Godlike Productions - Conspiracy Forum
Users Online Now: 1,360 (Who's On?)Visitors Today: 323,448
Pageviews Today: 648,622Threads Today: 354Posts Today: 7,853
02:03 PM


Rate this Thread

Absolute BS Crap Reasonable Nice Amazing
 

Warning. All VPNs are compromised. Luckily a simple solution..

 
Anonymous Coward
User ID: 67071507
Switzerland
01/31/2015 02:31 AM
Report Abusive Post
Report Copyright Violation
Warning. All VPNs are compromised. Luckily a simple solution..
[link to torrentfreak.com]

VPN users are facing a massive security flaw as websites can easily see their home IP-addresses through WebRTC. The vulnerability is limited to supporting browsers such as Firefox and Chrome, and appears to affect Windows users only. Luckily the security hole is relatively easy to fix.
Anonymous Coward (OP)
User ID: 67071507
Switzerland
01/31/2015 02:48 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
This link will tell you if your vpn is compromised
[link to diafygi.github.io (secure)]

firefox solution: use noscript or goto about:config

set the “media.peerconnection.enabled” setting to false.
Anonymous Coward
User ID: 66064934
United States
01/31/2015 02:52 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
bump
PirateMonkey
We're going to Make GLP Great Again

User ID: 64468440
United States
01/31/2015 03:01 AM

Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
Thank you for the info. Fixed the leak.
7/11 was a part time job!
Anonymous Coward
User ID: 56501102
United States
01/31/2015 03:08 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
This link will tell you if your vpn is compromised
[link to diafygi.github.io (secure)]

firefox solution: use noscript or goto about:config

set the “media.peerconnection.enabled” setting to false.
 Quoting: Anonymous Coward 67071507


I went to the link and it showed my real ip.

Then I did the about:config thing and found that the setting was already set to "false."

So I toggled it to "true" then back to "false" and tried again and that time it passed the test.

Weird that it was set to "false" to begin with, but was still sending out my real IP ...
Anonymous Coward
User ID: 67545238
United States
01/31/2015 03:10 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
Yeah thas
Anonymous Coward
User ID: 66835672
United States
01/31/2015 03:13 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
[link to chrome.google.com (secure)]

To fix it in Chrome.
Anonymous Coward
User ID: 46500074
United Kingdom
01/31/2015 04:54 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
bump.
Anonymous Coward
User ID: 65460291
United States
01/31/2015 05:33 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
[link to torrentfreak.com]

VPN users are facing a massive security flaw as websites can easily see their home IP-addresses through WebRTC. The vulnerability is limited to supporting browsers such as Firefox and Chrome, and appears to affect Windows users only. Luckily the security hole is relatively easy to fix.
 Quoting: Anonymous Coward 67071507


It didn't work in my firefox
Anonymous Coward
User ID: 67540412
Germany
01/31/2015 05:50 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
bump
Anonymous Coward
User ID: 61365250
United Kingdom
01/31/2015 05:52 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
This link will tell you if your vpn is compromised
[link to diafygi.github.io (secure)]

firefox solution: use noscript or goto about:config

set the “media.peerconnection.enabled” setting to false.
 Quoting: Anonymous Coward 67071507


Done. Thanks for that!
Anonymous Coward
User ID: 57522488
Switzerland
01/31/2015 05:53 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
If you have IE or FF 21 and below then no problem.

Noscript wont fix this. YOu have to disable WEBRTC


another checking link
[link to www.browserleaks.com (secure)]
Anonymous Coward
User ID: 67298696
Spain
01/31/2015 06:03 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
anybody know where I can get some descent torrents from all I seem to be getting lately is viruses and spam
Anonymous Coward
User ID: 67298696
Spain
01/31/2015 06:04 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
This link will tell you if your vpn is compromised
[link to diafygi.github.io (secure)]

firefox solution: use noscript or goto about:config

set the “media.peerconnection.enabled” setting to false.
 Quoting: Anonymous Coward 67071507


Done. Thanks for that!
 Quoting: Anonymous Coward 61365250


How?
Anonymous Coward
User ID: 67464631
Luxembourg
01/31/2015 06:12 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
If you have IE or FF 21 and below then no problem.

Noscript wont fix this. YOu have to disable WEBRTC


another checking link
[link to www.browserleaks.com (secure)]
 Quoting: Anonymous Coward 57522488


WebRTC depends on javascript, so yes, No-Script fixes it.
Anonymous Coward
User ID: 61365250
United Kingdom
01/31/2015 06:30 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
This link will tell you if your vpn is compromised
[link to diafygi.github.io (secure)]

firefox solution: use noscript or goto about:config

set the “media.peerconnection.enabled” setting to false.
 Quoting: Anonymous Coward 67071507


Done. Thanks for that!
 Quoting: Anonymous Coward 61365250


How?
 Quoting: Anonymous Coward 67298696


Open a new tab in Firefox.

