For many the idea is the use of a VPN (Virtual Private Network) service. These services allow you to connect to the internet through a proxy that is supposed to mask your real IP address and keep the spying at bay. The use of VPN services has exploded in the months following the revelations by Edward Snowden on how much information governments gather about us.
Sadly even these services have had their flaws and, at times, have left their users just as exposed as someone directly connected to the internet. The latest of these flaws turns out to be browser and OS related and not directly tied to any one source. The flaw is in WebRTC and the browsers that support them. This flaw allows a website to request (and get) IP address information from certain VPN servers called STUN Servers (Session Traversal Utilities for NAT). What these servers do is translate your address to a new public IP address and vice versa through a common protocol called NAT (Network Address Translation) and to keep the packets flowing to and from you without any loss of data during the micro seconds it takes to make the change. To do this they have to keep a table of your VPN based public IP and your real one. Home routers perform a similar (although more primitive) function in translating private IP addresses to public and back.
The requesting website merely uses a script to request this information when a web page is loaded and catalogs it like it would regular visits. It is a very simplistic method and it also has a pretty simple fix. So far the issue appears to exist only in Windows based systems that are running FireFox and Chrome. These browsers have a number of plug-ins that can mitigate this flaw. For FireFox you can use NoScript or set the media.peerconnection.enabled setting to false (you get there by typing about:config in the address bar). Chrome can be hardened against this by installing WebRTC Block or ScriptSafe.
Alternately you can setup your home router/firewall to connect to your VPN service directly. This removes the likelihood of a software based flaw from exposing your information. These steps will not give you 100% protection, but then again nothing will. If you want to check the security of your browsing habits including if you are vulnerable to the WebRTC flaw you can check out the links below. As always, stay safe out there.
Tell us what you think