search

gcarq / inox-patchset

Inox patchset tries to provide a minimal Chromium based browser with focus on privacy by disabling data transmission to Google.
BSD 2-Clause "Simplified" License
364 stars 26 forks source link

webrtc mitigation (no ip leak) #130

Open HotelBellaMuerte opened 6 years ago

HotelBellaMuerte commented 6 years ago

with this

you can use webrtc "safely", because if you use a vpn doesnt leak your ip

https://github.com/bn0785ac/inox-hardened/commit/71c8d4b6403b63740635d8e6954585cdc144d5f3

@gcarq @xsmile @perfect7gentleman

csagan5 commented 6 years ago

IIRC I had tried these but they were not effective, although I cannot say if it was due to pre-existing stored settings or other reasons. Did anyone else test them?

HotelBellaMuerte commented 6 years ago

it just helps you if you're using a proxy (at inox), and just forces webrtc to respect IP setups (in leak case).

just leak the "protect webrtc ip" from ublock, but at inox codebase.

as we cant block it, we could be more respectful

csagan5 commented 6 years ago

In Bromite I simply build without webRTC to get rid of all its woes; this will however be extremely more difficult from v68 onwards since the Chromium devs have dropped the build option.

gcarq commented 6 years ago

@csagan5 Good to know, this flag was broken some time ago, seems like they fixed it though. Do you have any direction or intention to address this from v68 onwards?

csagan5 commented 6 years ago

@gcarq they fixed it...by removing it altogether (I'd hardly call that "fixed", but I understand it is an "optimisation" if nobody cares about building without webRTC)

I always build the tags of the current stable (so these days the latest tag of v67) but I already took note of some commits that need be reverted to reinstate the enable_webrtc=false build flag functionality:

My plan of action would be the following: when v68 becomes stable start building it and attempt reverting those commits in reverse chronological order, fix the rest manually (might need to inspect/revert more commits) and hopefully have again the possibility to build without webRTC.

HotelBellaMuerte commented 6 years ago

it was broken sinve v62

also you can take this patch (is a better implementation of my idea) ... i'll replace my patch with them

https://github.com/bromite/bromite/blob/master/patches/BRM014_Disable-WebRTC-by-default.patch