WebRTC enables real-time peer-to-peer communication between browsers without the need for additional plugins or third-party apps. In this article, we will talk about how WebRTC works and how it impacts your online experience. We will also discuss major security flaws that plague WebRTC implementation in web browsers and how you can disable it in your browser (Chrome and Firefox) to mitigate the issue.

The implementation of WebRTC in some modern browsers includes security flaws that can leak your IP address on the web, jeopardizing your online privacy. So today, alongside a detailed explainer on WebRTC, we will also show you how to disable it in your browser for enhanced privacy.

  • What is WebRTC?
  • Uses and Benefits
  • Security Concerns
  • How WebRTC Leaks Can Impact Your Online Privacy
  • How to Disable WebRTC on Chrome and Firefox

What is WebRTC?

WebRTC (Web Real-Time Communication) is a free and open-source HTML5 specification that provides browsers on desktops and mobile support for real-time communication (RTC) via plugin-free APIs. The technology enables audio and video communication to work inside web pages by allowing direct peer-to-peer communication, eliminating the need for plugins or other additional software.

Uses and Benefits

There are many different use-cases for WebRTC, from basic web apps that use the camera or microphone to more advanced video-calling and screen-sharing apps. The technology enables developers to add real-time communication capabilities to applications that work on top of an open standard. As per the non-profit organization behind the project, WebRTC “supports video, voice and generic data to be sent between peers, allowing developers to build powerful voice- and video-communication solutions.”

One of the major concerns surrounding WebRTC implementation in browsers came to light in 2015. Back then, TorrentFreak reported that a serious vulnerability plagues browsers supporting the WebRTC standard. As per the report, the vulnerability could potentially compromise the anonymity of VPNs and expose the public IP address of users. Generally referred to as a WebRTC Leak, the vulnerability reportedly affects both Firefox and Chrome.

WebRTC cannot transfer multimedia content and other data between browsers without knowing your IP address. To identify a user’s IP address, it uses a technology called ‘Interactive Connectivity Establishment Protocol’ or ICE. The technology obtains IP addresses in two unique ways.

Firstly, there’s ‘Host Candidate Discovery,’ which is the ICE protocol that allows a browser to read IP addresses from the device itself. Secondly, WebRTC can also use STUN/TURN servers to obtain a user’s IP addresses. Malicious websites could potentially exploit this to make your IP address visible even when connected to VPN services. The scariest part is that the leaks can happen without the user’s knowledge.

You can disable WebRTC on your browser either using third-party extensions or through built-in methods. Here, we will look at how to disable WebRTC in Google Chrome and Mozilla Firefox on Windows 10 and Android. Microsoft Edge and Apple’s Safari do not currently enable WebRTC by default. So you do not need any action on these browsers unless you have manually enabled WebRTC.

Disable WebRTC in Chrome on Windows 10

Google Chrome doesn’t have a built-in method to disable WebRTC on desktop, both Windows and macOS. However, you can install free third-party extensions such as WebRTC Network Limiter (Free) or WebRTC Control (Free) from the official Chrome Web Store.

Note: You could earlier block WebRTC on Chrome for Android using a Chrome Flag, but that option is no longer available.

Disable WebRTC in Firefox on Windows 10

Unlike Chrome, Firefox has a built-in setting that allows you to turn off WebRTC. Here’s how you do it:

Disable WebRTC in Firefox on Android

Like Google Chrome on Android, you cannot disable WebRTC on Firefox for Android. That’s because you cannot access about:config in the Firefox stable and beta channels on Android as of April 2021. However, Mozilla does offer about:config access in Firefox Nightly, so you can download that from the Play Store (free) and follow the steps below:

Disable WebRTC in Your Browsers on PC and Mobile to Prevent Security Issues

WebRTC can be extremely beneficial for both web developers and end-users. While we largely think of it in the context of audio and video communication, its abilities reach far beyond multimedia. WebRTC also enables users to send any type of data using peer-to-peer connections. App developers can also integrate this into non-browser applications because of its versatility. However, the security concerns surrounding its implementation by major browsers mean that it is best left de-activated unless you’re on a trusted website. So go ahead, follow our tutorial above to disable this protocol in your browser on your PC and smartphone.