IP can be exposed that you can encounter if you use a VPN.

You can possibly look at this extension:

more options

I am newly acquiring information on this subject: so, if I may throw out some ideas on what I plan to do and and then you might suggest what measures I might take to avoid any "privacy", or "security" issues. OK? I am a 65 year old with some knowledge of Linux and I have built computers (Desktops mostly) for awhile. I have MX-Linux-18.3 installed on my hardware at this point; with the intention of moving to XCP-ng; a tier-1 Hypervisor. I want to run multiple VM's and have a Web Server on one or more of the VM's to facilitate a local web server and possibly a Jitsi Server on another. I think I understand about using these tools (browser-extentions) while using a VPN; but, what if I am not using a VPN? What if I am "hosting" the Jitsi server locally? From the information that I have read so far, if I use a "hosted" (read Internet Jitsi Host Provider), some of those providers provide additional protections against this type of "privacy/security" issues. Do you have this same knowledge? What if I use a "hosted" Jitsi server? would that be any safer for any clients that I might generate?

more options

https://distrowatch.com/table.php?distribution=whonix . Virtual machines keep the physical computer from malware. This operating system depends on a virtual machine, and can prevent WebRTC leaks.