Hi all,
Having WebRTC enabled by default is a huge privacy loss for our users.
See [1] [2] [3] for some background.
As described in the MozillaWiki[4], there are a few different options
that we can put in our distro default config to limit this issue:
media.peerconnection.ice.no_host
This prevents Firefox from establishing outbound connections from local
addresses. This effectively disables ICE on almost all machines.
media.peerconnection.enabled
This prevents Firefox from even creating the JS objects needed for
WebRTC (it will appear as if the browser does not support ICE / STUN /
WebRTC at all). This appears to break some popular sites, like Airbnb,
per [5]. Probably too drastic.
media.peerconnection.ice.relay_only
This prevents local connections from being established, but allows
external ICE servers to function as "proxy" servers. In combination
with media.peerconnection.use_document_iceservers = false (to prevent
the document from providing its own ICE server list, which would allow
the attacker to get the information anyway), and providing a value for
media.peerconnection.default_iceservers (which would require us to find
or create a privacy-respecting ICE proxy and keep it updated), it would
allow safe use of WebRTC.
Note that this is all from quick reading and referencing of the linked
references and the Firefox source code. If anyone else can find better
or more in-depth information, that'd be great.
My personal opinion with the information presented is that we should use
media.peerconnection.ice.no_host = true. That way the objects can still
be created, but it's not possible to establish outbound connections.
Best,
--arw
[1]:
https://arxiv.org/pdf/1906.10478.pdf
[2]:
https://www.ivpn.net/knowledgebase/158/My-IP-is-being-leaked-by-WebRTC-Ho...
[3]:
https://github.com/diafygi/webrtc-ips - and the demo located at
https://diafygi.github.io/webrtc-ips/ which shows your IPs.
[4]:
https://wiki.mozilla.org/Media/WebRTC/Privacy
[5]:
https://github.com/schomery/privacy-settings/issues/55
--
A. Wilcox (awilfox)
Project Lead, Adélie Linux
https://www.adelielinux.org