Closed NearestWater262 closed 2 weeks ago
For 2, webRTC is proxied. You can observe that by starting a Jitsi session and going to about:webrtc
.
For the other questions, I don't know how to answer them. We have been discussing how to improve our default webRTC settings, and hopefully I'll be able to better answer you once we've investigated more.
@ruihildt thank you very much, looking forward to developments :D
To answer 3, our current settings are:
media.peerconnection.ice.default_address_only = true
media.peerconnection.ice.no_host = true
media.peerconnection.ice.obfuscate_host_addresses = true
media.peerconnection.ice.proxy_only = false
media.peerconnection.ice.proxy_only_if_behind_proxy = true
media.peerconnection.ice.relay_only = true
This is done to prevent IP leaks through UDP whenever a proxy is in use.
See: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/151#note_2929915
https://browserleaks.com/webrtc meet.jit.si (privacy oriented conference caller for testing)