Using the currently latest version, 36 something.
I only TEMP ALLOW sites if i need them to work for the short time i visit them with noscript and scriptblock. And i only ALLOW sites i trust, both with noscript and scriptblock and uMatrix. All the other sites i BLOCK and only TEMP ALLOW if they dont work at all.
But yes, noscript and uMatrix is pretty hard for novice users, but there are good wiki docu that explains everything if you need help. Scriptblock is very easy, beacuse it only have few options to choose.
I wouldnt blame dragon 100% though although I really dont want to write a 2 pages of explaining why, dragon is not the only browser thats happening to.
Even with CIS installed. The solution I would do is this. We’re going to add a few lines of instructions for windows firewall. Windows firewall must be enabled.
This is a partial fix for VPN users.
Copy and paste this to notebook. It’ll be a .txt file
@echo off
::save as a .bat file, run as administrator
::kill off the leaks :-D
netsh advfirewall firewall add rule name="No STUN leak!" dir=out action=block protocol=UDP localport=3478
netsh advfirewall firewall add rule name="No STUN leak!" dir=out action=block protocol=UDP remoteport=3478
netsh advfirewall firewall add rule name="No STUN leak!" dir=in action=block protocol=UDP localport=3478
netsh advfirewall firewall add rule name="No STUN leak!" dir=in action=block protocol=UDP remoteport=3478
netsh advfirewall firewall add rule name="No STUN leak!" dir=out action=block protocol=UDP localport=19302
netsh advfirewall firewall add rule name="No STUN leak!" dir=out action=block protocol=UDP remoteport=19302
netsh advfirewall firewall add rule name="No STUN leak!" dir=in action=block protocol=UDP localport=19302
netsh advfirewall firewall add rule name="No STUN leak!" dir=in action=block protocol=UDP remoteport=19302
Save the file.
Now rename the file so it ends in .bat
No right click on that .bat file and click on “run as admin”
Close browser and run your vpn.
Open browser and go to
https://diafygi.github.io/webrtc-ips/
See if your leaks are gone
Side note. If your using a VPN and worried about leaks you should also be disabling ipv6 from your network adapter too ( But only if its feasible)
Here the info to disable ipv6 from microsoft Configure IPv6 for advanced users - Windows Server | Microsoft Learn
Disable IPv6 on a specific network adapter You can do this by unbinding the adapter in the Local Area Connection Properties dialog box:Click Start, and then click Control Panel. Click Network and Sharing Center. In the View your active networks area, click Local Area Connection, and then click Properties. On the Networking tab, clear the Internet Protocol Version 6 (TCP/IPv6) check box, and then click OK.</blockquote>
Why does it need to be windows firewall and not comodo firewall?
Why does it need to be windows firewall and not comodo firewall?It really doesnt matter I'm just trying to keep it as simple as possible. Also I have to assume that this person may or may not have Comodo firewall, but there is windows firewall in every windows edition.
Ah, I see, thanks.
Not here!
I have Dragon v. 36.1.1.21 and use the Private Internet Access VPN, Dragon does not leak anything.
Same with Chromoto…v.36…
Slimjet this problem already removed. Now is time for Dragon Comodo 
I hope that it will be apply in newest version of CD and that it will be as soon as possible
regards
why uninstall it? cant you just disable it in chrome://plugins/
or disable all plugins completely and manually using them on particular websites which actually dependent on flash?
VPN (Virtual Private Network) = FULL tunneling of traffic
Proxy = NOT A VPN! = Protocol specific forwarding
All browser extensions, no matter if their called itself “VPN” are Proxys!!!
They do just forwarding the traffic of mostly HTTP/HTTPs, not the whole traffic.
So any other sh!t like WebRTC or Flash or any other useless stuff will still send your real ip.
BTW: You also need another DNS when you want to hide your IP-Range.
Just get a REAL VPN, and problem solved. 
Except it’s not necessarily fixed that easily, yes a VPN will mask all the traffic but the issue here isn’t that WebRTC is sent via your normal IP (as opposed to through the VPN) but rather that WebRTC detects your IP via Javascript meaning that the script is run locally on your computer where it in theory could access the same data for local IP and remote IP that is found in “ipconfig” That is at least how I’ve come to understand it.
So this depends both on how your network is set up as well as how the VPN system is set up, for example my normal IP doesn’t show using this “exploit”/“leak” no matter if my VPN is enabled or disabled, but it always shows the local IP (192.168.1.35)
In fact, I’ll do a test right now, I’ll connect my PC straight into the modem bypassing NAT meaning my PC will get assigned a public IP, I’ll go to the site and see if it picks it up, if yes then I’ll enable the VPN and see if it still picks it up, give me a few minutes.
Edit:
Alright, testing finished.
[i][u]Without VPN[/u][/i]Your local IP addresses:
Your public IP addresses:
[REDACTED REAL IP]
[i][u]With Private Internet Access VPN using OpenVPN[/u][/i]Your local IP addresses:
[REDACTED VPN IP]
Your public IP addresses:
[REDACTED REAL IP]
Conclusion? Even with a “real” VPN this WebRTC issue is still very much an issue, it doesn’t care about silly things as the IP used to connect when it can detect it via Javascript instead.
Maybe this is offtopic, but Comodo Dragon should implement the same options as Slimjet browser.
One simple option to disable WebRTC under settings. It works great. They also have a option to prevent fingerprinting.
- Added option to disable WebRTC under Settings->security for users who are concerned about IP leakage via WebRTC
- Added option to prevent canvas fingerprinting.
Dragon and other browsers like chrome and opera and so on should have these options too.
Not so much…
Odd that you assumed that everybody with this problem does not know the difference between a proxy and a “REAL VPN”. But that is OK there is nothing wrong with jumping right into a thread and giving advice that is 100% wrong because you have no idea what you are talking about. It lets everyone in the forum know what kind of person you are and we thank you for that.
This is actually a chrome based problem rather than a CD specific problem which I did not realize earlier as this is the only chrome based browser I use. There are a lot of posts about the problem in relation to chrome at least going back a year or so.
Hello,
this is fixed on dragon 43.3.3.185 with the WebRTC Block 2.0 extension.
It doesnt leak anymore private network IPs.
But there’s an issue with Chromodo, it shows the private IP even with the extension, there’s a bug with Chromodo and the extension. but I don’t know how to fix it as I don’t understand what it’s telling me : Uncaught TypeError: Cannot read property ‘set’ of undefined.
So I stop using Chromodo, and I’m not satisfied that I have to install some extension with dragon to block something that should be easy to disabled like into the Firefox.
about:config >media.peerconnection.enabled >false
So Firefox is still the best browsing solution and as an open source program, it’s clearly the choice for all people bored with all those browsers full of options to track you 24h/24, and you are not even informed about all those methods used to control any byte you send or receive, and to act like that is not bearable. the internet is a place locked by a gang of bastards and we’re just cattle they own.
[attachment deleted by admin]