Made Live today by mistake? #41
Comments
|
Unfortunately we didn't get a shot of the page showing both our ISP IPv4 and the Google IPv6 address - but this is a shot of the IPv6 address that was apparently being used at the time. |
|
Thanks for the report @Belzemus - what you're describing is indeed surprising. If you or another user are able to reproduce still, and are willing to help us debug - capturing a netlog would be incredibly useful: https://www.chromium.org/for-testers/providing-network-details/. If that's possible, you could email it to |
|
If it occurs again we will to the netlog capture and let you know, however we can't reproduce it outside of that short 10 minute window yesterday. Essentially when the website flagged "your in the wrong country" - we thought something was odd, as we started to investigate what was actually wrong - we noticed the IPv6 address showing up on the "What is my IP" type websites, but within 10 minutes it had stopped occurring and was reporting "No IPv6" again as we'd usually expect. Occurred on at least two machines in the house as noted, but only within Chrome - Edge and Opera were not reporting the IPv6 Address for the brief time. Given it was so short - by the time we had a rough guess as to what was happening it was over - then spent the next hour or so digging around articles/etc to try figure out what it might have been - only knowing it was something in Chrome either Proxying or Tunnelling Traffic back to Google. Which I then stumbled on the initial development article around this feature and it led me here. |
|
@miketaylr Is there a way to enable this feature so we can test our services? |
Not currently, no. Once we have testing instructions, we'll be sure to publish them here in the explainer. |
|
I think we can close this issue as unrelated to our IP Protection feature (which remains unlaunched). We suspect there was a failure in a different prefetch proxy feature in Chrome, which should be fixed by now. Thanks for the report, however. |
Today at approximately 6:30pm - one of our home's users was browsing the web and went to "www.harveynorman.co.nz" and had a message pop up saying "Sorry - we don't support sales to the EU - please use the EU version of our website instead".
This stumped us a bit - as we're in NZ and had never seen anything like this before. On running a few "what is my ip" type websites - our IPv4 address was our typical ISP IP and was located from New Zealand as expected.
However - the ones that reported on IPv6 noted that there was an IPv6 address coming from the 2001:4860::/32 range - which was owned by Google LLC and was a "Shared Services Range" noted as coming from Europe.
This stumped us further as we could'nt figure where the IPv6 address came from - as we actually have IPv6 turned off on the home router.
On testing other PC's in the house using Chrome - they start exhibiting the same issue, however non-chrome browsers did not. After around 10 minutes, the behavior reverted and all PC's started once again reporting "No IPv6 address" when checking the tester sites.
After ALOT of digging around on Chrome Features, Proxying, etc - I hit this particular feature in development that seemed to match exactly what we saw - however it's in development and shouldn't be active right? - so why today did we see this behaviour.
If this is the case - I would deem this a total security and privacy risk - as I have no idea where our data via chrome was proxied to for that period - and was not made aware this was ocurring.
I'm aware chrome is able to remotely enable experimental features - we hit this a few years ago with something that was enabled that impacted some of the customers I was working for at the time - so I am suspecting the same thing has occurred here.
Currently running Chrome Official/Stable 120.0.06099.225.
The text was updated successfully, but these errors were encountered: