Closed ruihildt closed 1 year ago
Is the intent of blocking webrtc in this addon to prevent users from using webrtc at all or to prevent ip leaks on websites that use webrtc only for nefarious reasons?
The former needs user consent anyway for accessing micro/camera and if someone wants to use webrtc then they would simply disable the addon(?) while for people who don't use webrtc it doesn't matter if functionality is blocked or not.
The latter problem was fixed in firefox long time ago except for windows 7/8. This is the reason addons like ublock stopped blocking webrtc.
Thanks for the heads up @Maryse47.
The latter problem was fixed in firefox long time ago except for windows 7/8.
Do you have any documentation or info I could look into?
This “feature” is both very irritating and impacts browser fingerprint. I’d really appreciate for this to be addressed promptly. Even with the “Disable webRTC” recommendation disabled, this extension still sets media.peerconnection.enabled
to false
every time Firefox is launched, which is not communicated to the user whatsoever. The privacy‐oriented arkenfox user.js setup leaves this set to true
because it’s not only unnecessary to disable it and remove functionality when your private IP is not exposed in untrusted scenarios anyway (as discussed above; for instance, Mullvad’s own “Connection Check” page will still show “No WebRTC leaks” even with webRTC enabled), but it affects your browser fingerprint. It’s much more sensible to just leave it enabled so more people share this value in fingerprints while also not barring anyone from accessing any functionality.
@G-F-D Thanks for your input, we're planning to remove this recommendation in the next version.
After doing an extensive research, we will stop recommending disabling webRTC.
The only webRTC leaks that could happen in Firefox are internal IP addresses (and only if you manually change in about:config
the media.peerconnection.ice.obfuscate_host_addresses
parameter to false
).
We are implementing a webRTC leak check (see #146 ) and will update our guides as well.
Users are unaware WebRTC disabled is disabled by default which makes some users confused, for example when trying to use Jitsi.
Some ideas to address the issue: