WebRTC Leak Test
WebRTC Support Detection | |
| RTCPeerConnection | |
| RTCDataChannel | |
| ORTC (Microsoft Edge) | |
IP Address Detection | |
| Local IP Address | n/a |
| Public IP Address | n/aHide IP |
| IPv6 Address | n/a |
WebRTC Media Devices | |
| Device Enumeration | |
| Has Microphone | |
| Has Camera | |
| Media Devices | |
How to Disable WebRTC
Disable WebRTC in Firefox
WebRTC in Mozilla Firefox is supported since Firefox 22, and it's enabled by default.
To disable RTCPeerConnection and protect IP addresses leakage, go to
about:configand togglemedia.peerconnection.enabledtofalse.To disable Media Devices, toggle
media.navigator.enabledas well asmedia.peerconnection.enabledboth tofalse.
Disable WebRTC in Chrome
WebRTC in Google Chrome and Chromium-based web browsers is supported and enabled by default since Chrome version 23.
To protect IP addresses from leaking, using the official webrtc.org extension WebRTC Network Limiter. It has few options, depending on what you're looking for.
What about Device ID's
First of all, media device enumeration works only in Chromium-based web browsers since Chrome 30 or later.
Device ID's — it's a unique identifiers of an audio/video devices installed in your system. Even if you have no camera/microphone, Chrome may detect more than one device, such as «Line In», «Aux», «CD Player», etc, depending on the system drivers.
Full list of available media devices you can check in «chrome://settings/content ⇒ Media»
Of course, Google Chrome does not allow foreign websites to see the actual Model ID of your hardware devices, instead it provides self-generated hashes. But at the same time, any website is allowed to take this fingerprints without user confirmation.
How persistent and trackable these Device ID's?
Well, for most users this ID's may remain unchanged for months.
WebRTC Device ID is a HMAC of:
Value of the
"media":{"device_id_salt"}located in «Chrome\Data\profile\Preferences». Salt generates randomly at the Chrome's first launch. It's renew every time user doing «Clear browsing data ⇒ Cookies and other site and plug-in data». Also, Incognito Mode does not touch «device_id_salt», but generates its own salt for every session.Origin, aka «protocol://hostname:port». This dependence is not a problem for user tracking, script can be requested from constant host through iframe, and it will be same origin and same Device ID's on any domains.
Raw Device ID of the physical device installed in your system.
So, WebRTC Device Fingerprints persistent to:
- Changing ISP, IP address.
- Restarting browser, rebooting system.
- Clearing cookies and cache through third-party addons like EditThisCookie or CCleaner.
WebRTC Device Fingerprints not persistent to:
- Clearing cookies through «chrome://settings/clearBrowserData».
- Using new session of Incognito mode.