‹ Back to the blog listStop WebRTC... um, Web WHAT?

WebRTC.Final.Blog.590.399.jpg

WebRTC allows web browsers to host voice/video calls all on their own. But if you use a VPN to protect your privacy, WebRTC can reveal your real IP address anyway.

 

What's a VPN?

VPNs (Virtual Private Networks) are a popular way to shield yourself from hackers and protect your privacy when you're online.

For a modest fee (about $6.00 a month) a VPN company allows you to establish an encrypted connection between your computer and their servers so that all your internet traffic will flow through them.

This is an effective way to conceal your internet address because all your traffic appears to come from that company.

Choosing a good VPN service is a bit tricky (there's a good set of guidelines here), but once you find a company that suits your needs, setup is usually extremely easy.

Millions of people already use VPNs to protect their privacy, and if you are or plan to be one of them, you need to know what WebRTC is and how to disable it.

 

The idea behind WebRTC

Several years ago the makers of most popular browsers incorporated a kind of technology that allows browsers to host real-time communications such as voice and video calls. It was intended as a competitive convenience feature that made it unnecessary for the user to install specific applications like Skype. 

Instead, WebRTC allows you to talk right from your browser using your device's built-in camera, microphone and speakers or headset.

The thing is, most voice calls are done over what's known as a peer-to-peer connection, which means that you have to know the exact IP address of the person you're going to talk to, and they have to know yours. So that's what WebRTC does… upon request it sends out your actual IP address even if you're using a VPN.  

It's noteworthy that WebRTC uses something called STUN requests, which cannot be blocked by the likes of AdBlock or Ghostery, and don't even show up in developer consoles.

 

How can I tell if it's on?

It's easy. After you've connected to your VPN, paste this link into each browser you have installed:

https://diafygi.github.io/webrtc-ips/

It's a simple test that attempts to establish a WebRTC session, and shows you the results when your browser is asked for for your public (the VPN) and private (your actual device) IP addresses.  If WebRTC is activated, you will see your actual IP address, usually in the public IP address field.  If not, it will be blank, which is what you want.

It should look like this:

ScanResults.JPG

If it isn't empty like that, then your actual IP address may be exposed.  Read the next section, "How do I turn it off". 

Also, if you want a deeper technical look, you can use this test

https://ipleak.net/

 

How do I turn it off?

There's good news and bad news.

The bad news is that in Google Chrome, you can't.  

There was a plug-in that claimed to be able to do it, but that's no longer available (one wonders why). For Chrome diehards, however, there is a plugin1 that will at least limit WebRTC, but it requires some technical skill.  Plus there's a somewhat tricky settings procedure, but it only works on some instances of Chrome.2 

So unless you have a lot of geek-skill, for most people Chrome will leak your IP address like a boat riddled with shotgun holes.

The good news is that most other browsers allow you to disable WebRTC quite easily.  

 

If you use Firefox, open the app menu, select plugins, and install this plug-in:

Disable WebRTC

It takes effect immediately, so that's all you have to do. But re-check anyway, as instructed above. You can also change the setting manually if you prefer.3

 

If you use Internet Explorer, Edge or Safari, WebRTC is not installed by default. But it can be accomplished by an optional plug-in, so make sure that nothing with the name WebRTC  is installed (and uninstall if you find it).

And that's it.  Security hole… you are history!

MerlinEarthIcon-Green-10percent.png

 

If you found this blog informative please like us on Facebook... just click this button: 


1. WebRTC Network Limiter.   www.webrtc.org

2. To manually attempt to disable WebRTC in Chrome, follow this procedure:

A. Locate your Chrome user preference file.  In Windows look in C:/Users/(your username)/AppData/Local/Google/Chrome/User Data/Default/Preferences. For Mac OS X: ~/Library/Application Support/Google/Chrome/Default. For GNU/Linux: ~/.config/google-chrome/Default

B. Exit Chrome and save a backup copy of the file somewhere else.

C. Open the Preferences file in a text editor (e.g. Notepad, Sublime Text).

D. Add these lines to the bottom of the file, paying attention to the format (follow the format of the other lines, adding a comma if necessary):
    "webrtc": {
    "multiple_routes_enabled": false }

3. Type about:config in the address bar.  Then scroll down to media.peerconnection.enabled, and double click to set it to false.

Published on 2016-10-07 by:
avatar
Dr. K
Director of Networking

All things Kahuna™... and much more.