14 DAY TRIAL // Back in February, security researchers found an issue with WebRTC, which in certain setups could have been used to reveal the real public and local IP address of a user connected via a VPN.
WebRTC, a Web protocol used in voice and video communications, is supported by only three major browser vendors, Google, Mozilla, and Opera.
When WebRTC was used on a website together with a STUN server, it became possible to reveal the real IP address used by users coming off VPN connections.
Previous fixes solved the problem by turning off WebRTC support
This issue was found to be present in Firefox and Google Chrome, and neither of the companies addressed it with a high priority, since it was categorized as a privacy issue and not security-related.
Later on, Firefox devs did instruct users that putting "media.peerconnection.enabled" to "false" in their "about:config" page would help, while for Chrome users, the BrowserLeaks.com team provided an extension to completely disable WebRTC support in the browser.
Months later, Rentamob also published a Chrome extension that tried to fix the issue without disabling WebRTC completely, but according to TorrentFreak, this caused some WebRTC functions like VoIP not to work correctly.
A Chrome extension from the Chrome team itself
With the release of the WebRTC Network Limiter extension, the Google dev team itself is now having a jab at the issue, trying, just like Rentamob, to fix the IP leaking problem without disabling WebRTC completely.
According to Google devs, "once the extension is installed, WebRTC will only use public IP addresses associated with the interface used for web traffic," which are "typically the same addresses that are already provided to sites in browser HTTP requests."
Unfortunately, just like the Rentamob add-on, the WebRTC Network Limiter also has its own downsides, more accurately, by limiting "potential network paths, WebRTC may pick a path that results in significantly longer delay or lower quality."