Hacker News new | past | comments | ask | show | jobs | submit login

The public address could be enough for the server to realize there are two browsers from the same LAN. Then it tells the browsers to look for each other.

I'm not really sure that it is practical with large LANs (a /16) but it doesn't look impossible. If they design for privacy they could develop an algorithm that works.

And if I connect with a VPN I probably don't want to bypass it. I've got customers that accept unconveniences to protect their network with VPNs. Should browsers break it with WebRTC? I didn't think so. It's a vulnerability that I keep blocked.




> The public address could be enough for the server to realize there are two browsers from the same LAN. Then it tells the browsers to look for each other.

> I'm not really sure that it is practical with large LANs (a /16) but it doesn't look impossible. If they design for privacy they could develop an algorithm that works.

Not even a little bit practical. Most big lans disallow broadcasts, or limit them in various ways. The only way for peers to find each other is to know each other's private IP address. And private IP addresses contain nothing of value.

Now if you're using a VPN which you intend to use to protect your privacy, well... There are countless of other problems with that if you just turn that on, use the same software as always, and think you are now 'anonymous'.

> And if I connect with a VPN I probably don't want to bypass it. I've got customers that accept unconveniences to protect their network with VPNs. Should browsers break it with WebRTC? I didn't think so. It's a vulnerability that I keep blocked.

It's not a vulnerability. It is a very, very useful feature. You just happen to think that enabling a VPN will magically give you a privacy shield, which is misguided at best.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: