Firefox and Google Chrome are two of the most popular browsers around. Despite how popular they are, these two still suffer browser security issues. They have a problem with leaking your IP address, even when you are using a
Stop Firefox and Google Chrome browser security problems
This issue was discovered and discussed on Github last year, but many are completely unaware of them. Here are the basics which were discussed:
“Firefox and Chrome have implemented WebRTC that allow requests to STUN servers be made that will return the local and public IP addresses for the user. These request results are available to javascript, so you can now obtain a users local and public IP addresses in javascript. This demo is an example implementation of that. Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console or able to be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking if an advertiser sets up a STUN server with a wildcard domain.”
This online security blog is written for those who are not computer experts. To put it in simple terms:
- Firefox and Google Chrome can allow websites to find the IP address which was issued by your ISP.
- This weakness has been found in the WebRTC JavaScript code.
- The website can run a check on this code without the visitor knowing about it.
Important notes to make here include:
- This browser security issue has only been found on the Windows version of Firefox and Google Chrome browsers.
- Those who use Mac, Linux, and Android are safe.
@VG_Aaron the way Google and Mozilla have implemented #WebRTC opens a security/privacy issue exposing network interfaces
— Alexander Hanff (CIPPE, CIPT, FIP) (@alexanderhanff) April 18, 2015
For everyone else, you need to do the following things to stop this security issue. This is especially true for our readers who are often using a
Fixing the browser security issue with Chrome
Here is how you are going to fix the Google chrome Windows browser leak:
- Download the WebRTC Network Limiter browser extension developed by Google.
- This is a 7.31 kB extension. It will not slow down your Internet experience.
- This will be saved on the web RTC multiple routes option in your Google chrome privacy settings.
- Your IP address will not be revealed during configuration of certain WebRTC functions.
- Test to be sure the extension has worked by visiting BrowserLeaks.com. Check to see if the WebRTC has been disabled or not.
Another way to stop this in Chrome is to turn off JavaScript entirely:
- Go to Settings
- Open Advanced Settings
- Click the Privacy Tab
- Select Content Settings
- Finally, go into JavaScript
Either way will work fine. Just sure that you do it on your Windows machine if you use Google Chrome.
Stopping the browser security issue on Firefox
Correcting this browser security problem in Firefox is a little bit more complicated as there have been no extensions developed. Here are the steps to take:
- Type “about:config” in the URL bar.
- Press Enter.
- Locate where it says “media.peerconnection.enabled.”
- Double click on this, and it will set to false.
Just these few steps will prevent your IP address from leaking. This is essential to do no matter how good your