Enter "about:config" in the URL and press Enter (ignore the warning).

Scroll down to where it says “media.peerconnection.enabled” and right-click on that.

If it is set to "True" then click on "Toggle" in the drop-down menu. This should set it to "False."
Anonymous Coward
User ID: 64415069
United States
01/31/2015 06:51 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
cloaked!
Anonymous Coward
User ID: 62757065
United States
01/31/2015 07:25 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
bump
Anonymous Coward
User ID: 67424869
United States
01/31/2015 07:54 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
What about other local host information. If java script can query the localhost for the IP on the local adapter, can it not query for hostname ? MAC address ?
Anonymous Coward (OP)
User ID: 67071507
Switzerland
01/31/2015 10:09 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
What about other local host information. If java script can query the localhost for the IP on the local adapter, can it not query for hostname ? MAC address ?
 Quoting: Anonymous Coward 67424869


Even after this fix, i was shocked that the back-end server can locate your timezone if you have not disabled javascript.

eg goto www.formula.com and see the local time. Even if you are using VPN it would still show your timezone. I contacted customer care and they told me this...

You have to disable javascript by addon like noscript. also disable hmtl5.

[link to thehackernews.com]

disable link
[link to www.trishtech.com]



also type geo.enabled in the about:config window and disable it.
[link to www.mozilla.org (secure)]
Anonymous Coward (OP)
User ID: 67071507
Switzerland
01/31/2015 10:10 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
sorry i meant [link to www.formula1.com]
Anonymous Coward (OP)
User ID: 67071507
Switzerland
01/31/2015 10:13 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
to spoof mac address download smac 2.0

[link to www.klcconsulting.net]


Best option would be to get a DD-WRT vpn router like netgear r6300, asus rtn16 etc
Anonymous Coward
User ID: 65940913
United States
01/31/2015 10:23 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
If I have enabled geolocation so that I can play online casino in NJ--will changing the settings mess that up?
Anonymous Coward
User ID: 50819642
Belgium
01/31/2015 10:24 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
how the fuck is a tunnel on transit level, going to stop userland applications from doing stupid shit?

vpn's aren't compromised. people's brains are.
Anonymous Coward (OP)
User ID: 67071507
Switzerland
01/31/2015 10:26 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
If I have enabled geolocation so that I can play online casino in NJ--will changing the settings mess that up?
 Quoting: Anonymous Coward 65940913


geo location is enabled by default. Sites like google bypass geo.enabled (set to false) by relying on yoour ip address. To fool google, you have to spoof your ip address using tor or vpn.

You can also set fiefox setting to forbid websites not to track you via do not track option
[link to www.mozilla.org (secure)]

But nowadays websites use beacons, flash cookies and to dtop that you need addons like ghostery, adblock, better privacy etc.
Anonymous Coward
User ID: 62336876
Austria
01/31/2015 10:32 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
anybody know where I can get some descent torrents from all I seem to be getting lately is viruses and spam
 Quoting: Anonymous Coward 67298696


[link to oldpiratebay.org (secure)]
Anonymous Coward
User ID: 25517648
United States
01/31/2015 10:59 AM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
[...]

you need addons like

ghostery,
adblock,
better privacy

etc.

 Quoting: Anonymous Coward 67071507


hesright
PirateMonkey
We're going to Make GLP Great Again

User ID: 64468440
United States
01/31/2015 04:04 PM

Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
Really appreciate threads like this. It can be hard to stay one step ahead of the game when we all have a million other things to worrying about.

Much appreciated. hf
7/11 was a part time job!
Anonymous Coward
User ID: 67562142
United States
01/31/2015 04:27 PM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
Now cloaked. Totally exposed before.

fuckin hell.

did the browser thing and the noscript add on.
one of the best threads ever on GLP.

OP has done a tremendous service. But then I obviously don't know shit about this stuff.
Anonymous Coward
User ID: 67457479
South Africa
01/31/2015 04:28 PM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
how the fuck is a tunnel on transit level, going to stop userland applications from doing stupid shit?

vpn's aren't compromised. people's brains are.
 Quoting: Anonymous Coward 50819642


hesright
Anonymous Coward
User ID: 67562142
United States
01/31/2015 04:37 PM
Report Abusive Post
Report Copyright Violation
Re: Warning. All VPNs are compromised. Luckily a simple solution..
Otherwise intelligent people helpless against this shit if they aren't conversive.