Highest Voted 'webrtc' Questions - IT Security Stack Exchange

16

votes

3 answers

How secure is "Firefox Hello"?

The new "Firefox Hello" feature promises easy and safe video conversation. It is not nescessary to create an account, you simply share a link with your partner to start the conversation. The communication is promised to be "private and secure" on…

asked Jul 17 '15 at 21:59

dervonnebenaan

365
2
7

13

votes

1 answer

What is WebRTC and how can I protect myself against leaking information that doesn't need to be shared?

What is WebRTC and what is it intended to be used for? According to this Browser Leaks Test for WebRTC and IP Leaks, I am currently leaking IP information for IP addresses that I do not believe anybody on the internet needs to know, ever. I…

vulnerability webrtc

asked Feb 20 '15 at 11:45

kalina

3,354
5
20
36

12

votes

4 answers

What is the point of TURNS in WebRTC

WebRTC makes use of TURN-Servers if the direct peer to peer connection fails. There are two protocols available: TURN and TURNS (TURN over TLS). According to the MDN: All data transferred using WebRTC is encrypted. If all data sent via a data…

tls webrtc

asked Apr 30 '18 at 09:02

Someone else

121
1
5

7

votes

2 answers

Stun scripts/webRTC IP leaks

I've been looking at webRTC and stun scripts in general and their ability to bypass VPN's. And have a few questions I hope someone can help me with. 1) Since using openVPN and other VPN protocols/methods normally sets the default adaptor to itself,…

vpn webrtc

asked Jul 01 '15 at 11:27

user3407675

73
4

7

votes

1 answer

Why does WebRTC need the local IP?

This question Why is my internal IP address (private) visible from the Internet? highlights that the Local IP can be accessible from a website because WebRTC needs it. However it does not answer why WebRTC needs it. From the wiki page of the STUN…

webrtc

asked Dec 30 '16 at 19:41

Jecimi

183
4

6

votes

2 answers

How to really treat security between peers in WebRTC

Recently I've been implementing WebRTC in my project and would like to add security and privacy to the couple. I then decided to search on and found something if it is really necessary to impose security, it should be done at the application…

encryption cryptography webrtc

asked Jul 28 '15 at 18:07

user5166099

61
3

6

votes

1 answer

Is WebRTC still leaking my IP addresses in incognito or private browsing mode?

WebRTC can leak your private IP address, even though you are using a VPN, from what I learn here. Am I protected against this information leak affecting my privacy, when I'm using the incognito or private browsing mode in my browser along with a…

web-browser vpn vulnerability webrtc

asked Jul 10 '15 at 07:51

Graviton

905
4
12
26

6

votes

1 answer

How to pentest DTLS-SRTP?

I'm currently working on a penetration test about DTLS-SRTP strengths and weaknesses. But I'm stuck on an eavesdropping test using Wireshark. Yes, it's protected by SRTP, but: What's DTLS actually doing/working on the media channel? What are…

tls voip webrtc dtls srtp

asked Jul 05 '15 at 10:31

alsterisk

61
1

5

votes

1 answer

How to decrypt Diffie-Hellman encryption in WebRTC?

I have installed a WebRTC server application, which is designed for Contact Center solutions: communicates with internal PCs in pure RTP (agents), and with external PCs (customers) using encrypted WebRTC. WebRTC is encrypted with Diffie-Hellman. I…

tls decryption diffie-hellman webrtc

asked May 29 '19 at 08:01

Gábor Major

151
4

4

votes

1 answer

Webrtc privacy issues?

I've been reading about WebRTC, and I'm interested in using it for a drawing web application that uses real-time collaboration. However, as I understand, WebRTC communication requires all parties involved to know each other's IP address. If one of…

privacy ip geolocation webrtc

asked Aug 27 '15 at 07:06

John L.

141
2

4

votes

1 answer

WebRTC security & encryption

I am building a WebRTC application, and really concerned about security. I have read this quite interesting article : https://webrtc-security.github.io As I am far from being an expert in networking security, I just want to confirm that I am doing…

tls network p2p webrtc

asked Feb 04 '17 at 14:32

Flo Schild

141
5

3

votes

1 answer

What information can be leaked via unencrypted STUN transmission?

I am brand new to WebRTC and am trying to wrap my head around what the STUN protocol exactly does and the risks of data leakage on an unencrypted transmission. From my understanding, the STUN protocol helps programs sitting behind NATs find each…

webrtc

asked Oct 13 '16 at 21:50

Dave

215
1
3
4

3

votes

1 answer

WebRTC shouldn't leak from a full, transport layer VPN ... right?

I have read and re-read the questions about webRTC leaks and have a good understanding as to how this works and why IP addresses are leaking from so-called "VPN tunnels". However, in all of those cases, the "VPN tunnels" are actually just software…

network privacy vpn webrtc

asked Sep 29 '16 at 16:06

user227963

201
1
2

2

votes

1 answer

WebRTC attack surface area?

I'm building an app for browser-to-browser communication. What is the attack surface area for WebRTC in 2015? What kinds of attacks could be done? And more importantly, how do I craft something useful, that does it's reasonable best to be…

web-browser browser-extensions webrtc

asked Oct 31 '15 at 21:05

Michael Cole

288
1
8

2

votes

1 answer

Properly solving IP leaking from WebRTC and other apps with STUN when using a VPN

This is really a follow-up question from this: Stun scripts/webRTC IP leaks I'm connecting to a VPN using a virtual adapter, which has a default routing rule so all traffic goes through it. I still have the real adapter and it needs a specific…

linux vpn data-leakage openvpn webrtc

asked Oct 13 '15 at 14:12

jozxyqk

121
3

Questions tagged [webrtc]