this post was submitted on 29 Jan 2026
9 points (90.9% liked)

privacy

8328 readers
133 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 3 years ago
MODERATORS
Kokomheart@lemmy.ca
QuentinCallaghan@sopuli.xyz
altair222@beehaw.org
9
WebRTC Leak on Android (reddthat.com)
submitted 6 days ago by tatoko556@reddthat.com to c/privacy@lemmy.ca
7 comments fedilink hide all child comments
 

Can Android apps use WebRTC, or is WebRTC only available in browsers?

If Android apps can use WebRTC, how can it be blocked per app or system-wide to prevent IP address leaks?

This could be a huge privacy risk, if you use android, VPN cannot help you to hide yourself from any app that use webrtc.

top 7 comments
sorted by: hot top controversial new old
[–] psycotica0@lemmy.ca 7 points 6 days ago

Definitely Android apps can use WebRTC, and basically any apps that do voice or video calling very likely do.

But more importantly, they don't even need WebRTC, because they can open up any sockets and communicate anything, unlike the browser that's more limited.

Like, any app with network permissions can just call out to any server, which will then have the IP of the client. WebRTC not required.

So yeah, you need all of the networking to go through a VPN to protect against this, if it's important to you.

[–] i_am_not_a_robot@discuss.tchncs.de 3 points 6 days ago (1 children)

WebRTC isn't magic. WebRTC does not bypass a VPN, nor is it the only--or even most common--way that software on your phone, Android or otherwise, can exfiltrate potentially sensitive information, intentionally or unintentionally. The way WebRTC on your phone might leak an IP is that during ICE, which is used by more than just WebRTC, the phone's local IP addresses may be sent, and IPv6 addresses on your WiFi or cell connection may be globally unique. IPv4 local addresses will almost certainly be meaningless, private addresses due to IPv4 address space exhaustion, and any non-local address will be from your VPN gateway.

You cannot block ICE per app or system wide because it is not a system facility, and the permissions required to implement it on Android are not very specific.

[–] tatoko556@reddthat.com 0 points 5 days ago (1 children)

thanks a lot, I guess that means block connections without vpn also blocks webrtc from revealing true ip?

[–] i_am_not_a_robot@discuss.tchncs.de 1 points 4 days ago

I'm not sure. If non-VPN connections are blocked, any non-VPN IP that is leaked cannot be confirmed to be yours, because a connection cannot be established to that IP. However, if the client can see those unusable addresses, it can still send those addresses over the VPN connection as part of ICE and that may be enough of a problem for you.

[–] boredsquirrel@slrpnk.net 1 points 6 days ago (1 children)

Alway on vpn, block connections without vpn

[–] tatoko556@reddthat.com 0 points 5 days ago (1 children)

block connections without vpn

block connections without vpn also blocks webrtc from revealing true ip? thanks

[–] boredsquirrel@slrpnk.net 2 points 5 days ago

It forces all traffic through the VPN. System apps dont need to follow it, user apps do