Web Real-Time Communication (WebRTC) enables real-time peer-to-peer communication, but its Interactive Connectivity Establishment (ICE) process can unintentionally expose internal and public IP addresses as metadata. This paper presents a cross-platform measurement study of WebRTC metadata leakage using current (2025) builds of Chrome, Brave, Firefox, and Tor on desktop and mobile platforms. Experiments were conducted across semi-trusted Wi-Fi and untrusted mobile carrier networks. Results show that Chrome remains the most leakage-prone, disclosing LAN or Carrier-Grade NAT (CGNAT) addresses on mobile and metadata on desktop; Brave avoids direct IP leaks but exposes session-stable mDNS identifiers; Firefox provides strong protection on desktop but leaks internal IPs on Android; and Tor consistently prevents all forms of leakage. We introduce a structured threat model for semi-trusted environments and evaluate the limitations of mDNS obfuscation. Finally, we propose layered mitigation strategies combining browser defaults, institutional safeguards, and user controls. Findings demonstrate that while direct LAN leakage is declining, emerging vectors such as mDNS and CGNAT create persistent privacy risks requiring protocol-level redesign and policy action.
翻译:Web实时通信(WebRTC)支持实时点对点通信,但其交互式连接建立(ICE)过程可能无意中将内部及公共IP地址作为元数据暴露。本文通过对当前(2025年)桌面端与移动端的Chrome、Brave、Firefox及Tor浏览器构建版本进行跨平台测量研究,系统分析了WebRTC元数据泄漏现象。实验在准可信Wi-Fi网络与不可信移动运营商网络环境下展开。结果显示:Chrome仍是泄漏风险最高的浏览器,在移动端会暴露局域网或运营商级NAT(CGNAT)地址,在桌面端则泄露元数据;Brave虽能避免直接IP泄漏,但会暴露会话稳定的mDNS标识符;Firefox在桌面端提供强效防护,却在Android系统上泄漏内部IP地址;Tor浏览器则能持续阻断所有形式的泄漏。我们针对准可信环境提出了结构化威胁模型,并评估了mDNS混淆技术的局限性。最后,我们提出了融合浏览器默认设置、机构防护措施与用户控制功能的分层缓解策略。研究发现表明,虽然直接局域网泄漏现象正在减少,但mDNS与CGNAT等新兴泄漏途径仍会形成持续的隐私风险,这需要协议层面的重新设计与政策层面的协同应对。
相关内容
微信扫码咨询专知VIP会员