[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] WebRTC to uncover local IP

On 01/29/2015 12:31 PM, spencerone@xxxxxxxxxxxxxxx wrote:
> Katya Titov kattitov at yandex.com:
>> This PoC has made its ways around. Using webRTC to deanonomize your
>> IP. New to me: https://diafygi.github.io/webrtc-ips/
> My IPAs are displayed when using Firefox, but not using Tor, as
> expected, I think.
> Understanding very little about WebRTC and STUN servers, what does this
> mean for people?

This means that people need to be using gateways (VMs or hardware) for
accessing Tor, VPNs, JonDonym or whatever. There must be _no_ path to
the Internet except through the anonymity system. There must also be no
path to anything sensitive on local networks. For Tor, that means
something like Whonix, the equivalent in Qubes, or a pfSense Tor
gateway. Just sayin'.

> Wordlife,
> SpencerOne
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to