* Daniel Berntsson wrote in mozilla.dev.privacy: >Until WebRTC Javascript did not have access to the computer's networking >details. With WebRTC it suddenly has. Any web server can unbeknownst to >the user get a list of all IP addresses on all the client computer's >network interfaces and a list of all IP addresses with which the client >computer can reach a STUN server. On Windows, Firefox even bypasses the >routing table trying to reach the STUN server through as many paths as >it can and then sends the results to any web server that wants it >without approval from or notice to the user. More information and a demo:
https://lists.w3.org/Archives/Public/public-webrtc/2015Feb/thread.html#msg1 is the most recent discussion about this in W3C's WebRTC Working Group. -- Björn Höhrmann · mailto:[email protected] · http://bjoern.hoehrmann.de D-10243 Berlin · PGP Pub. KeyID: 0xA4357E78 · http://www.bjoernsworld.de Available for hire in Berlin (early 2015) · http://www.websitedev.de/ _______________________________________________ dev-privacy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-privacy
