Despite their purported use to protect user anonymity while browsing the internet, 23% of VPN providers may actually leak user IP addresses, according to a security report from VoidSec.
The issue stems from a bug in the open source WebRTC project. The particular vulnerability, discovered back in 2015, has to do with WebRTC STUN servers, which can record public and private IP addresses in JavaScript. Even worse is that the recorded IP addresses can be disclosed if a certain website already has a WebRTC connection established.
Of the 83 VPN apps tested, there were 17 found to be leaking information on the IP addresses, according to the report. This functionality could be also used to de-anonymize and trace users behind common privacy protection services such as: VPN, SOCKS Proxy, HTTP Proxy and in the past (TOR users).
Of the VPN providers tested, here are the ones that leaked IP addresses:
- BolehVPN (USA Only)
- ChillGlobal (Chrome and Firefox Plugin)
- Glype (Depends on the configuration)
- hide-me.org
- Hola!VPN
- Hola!VPN Chrome Extension
- HTTP PROXY navigation in browser that support Web RTC
- IBVPN Browser Addon
- PHP Proxy
- piratebayproxy.co
- psiphon3 (not leaking if using L2TP/IP)
- SOCKS Proxy on browsers with Web RTC enabled
- SumRando Web Proxy
- TOR as PROXY on browsers with Web RTC enabled
- Windscribe Addons
According to the post, Brave, Mozilla Firefox, Google Chrome, Google Chrome on Android, Samsung’s browser, Opera, and Vivaldi all have WebRTC enabled by default, the report noted. To stay anonymous while surfing the internet, it is recommended that users disable WebRTC, JavaScript, and Canvas Rendering. Setting a DNS fallback for each connection and adapter, and killing browser instances before and after each VON connection is also recommended.
Adapted from an article on techrepublic.com
If you have any questions regarding this subject, please do not hesitate to contact us here at Frankenstein! Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in affordable IT Support, Cybersecurity Services, IT Services, IT Security, Office 365, Cloud, VOIP Services, SPAM, Wireless, Network Monitoring Services, Custom Gaming PC, MAC repair, PC Repair In Austin, Virus Removal, remote support, web design, on site support and much more.
FAQs
What Is a VPN, and How Does It Protect My Online Privacy?
A VPN (Virtual Private Network) encrypts your internet connection, hiding your IP address and protecting your online activity from eavesdroppers and hackers.
How Do VPNs Leak IP Addresses, and What Are the Consequences?
VPNs can leak IP addresses due to DNS leaks, WebRTC leaks, or poor implementation. This can compromise your privacy and expose your true location.
Which VPN Providers Are Known to Leak IP Addresses, and How Can I Protect Myself?
Some VPN providers are known for leaks due to inadequate security measures. Research a reliable VPN with a strong privacy policy and leak protection features.
What Steps Can I Take to Enhance My Online Privacy and Security While Using a VPN?
Enable leak protection features, use strong passwords, and regularly update your VPN software. Combine VPN use with other security practices like antivirus software.
How Can Frankenstein Computers Assist Me with VPN and Online Privacy Concerns?
Frankenstein Computers can provide expert advice on choosing and setting up a secure VPN. They offer support for maintaining online privacy and troubleshooting any related issues.