Think your VPN hides your IP?

You may be exposed and not realize it

Are you using the Google Chrome browser on a Windows PC when using your VPN service?  If so you may be exposing your real IP to the websites you visit.
WebRTC is a standard developed by the World Wide Web Consortium that supports real-time communications inside your browser.  For example if you video chat or do audio calls in your browser and you don’t have Adobe Flash installed then you’re probably using WebRTC.
Unfortunately javascript placed on a web page you visit can use WebRTC to get your real IP address.  This WebRTC exposure javascript is now so widely used now that even the New York Times uses it to gather local IP addresses.
You can check to see if your browser is leaking your IP by visiting the Browserleaks.com WebRTC page.  To stop WebRTC from leaking your IP with Chrome the only fix seems to be with a Chrome extension called Scriptsafe that unfortunately doesn’t seem to be rated very well.
With Firefox you can type in about:config in the address bar, then go to media.peerconnection.enabled and set it to false.  Don’t use a VPN?  Then it still may be a good idea to disable WebRTC if you have no plans to use it.

We at GlassWire recommend Private Internet Access VPN service.  Sign up today and get 58% off.  We’re an affiliate of PIA so when you sign up you also support GlassWire.

The Hacking Team Hack

Could the Hacking Team compromise hurt you or your company?

If you haven’t updated your computer or software in awhile, now is a good time to do so.  On July 5th an Italian company called Hacking Team had 400 gigabytes of their confidential data posted to the public by an unknown individual.  If Hacking Team was a normal tech company this breach probably wouldn’t matter to you.  Unfortunately Hacking Team’s business was to create malware for governments and law enforcement agencies so they could monitor the communications of Internet users.

When the breach went public Wikileaks set up a way to search all of the breached Hacking Team emails.  If you or your company has a popular software product or service you may want to search the database for your product name just in case.

After security researchers began to go through the Hacking Team data in detail they began to find many different zero-day vulnerabilities for many different things.  For example Adobe Flash and Internet Explorer both had unknown vulnerabilities that Hacking Team was selling to governments and law enforcement organizations to monitor people of interest.

Can the Hacking Team breach cause problems for you?  Yes it can if you don’t update your computer and software to the latest versions.  Now that the zero-day vulnerabilities are public knowledge it’s possible for other malicious groups to start using these vulnerabilities for malware and spyware.

Today is a good day to run Windows update along with updating Adobe Flash if you haven’t already.  Also, it may not be a bad idea to uninstall Flash and get rid of it completely.  We blogged about ways to remove Flash yet still access Flash content several months ago.  And of course using GlassWire to keep an eye on your network activity is another great way to see what your computer is doing over the network.