Categories: Security newsTechnology

Google releases a Chrome extension to fix the critical VPN security hole



WebRTC Network Limiter Chrome extension released by Google to fix the critical VPN security hole which revealed real IPs of users

Earlier in the year, we had reported a serious vulnerability in Google Chrome that leaked users real IP address even though they were using a VPN.  The vulnerability involving WebRTC could leak users real IP of all VPN services users, had cause panic among VPN users because of the inherent risks.

Google has now published an extension for its Chrome browser that fixes this serious WebRTC security hole in Google Chrome.

The WebRTC flaw was exploited by placing a few lines of code on a website and using a STUN server it became possible to reveal not only users’ true IP addresses, but also their local network address too.

At that time, VPN users could install the WebRTC block extension or ScriptSafe which should block the vulnerability. Firefox users, could use the NoScript addon or alternatively, they can type “about:config” in the address bar and set the “media.peerconnection.enabled” setting to false.



However, now Google has published a tiny Chrome extension (7.31KB) called “WebRTC Network Limiter.” This extension disables the WebRTC multiple-routes option in Chrome’s privacy settings while configuring WebRTC not to use certain IP addresses.

In addition to hiding local IP addresses that are normally inaccessible to the public Internet (such as 192.168.1.1), the extension also stops other public IP addresses being revealed.

“Any public IP addresses associated with network interfaces that are not used for web traffic (e.g. an ISP-provided address, when browsing through a VPN) [are hidden],” Google says.

“Once the extension is installed, WebRTC will only use public IP addresses associated with the interface used for web traffic, typically the same addresses that are already provided to sites in browser HTTP requests.”

While WebRTC Network Limiter seems a good solution for th WebRTC security hole, Google admits having issues with the extension,

“This extension may affect the performance of applications that use WebRTC for audio/video or real-time data communication. Because it limits the potential network paths, WebRTC may pick a path that results in significantly longer delay or lower quality (e.g. through a VPN). We are attempting to determine how common this is”.

After applying the blocks and fixes detailed above, Google Chrome users can check for IP address leaks by using sites including IPLeak and BrowserLeaks.

vijay

Recent Posts

  • Gaming
  • Security news

PS4 is reportedly crashing due to malicious message bug

Malicious gamers are sending messages that are bricking PS4 console; here’s what you can do to make sure that your…

4 hours ago
  • Alternatives
  • List
  • Torrent

Yify Torrents Alternatives- Best Yts like site to download movies

Yify torrents also known as yts is one of the best torrenting sites. Also, the yify group is a renowned name…

4 hours ago
  • News
  • Science

Stephen Hawking’s final fear : A Terrifying Master Race Of Superhumans

Professor Stephen Hawking was one of many scientists that pushed the human race forward by sharing his knowledge and understanding of…

22 hours ago
  • Facebook
  • Security news

Hackers accessed 29 million user accounts, says Facebook

Facebook confirms 29 million users’ data accessed by hackers: How to check if your account has been hacked Last month,…

1 day ago
  • Microsoft
  • News

Microsoft open-sources 60,000 patents to protect Linux

Microsoft makes 60,000 patents open-source to help the Linux Community Microsoft has joined the Open Invention Network ("OIN"), an open-source…

2 days ago
  • Gadgets
  • Technology

World’s fastest camera captures images at 10 trillion frames per second

'World's fastest camera' that freezes images at 10 trillion frames a second is unveiled Researchers from Quebec University’s Institute national…

2 days ago