Preventing WebRTC IP Address Leaks

Speaker : Guillaume Nibert
Sorbonne Université
Date: 08/01/2025
Time: 2:00 pm - 3:00 pm
Location: Amphi 6

Abstract

The WebRTC API enables real-time communication of text, video, and audio media streams through a web browser without requiring third-party extensions. However, it was not designed with privacy in mind. We conduct an experiment to analyse privacy leaks associated with WebRTC. Our findings show that despite recent updates to the WebRTC specification and its implementations, sensitive public IP addresses can still be leaked during audio/video communication, particularly in large non-NAT corporate networks, even when using a VPN, SOCKS or HTTP/S proxy. To address the observed leaks, we develop a simple, easily maintainable, cross-platform open-source solution that confines the Mozilla Firefox web browser in a docker container. We also take into account the possibility of a malicious adversary compromising the browser.
Our tests have shown that our containerised solution is effective in all situations without restricting applications.