webRTC Leak Confirmed

Qubes-Whonix
1

I am aware that the documentation recommends using Tor Browser in Whonix Workstation. I am also aware of the countless discussions on the forums where moderators/Whonix staff firmly state that it is best to use Tor Browser in Whonix-Workstation (for max anonymity, safety, etc).

However… the documentation also states,

“If browsers other than Tor Browser are used in Whonix ™, the IP address and Domain Name Service (DNS) requests are still protected.”

I was testing out Chrome on Whonix Workstation and through various browser tests my REAL local IP is showing up on webRTC leaks. Has this happened to anyone before and what is the threat having your local IP revealed?

The Qubes VM Configuration:
Chrome on whonix-ws → sys-whonix → sys-corridor → sys-VPN → sys-firewall → sys-net

note: Running this configuration with Tor Browser I found no leaks on any of the browser tests listed in the documenation, nor in any of the advanced --leak tests.

2

not what have been said in the documentation, if you want to test for leaks using other browsers then it should be:

Chromium on whonix-ws → sys-whonix → sys-firewall → sys-net

Any other method used not whonix responsibility or issue.

3

Chrome or Chromium?
If Chrome: same issue with Chromium?

By whonix-ws (wrong terminology perhaps) you mean anon-whonix or a whonix-ws-15 template based AppVM?

I cannot reproduce this with Chromium.

Please add steps for reproduction as per:

See also:

As long as using anon-whonix → sys-whonix it doesn’t matter what comes after.

anon-whonix → sys-whonix → doesn’t matter.

Showing something?

1 Like
4

True, but we dont know what he done in GW that it makes the connection pass through to clearnet without going on Tor.

very difficult to know where is the issue.

5

my apoligies. I should have put “anon-whonix” in place of “whonix-ws”. And I was using Google Chrome, not chromium. I will add the steps per Reporting Bugs.

6

Also, I had sys-corridor terminal open running (sudo tail -f /var/log/syslog), and no blocks were shown for the entire test…will include in bug report.