Tor Browser Webrtc

JavaScript Disabled

Description This extension starts the Tor executable in the background and on successful connection, redirects all your traffic through the Tor anonymous network to increase user privacy. Also when Tor is connected, WebRTC is disabled to prevent your public IP from revealing your identity.

WebRTC Support Detection

Protect Your Online Activity

WebRTC IP Address Detection

Local IP Addressn/a
Public IP Addressn/a
IPv6 Addressn/a

WebRTC Media Devices

Device Enumeration
Has Microphone
Has Camera
Media Devices

How to Disable WebRTC

  1. Snowflake WebRTC. So I’m willing to run snowflake in my Firefox and it says I need to have WebRTC enabled but I’m “preventing it from leaking local ip addresses” with ublock origin. Do I need to uncheck that option? Or it doesn’t disable WebRTC completely so it’s ok to have it.
  2. Tor explicitly states that WebRTC is a vulnerability and should be blocked. In 2015, a vulnerability was found within WebRTC that reveals local IP addresses of users, including those that use a VPN. While some solutions have been created, including Perfect Privacy and ExpressVPN, the underlying issue has yet to be resolved.

Disable WebRTC in Firefox

WebRTC in Mozilla Firefox is supported since Firefox 22, and it's enabled by default.

To disable RTCPeerConnection and protect IP addresses leakage, go to about:config and toggle media.peerconnection.enabled to false.

Does My Browser Support Webrtc

To disable Media Devices, toggle media.navigator.enabled as well as media.peerconnection.enabled both to false.

Disable WebRTC in Chrome

WebRTC in Google Chrome and Chromium-based web browsers is supported and enabled by default since Chrome version 23.

To protect IP addresses from leaking, using the official extension WebRTC Network Limiter. It has few options, depending on what you're looking for.

Webrtc Edge Browser Test

What about Device ID's

Tor Browser Webrtc
This article may contain irrelevant information, will be reviewed soon.

First of all, media device enumeration works only in Chromium-based web browsers since Chrome 30 or later.

Device ID's – it's a unique identifiers of an audio/video devices installed in your system. Even if you have no camera/microphone, Chrome may detect more than one device, such as «Line In», «Aux», «CD Player», etc, depending on the system drivers.

Full list of available media devices you can check in «chrome://settings/content ⇒ Media»

Of course, Google Chrome does not allow foreign websites to see the actual Model ID of your hardware devices, instead it provides self-generated hashes. But at the same time, any website is allowed to take this fingerprints without user confirmation.

How persistent and trackable these Device ID's?

Well, for most users this ID's may remain unchanged for months.

WebRTC Device ID is a HMAC of:

  1. Value of the 'media':{'device_id_salt'} located in «ChromeDataprofilePreferences». Salt generates randomly at the Chrome's first launch. It's renew every time user doing «Clear browsing data ⇒ Cookies and other site and plug-in data». Also, Incognito Mode does not touch «device_id_salt», but generates its own salt for every session.

  2. Origin, aka «protocol://hostname:port». This dependence is not a problem for user tracking, script can be requested from constant host through iframe, and it will be same origin and same Device ID's on any domains.

  3. Raw Device ID of the physical device installed in your system.

So, WebRTC Device Fingerprints persistent to:

Webrtc Microsoft Edge Browser

  • Changing ISP, IP address.
  • Restarting browser, rebooting system.
  • Clearing cookies and cache through third-party addons like EditThisCookie or CCleaner.

WebRTC Device Fingerprints not persistent to:

  • Clearing cookies through «chrome://settings/clearBrowserData».
  • Using new session of Incognito mode.

Further Reading