New
#1
Bloatware is notorious for causing problems.
Why do browser developers think that adding more unnecessary stuff is better than fixing existing broken features?
Is it because adding new stuff is easier than debugging existing code?
WebRTC in Firefox and Chrome Reveals IPs Behind VPN - SoftpediaThe implementation of WebRTC (Web Real-Time Communication) in Google Chrome and Mozilla Firefox allows viewing both the public IP address and the internal one, even if the connection is routed through a VPN server.
WebRTC is an open-source project that provides simple APIs to enable communication (voice calling, video chat, and P2P file sharing) via web apps straight from the browser via a standard set of protocols.
It is currently supported by Chrome, Firefox and Opera web browsers and it also works on mobile platforms Android and iOS.
Even without using a VPN the WebRTC technology can be used to track you easier through your local IP address ie 192.168.X.X
More info: Sites may detect the local IP address in browsers supporting WebRTC - gHacks Tech News
Bloatware is notorious for causing problems.
Why do browser developers think that adding more unnecessary stuff is better than fixing existing broken features?
Is it because adding new stuff is easier than debugging existing code?
Not sure what you think is bloatware in this, the browsers? Anyway, WebRTC can easily be disabled as described in the links.
Regarding debugging I didn't like reading this, so WebRTC is a no no for me even though I don't allow firewall UDP calls for my browsers:
Researcher Daniel Roesler explains that WebRTC in the two web browsers is configured so that it allows IP address requests to be made to a STUN (Session Traversal Utilities for Nat) server.
A STUN server is contacted via UDP and it allows a client behind a firewall to communicate to a VoIP provider outside the local network. It identifies the gateway IP, as well as the internal one assigned to the client in order to establish direct traffic exchange with it.
The results of the requests are available to JavaScript, but because they are made outside the normal XML/HTTP request procedure, they are not visible in the developer console.
Thanks for the info. I use Firefox and toggled this off.
I forgot to add although it was mentioned in the quote:
If you use Firefox or a Chromium based browser(Chrome, Opera) on your smartphone, you might want to check WebRTC there too.
Perhaps I should have said "bloatcode". :)
My definition of bloatware is, unnecessary software added to a program or OS.
It often:
- Interferes with the operation of the software that it is added to
- Causes security problems
This WebRTC feature was recently added to Firefox (in version 34) and it causes security issues.ghacks.netThis is a new real-time communication feature of Firefox using WebRTC. It enables you to communicate with friends, family and colleagues using the browser and nothing else.
Firefox 34 Find out what is new - gHacks Tech News
Ok, then I understand.... and agree :)
This is one of the downsides of keeping a browser up to date. Besides patching security holes it also brings new (and sometimes unwanted) functionality that in turn brings new security issues. And so on...
It's only going to get worse if we have to switch to a "Cloud OS".
Smart Phones are a perfect example of this issue.
My friend had to get a new phone, so he got some sort of Android-based Smart Phone.
He tried out some of the Apps that were on it and then he updated it.
After the phone had been updated, the App he was most impressed with had been converted into "junk".
The Local IP? Really? What use is that, as pretty much Everyone's Local IP will be 192.168.0/1/100.##
Oh. The demo the article links to gives me three IP addresses (Local network and a tunnel for private IP addresses), and the Public doesn't change when I enable Zenmate (but does on other ip tracking websites).
If Netflix implements this I, and 75% of Canadian subscribers, will cancel our memberships.