Cable Forum - View Single Post

Milambar · 28-02-2015, 14:00

Its not a flaw, actually. It's by design.

WebRTC was designed to enable peer to peer transfers and voice communication over the web. Both of which would be impossible without access to the machines real IP. Therefore WebRTC has to make the machines real IP available.

Just because people make assumptions and don't follow what capabilities are provided for in design specs, doesn't make capabilities they didn't realise it had equal a flaw.

TorrentFreak reported it as a flaw, because it can affect the anonymity of VPN tunnels, which is true, it can affect the anonymity of VPN tunnels, but that doesn't make it a flaw. Its doing exactly what its meant to do.

I personally would class it as a vulnerability not a flaw. Its easily worked around too, the firefox addon 'NoScript' will block the WebRTC request.

28-02-2015, 14:00	#100
Milambar Inactive Join Date: Jan 2008 Posts: 954	Re: VPN Its not a flaw, actually. It's by design. WebRTC was designed to enable peer to peer transfers and voice communication over the web. Both of which would be impossible without access to the machines real IP. Therefore WebRTC has to make the machines real IP available. Just because people make assumptions and don't follow what capabilities are provided for in design specs, doesn't make capabilities they didn't realise it had equal a flaw. TorrentFreak reported it as a flaw, because it can affect the anonymity of VPN tunnels, which is true, it can affect the anonymity of VPN tunnels, but that doesn't make it a flaw. Its doing exactly what its meant to do. I personally would class it as a vulnerability not a flaw. Its easily worked around too, the firefox addon 'NoScript' will block the WebRTC request.