A leak checker identifies two classes of IP addresses; public IP and local IP. Public IP addresses are quite specific and form part of your identity on the internet. Hence, when you’re using a VPN, the sites detect the public IP addresses instead of yours. However, the WebRTC is able to see your real public IP. If you run a WebRTC test only to see a public IP in the results, then you may be experiencing an IP address leak.

What is WebRTC?

WebRTC (Web Real-Time Communication) generally refers to an API definition which allows voice, video chats, and P2P file sharing within a browser. It is a collection of integrated technologies that facilitates communication between web browsers directly without the need for an intermediate server. WebRTC comes with a number of benefits such as faster speeds not to mention less lag for web apps such as file transfer, video chats, and live streaming. However, when two devices are communicating to each other directly, they’re at times need to know each other’s real IP addresses. Hence, WebRTC basically allows a third party to detect your real IP address and use it to identify you. This is referred to as WebRTC leak.

Does a WebRTC leak put your privacy at risk?

It utilizes more integrated and advanced protocols that are far much better compared to those used in the standard IP to uncover your real IP address. The Interactive Connectivity Establishment (ICE) protocol uses the following ways to discover the real IP address.

STUN/TURN servers

The STUN/TURN servers allow the web browsers to ask questions such as what are my public IPs. What’s more, the STUN/TURN servers allow two devices to communicate even if they’re behind NAT firewalls.

The Host Candidate Discovery

Of course, most if not all devices accessing the internet have multiple IP addresses associated with the hardware. Despite the firewalls hiding them from websites and STUN/TURN, the ICE protocol allows the browsers to simply read them off your device. IPv4 is commonly associated with devices and do not compromise the privacy. However, the IPv6 addresses put your device at a high privacy risk. IPv4 and IPv6 are quite different. The IPv6 acts as the public IP such that it is unique to you. The ICE easily discovers the IPv6 associated with your device and this could compromise with your privacy.

Unfortunately, a malicious website can also utilize a STUN/TURN server or even Host Candidate Discovery to trick your browser into unveiling your public IP to identify you without your consent.

Steps to carry out WebRTC leak test

WebRTC leak test

In case you’re using a Virtual Private Network, and the leak tool shows there is a leak, you can perform some of the following leak tests to ascertain:

  1. disconnect from your VPN and open an IP checker,
  2. make note of any public IP you see there,
  3. close the IP checker,
  4. connect to your VPN and reopen the IP address checker.

Should you note any public IP address from the previous IP check, you definitely have a privacy leak. However, if you’re using a VPN and the tool states that there is no leak, you’re good to go.

How to prevent WebRTC leak

Perhaps you’re wondering how to stop or prevent WebRTC leaks, do not panic. You might want to look out for VPNs that are integrated to protect you from WebRTC leaks. Other VPNs such as ExpressVPN goes an extra mile to completely disable it from the settings menu. Of course, browsers at times cache IP addresses in memory; such incidences may compromise with your privacy. What’s more, you can manually disable the WebRTC in your browser.

How to manually disable WebRTC in Firefox on desktop

  1. On the address bar, type ‘about:config’
  2. Click on the ‘I accept the risk!’ button that appears
  3. A search bar will appear, type ‘media.peerconnection.enabled’
  4. Double-click to change the value to ‘false’

The procedure above can effectively work on both desktop and mobile version of Firefox. However, if you’re using the Chrome browser, you might want to check out the following extensions:

The uBlock Origin works as an all-purpose blocker for ads, trackers, and has an option to block webRTC. On the other hand, the WebRTC Network Limiter is an add-on developed by Google to specifically stop the IP leakage through WebRTC.

Which browsers are most vulnerable to WebRTC leaks?

In case you’re wondering which browsers are more vulnerable when it comes to WebRTC leakage, it leaks in almost any browser. Users of Firefox, Chrome, Opera, Safari, and Microsoft Edge; just to mention a few are more vulnerable to webRTC leaks; probably because they have WebRTC enabled by default. When it comes to mobile web browser support, there’s less concern compared to the desktop browser support. However, you can be sure of WebRTC leak protection on the mobile browsers in the near future. While you’re free from it in one browser, it’s not a guarantee that you’re protected in another browser in the same desktop. Hence, it is important to consider taking preventive measures in each browser.

Disabling the WebRTC does not affect the normal browsing experience. Remember: most websites don’t depend on it. Hence, don’t panic about disabling the feature. However, the latest browsers might put off some functionality on some websites. In such cases, you can opt to use firewall rules in order to enforce that traffic may only be sent through an encrypted VPN.