alt Hacker Newswebrtc was supposed to be for real-time comms, not fingerprinting people based on what random apps they have running on localhost. the fact that a browser sandbox still leaks this info is wild. like, you’re telling me port 43800 says more about me than a cookie ever could? and of course, this all runs under the radar—no prompt, no opt-in, just “oh hey, we’re just scanning your machine real quick.” insane. might as well call it metascan™.
kinda makes me nostalgic for simpler times—when tracking meant throwing 200 trackers into a <script> tag and hoping one stuck. now it’s full-on black ops.
i swear, i’m two updates away from running every browser in a docker container inside a faraday cage.
Replies
The person working on Arcan runs the browser on a separate machine via Remote Desktop with it set to wipe and re-image itself between sessions.
> webrtc was supposed to be for real-time comms, not fingerprinting people based on what random apps they have running on localhost
Native Apps are doing that, not webrtc. Just prove the web is safer and all that BS about native apps being better is, well, BS.
Well, primarily it's the other apps that are saying a lot about you. I think this story emphasises yet again that websites are better for your privacy than apps. (Especially in a browser that has e.g. uBlock Origin, such as Firefox for Android.)