From my understanding of how this works that's mostly a consequence of the Tor browser trying to achieve network privacy and anonymity at the wrong layer.
The right way would be to route all the requests through Tor, not just those from the engine of the browser.
I used to be of this opinion, but [1] changed my mind.
The problem is that there's a huge potential to deanonymize the user at an exit node because of all sorts of traffic other than web browsing. Do all of your chat programs encrypt everything? How about your email client? What about every daemon on your system that accesses the Internet?
At the very least, all of these can be used to fingerprint you.
WebRTC is a great example of why the user-agent turns out to be the right level to think about anonymity over Tor.
I agree that Tor is a special case, but who uses Tor without Tor Button, Tor Browser, or something similar? It's easy to disable WebRTC in those instances.
Regarding internal VPN IPs, I don't understand how this would help an attacker. If someone has broken into a VPN network and is in a position where they could make use of that data, then it's game over anyway. Otherwise, what do you want with an internal IP, besides fingerprinting?
By the way, fingerprinting no doubt is an issue, along with a dozen or so other JavaScript APIs that leak data. If you don't want to be fingerprinted, use something like NoScript. Advertisers can already uniquely identify you based on various other data leaked by JS, don't know why WebRTC has been singled out for this reason.
Because IP addresses feel private. Even though you send one with every packet. Even though the extra one sent by webrtc is the one behind your NAT, and probably just 192.168.[0,1].
jacquesm|10 years ago
The right way would be to route all the requests through Tor, not just those from the engine of the browser.
daxelrod|10 years ago
The problem is that there's a huge potential to deanonymize the user at an exit node because of all sorts of traffic other than web browsing. Do all of your chat programs encrypt everything? How about your email client? What about every daemon on your system that accesses the Internet?
At the very least, all of these can be used to fingerprint you.
WebRTC is a great example of why the user-agent turns out to be the right level to think about anonymity over Tor.
[1]: http://www.wired.com/2014/10/anonymity-routers/
squeeze|10 years ago
jnbiche|10 years ago
Regarding internal VPN IPs, I don't understand how this would help an attacker. If someone has broken into a VPN network and is in a position where they could make use of that data, then it's game over anyway. Otherwise, what do you want with an internal IP, besides fingerprinting?
By the way, fingerprinting no doubt is an issue, along with a dozen or so other JavaScript APIs that leak data. If you don't want to be fingerprinted, use something like NoScript. Advertisers can already uniquely identify you based on various other data leaked by JS, don't know why WebRTC has been singled out for this reason.
lallysingh|10 years ago