Opened 7 years ago

Closed 7 years ago

Last modified 6 years ago

#8178 closed defect (fixed)

Build FF17 with --disable-webrtc on all platforms

Reported by: mikeperry Owned by: erinn
Priority: Very High Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords: MikePerry201302
Cc: Actual Points: 0.5
Parent ID: Points:
Reviewer: Sponsor:

Description

It looks like FF17 ships with and builds WebRTC. I'm not sure how much of the WebRTC is actually exposed, but the code definitely has the ability to create UDP sockets independent of proxy settings if it is used. I also don't see any about:config entries for it.

We want to disable this by compile option.

Child Tickets

Change History (4)

comment:1 Changed 7 years ago by dcf

At least one WebRTC-related about:config setting seems to be called media.peerconnection.enabled.

https://hacks.mozilla.org/2013/02/hello-chrome-its-firefox-calling/ "Start Developing Using RTCPeerConnection in Firefox"

comment:2 Changed 7 years ago by mikeperry

That pref doesn't seem to be used in the FF17 source tree. I just built a TBB with --disable-webrtc though and it does remove most of the code, including the UDP socket stuff. I'll push this change when I finish with #3944.

comment:3 Changed 7 years ago by mikeperry

Actual Points: 0.5
Keywords: MikePerry201302 added
Resolution: fixed
Status: newclosed

comment:4 Changed 6 years ago by cypherpunks

What about those of us who use transparent torification and want to use WebRTC? I understand why this is disabled in the default configuration (using SOCKS), but as long as a proper firewall/Tails/Whonix/TorVM is in place, the browser would be prevented from making any direct connections, no matter how hard it tries. UDP traffic would likely be blocked entirely, but there's still plenty of usefulness in WebRTC's "reliable data channels" (TCP). I'd like to see the user be able to enable WebRTC using the aforementioned media.peerconnection.enabled option, but I guess we'll have to wait until Mozilla decides to honor that option. Perhaps a bug report should be filed with Mozilla to help fix this problem?

Note: See TracTickets for help on using tickets.