Tuesday, 10 March 2015

WebRTC Vulnerability leaks Real IP Addresses of VPN Users

Now Virtual private network (VPN) and proxy users need to be more careful in order to protect their accounts as new serious security issues has now come into existence. The threat allows websites to see local home IP addresses the massive flaw comes in by way of WebRTC (Web RTC, Web Real-Time Communication) and the browsers that support this communications protocol.

What is Web RTC?

WebRTC is ultimately the technology that simplifies an incorporation of real-time communications into a web browser. It is an open-sourced protocol that supports browser-to-browser apps for voice calling, video chat, and file sharing. It’s a widely supported plugin and used amongst popular Internet browsers, most notably Google Chrome and Mozilla Firefox.

How are IP addresses leaking?

In this WebRTC security issue, a website can use a simple script to access IP address information from STUN (Session Traversal Utilities for NAT) servers. These STUN servers are actually those servers that are regularly employed by VPNs and through a protocol called NAT (Network Address Translation) it  translate a local home IP address to a new public IP address and vice-versa. So to do this at the time of connectivity the STUN server maintains a table of your VPN-based public IP and your local one. The local and public IP addresses of the user can easily be fetched from these requests with JavaScript. Wireless routers also replicate the same function in translating private IP addresses to public and back.

A researcher from San Francisco, Daniel Roesler, better illustrate just how the Web RTC vulnerability works. The STUN server sends a ping back that contains the IP address and port of the client. Roesler initially claimed that browser plugins cannot block the vulnerability, but actually, there are several easy fixes available to patch the security hole and remove this flaw.

Who is affected and how can the security hole be fixed?

Both Windows and Macintosh users are equally at risk but Default browsers Internet Explorer and Safari are actually safe with this. Firefox and Chrome users on the other hand have a problem to fix.

If you are a Mozilla Firefox user then:

Download NoScript from Firefox Add-Ons or type about:config in the address bar and setting ‘media.peerconnection.enabled‘ to ‘False.’

If you are Google Chrome users then:

Either install a plugin such as WebRTC Block or ScriptSafe., or enter chrome://flags/ into the address bar and enable ‘Disable WebRTC device enumeration.’

Alternatively, those who all are using the affected browsers can setup a wireless home router to connect to their VPN service directly. This removes the likelihood of a software-based flaw from exposing any information about the user.

If you are really caught into such situation or get infected with such program, then you need to uninstall it as soon as possible using the “Add or Remove Programs” feature in Windows. If by doing this you are still unable to fix out this problem then you can use spyhunter Removal Tool, a free software to scan and fix any unwanted or junk software.