/hc/tr

How can I protect myself from IP leaks caused by Flash or WebRTC?

Bu makale sadece İngilizce olarak mevcuttur. Türkçe çevirisi yakında eklenecektir.

 

While ZenMate VPN extension hides your IP address for browser traffic, it cannot prevent IP leaks caused by the Flash Player, and WebRTC is a well known security threat for all VPNs. But don’t worry, there are ways to get around these issues.

Flash Player

Flash Player is a very old technology which is known to potentially cause security vulnerabilities. As Flash operates outside of your browser it is not covered by browser extensions. The easiest and most reliable solution is to use the ZenMate VPN clients for Windows and Mac OS X, as they secure your entire desktop.

If your device isn’t compatible with the desktop clients, or you prefer to use ZenMate VPN extension, we advise you to use the free browser extension "FlashControl" in addition to ZenMate VPN to let you control when Flash Player is used or not.

Alternatively, you can block Flash Player directly via your browser settings. Please see below for further instructions as to how to do this.

Firefox:

  1. Ensure that Flash Player is installed. Visit the Adobe Flash Player Download Center to download the latest version.
  2. Go to about:addons > “Plugins”
  3. Scroll down to “Shockwave Flash” and select “Ask, to activate”
  4. Test it on http://whoer.net/extended. If the result for “Flash” is “N/A” your Flash Player cannot leak your IP anymore. Good Job!

Chrome

  1. Ensure that Flash Player is installed. Visit the Adobe Flash Player Download Center to download the latest version.
  2. Open “Content settings” in the Privacy section of your advanced browser settings (copy chrome://settings/content in your browser address bar).
  3. Scroll down to “Plug-Ins” and select “Click-to-Play” and save the changes.
  4. Test it on http://whoer.net/extended. If the result for “Flash” is “N/A” your Flash Player cannot leak your IP anymore. Good Job!

 

WebRTC

WebRTC (Web Real-Time Communication) is a technology existing since 2011, and it is intended for browser-to-browser communication. WebRTC allows development of applications that are native to the browser (which, in general, means they are safer). Unfortunately, this technique also allows pages to send requests to the so-called 'STUN servers', which will return your local and your public IP addresses.

Browsers having WebRTC built-in (Chrome, Opera and Firefox) cannot directly block WebRTC (and the IP leak). This means that  ZenMate VPN browser extension cannot prevent such leaks.

To check if your browser is affected by this issue, please perform the following test: https://diafygi.github.io/webrtc-ips/

The test is passed if you see only your local IPs or no IP at all. In other words, to pass the test, your public IP address should be either your current ZenMate VPN proxy IP or not be visible.

If you see your real IP address, you can use one of the following solutions to fully protect yourself. Please note that these solutions will completely deactivate WebRTC, which means that if you want to use WebRTC on a certain web service, you have to manually enable it again.

Firefox

Alternative 1: Use the add-on named "Statutory". Just install it and you are ready to go.

https://addons.mozilla.org/de/firefox/addon/statutory/

If you like to enable WebRTC again, simply disable the Statutory Add–On.

Alternative 2: This way to disable WebRTC does not need any additional software. Start by typing in "about:config" into the address bar of your Firefox browser and confirm by pressing enter. Now you should see a Firefox warning where you have to confirm that you will be careful when changing these settings. Since we will not do anything of harm, please press the button "I'll be careful, I promise!".

This will open a search bar on top of the open page. Please type in "media.peerconnection.enabled" to find the concerned setting.

  • If the value of media.peerconnection.enabled is "false", please change nothing.
  • If the value is "true", please change it to "false" by a double click on it.

That’s it, you are protected against information leaks caused by WebRTC! If you want to enable WebRTC, please perform the same steps again, but set media.peerconnection.enabled value on “true”.

Chrome

Alternative 1: You can use the "WebRTC Leak Prevent" extension to prevent leaks in Chrome. However, please note on some machines it might be needed to do the following after installing this extension:

In the settings of the WebRTC Leak Prevent extension, there are two checkboxes. The first one is checked by default, the second one comes unchecked and has a note that this option is supported only for Chrome v.47.

If the WebRTC issue is still there after installing the extension, please make sure that this second checkbox is also checked/enabled and try again.

Alternative 2: This other way to disable the concerning parts of the WebRTC functionality is kind of a hack. It is recommended to use the latest version of Chrome to get this proper working. The next step is to edit your Chrome user preference file which you will usually find here:

C:\Users\<your windows username>\AppData\Local\Google\Chrome\User Data\

Before you change something, please make a copy of that file and place it somewhere you will find it again. Just in case you want to undo this workaround in the future.

Now, first make sure that the Chrome browser is closed completely, and then open the file and scroll down to the end or until you see the “variations_seed” tag. Finally, simply add the following line to the preference file:

…,"webrtc": {"multiple_routes_enabled": false},…

The result should look like the following screenshot or similar.

Restart your Chrome browser and you’re ready to go!

Please note that this workaround does only disable parts of the WebRTC functionality. Therefore, your local IP addresses will still be revealed within the test, but this is no threat at all since it would not be possible to track you by these IPs.

If you want to enable the full WebRTC functionality again, just remove the line

Başka sorularınız var mı? Bir talep gönder

0 Yorumlar

Makale yorumlara kapalı.
Bir Zendesk Hizmetidir