Has Mozilla developers fixed security issues wtih WebRTC?
[code] System: Host: The-Punisher-MX Kernel: 4.19.0-5-amd64 x86_64 bits: 64 compiler: gcc v: 6.3.0
Desktop: Xfce 4.12.3 Distro: MX-18.3_x64 Continuum May 26 2019 base: Debian GNU/Linux 9 (stretch)
Machine: Type: Desktop System: ASUS product: All Series v: N/A serial: <filter>
Mobo: ASUSTeK model: X99-DELUXE II v: Rev 1.xx serial: <filter> UEFI [Legacy]: American Megatrends v: 1902 date: 04/19/2018
Battery: Device-1: hidpp_battery_0 model: Logitech K520 charge: N/A status: N/A
Device-2: hidpp_battery_1 model: Logitech Wireless Mouse charge: Normal status: Discharging
CPU: Topology: 6-Core model: Intel Core i7-6850K bits: 64 type: MT MCP arch: Broadwell
rev: 1 L2 cache: 15.0 MiB flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 86350 Speed: 1834 MHz min/max: 1200/4000 MHz Core speeds (MHz): 1: 1834 2: 1361 3: 1405 4: 1477 5: 1957 6: 1434 7: 1475 8: 2005 9: 1396 10: 1617 11: 1464 12: 1428
Graphics: Device-1: AMD Ellesmere [Radeon RX 470/480] vendor: ASUSTeK driver: amdgpu v: kernel
bus ID: 01:00.0 Display: x11 server: X.Org 1.19.2 driver: amdgpu,ati unloaded: fbdev,modesetting,radeon,vesa resolution: 1920x1080~60Hz OpenGL: renderer: AMD Radeon RX 480 Graphics (POLARIS10 DRM 3.27.0 4.19.0-5-amd64 LLVM 7.0.0) v: 4.5 Mesa 18.2.6 direct render: Yes
Audio: Device-1: Intel C610/X99 series HD Audio vendor: ASUSTeK driver: snd_hda_intel
v: kernel bus ID: 00:1b.0 Device-2: AMD vendor: ASUSTeK driver: snd_hda_intel v: kernel bus ID: 01:00.1 Device-3: Realtek type: USB driver: snd-usb-audio,uvcvideo bus ID: 2-2.4:4 Sound Server: ALSA v: k4.19.0-5-amd64
Network: Device-1: Intel Ethernet I218-V vendor: ASUSTeK driver: e1000e v: 3.2.6-k port: f000
bus ID: 00:19.0 IF: eth1 state: down mac: <filter> Device-2: Intel I211 Gigabit Network vendor: ASUSTeK driver: igb v: 5.4.0-k port: d000 bus ID: 0c:00.0 IF: eth0 state: down mac: <filter> Device-3: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter vendor: ASUSTeK driver: wl v: kernel port: d000 bus ID: 0e:00.0 IF: wlan0 state: up mac: <filter>
Drives: Local Storage: total: 10.23 TiB used: 2.42 TiB (23.6%)
ID-1: /dev/nvme0n1 vendor: Samsung model: SSD 970 EVO Plus 250GB size: 232.89 GiB ID-2: /dev/sda vendor: SanDisk model: SDSSDH3 1T00 size: 931.51 GiB ID-3: /dev/sdb vendor: Seagate model: ST2000DX002-2DV164 size: 1.82 TiB ID-4: /dev/sdc type: USB vendor: Seagate model: Desktop size: 7.28 TiB
Partition: ID-1: / size: 31.00 GiB used: 7.02 GiB (22.6%) fs: ext4 dev: /dev/nvme0n1p2
ID-2: /home size: 133.59 GiB used: 18.26 GiB (13.7%) fs: ext4 dev: /dev/nvme0n1p3
Sensors: System Temperatures: cpu: 24.0 C mobo: N/A gpu: amdgpu temp: 28 C
Fan Speeds (RPM): cpu: 0 gpu: amdgpu fan: 1122
Repos: Active apt repos in: /etc/apt/sources.list.d/antix.list
1: deb http://iso.mxrepo.com/antix/stretch stretch main Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list 1: deb http://ftp.us.debian.org/debian/ stretch-updates main contrib non-free Active apt repos in: /etc/apt/sources.list.d/debian.list 1: deb http://ftp.us.debian.org/debian/ stretch main contrib non-free 2: deb http://security.debian.org/ stretch/updates main contrib non-free Active apt repos in: /etc/apt/sources.list.d/enpass.list 1: deb https://apt.enpass.io/ stable main Active apt repos in: /etc/apt/sources.list.d/google-chrome.list 1: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main Active apt repos in: /etc/apt/sources.list.d/mx.list 1: deb http://mirrors.rit.edu/mxlinux/mx-packages/mx/repo/ stretch main non-free Active apt repos in: /etc/apt/sources.list.d/teamviewer.list 1: deb http://linux.teamviewer.com/deb stable main No active apt repos in: /etc/apt/sources.list.d/various.list
Info: Processes: 316 Uptime: 21h 12m Memory: 23.45 GiB used: 2.82 GiB (12.0%)
Init: SysVinit runlevel: 5 Compilers: gcc: 6.3.0 Shell: bash v: 4.4.12 inxi: 3.0.36
/code The above should give enough info on my system. The information I am interested in is whether or not Mozilla Devs have solved the Security issues involved with using WebRTC apps.?
Svi odgovori (6)
hi, "the Security issues involved with using WebRTC" is fairly generic - what are you referring to?
WebRTC Leaks public/private ip addresses! Please see this link:
this is less a security vulnerability but a privacy shortfall in the webrtc spec that browsers have to follow to be standard-compliant.
i don't know any details if there were any recent other developments in this area, but firefox allows for extensions to prevent IP address leakage and also provides multiple prefs to modify this behaviour: https://wiki.mozilla.org/Media/WebRTC/Privacy#Prefs_that_control_ICE_Candidate_generation
That is not really a security issue, but merely a privacy issue that your real IP can be exposed that you can encounter if you use a VPN.
You can possibly look at this extension:
- WebRTC Leak Shield https://addons.mozilla.org/firefox/addon/webrtc-leak-shield/
I am newly acquiring information on this subject: so, if I may throw out some ideas on what I plan to do and and then you might suggest what measures I might take to avoid any "privacy", or "security" issues. OK? I am a 65 year old with some knowledge of Linux and I have built computers (Desktops mostly) for awhile. I have MX-Linux-18.3 installed on my hardware at this point; with the intention of moving to XCP-ng; a tier-1 Hypervisor. I want to run multiple VM's and have a Web Server on one or more of the VM's to facilitate a local web server and possibly a Jitsi Server on another. I think I understand about using these tools (browser-extentions) while using a VPN; but, what if I am not using a VPN? What if I am "hosting" the Jitsi server locally? From the information that I have read so far, if I use a "hosted" (read Internet Jitsi Host Provider), some of those providers provide additional protections against this type of "privacy/security" issues. Do you have this same knowledge? What if I use a "hosted" Jitsi server? would that be any safer for any clients that I might generate?
https://distrowatch.com/table.php?distribution=whonix . Virtual machines keep the physical computer from malware. This operating system depends on a virtual machine, and can prevent WebRTC leaks.