LeakOut doesn't use any especially exotic or refined technique.
That's by design to demonstrate that the "sense of security" that come
from an advertised active outbound filtering and/or application
control/fingerprinting system is often just an illusion.
LeakOut just uses the default browser to access a specific URL (a page
on this same site) to pass a bit of data appended to the URL. That's
just for demonstration, and specifically: your user name, your
machine's name, and the Windows's directory.
LeakOut should be able to accomplish its objective in these situations:
No firewall is present; or the firewall doesn't have any form of
outbound filtering (e.g., old Windows XP's standard firewall) is the only
A properly configured firewall with outbound filtering & application
control active is installed but full access has been granted to the
default browser (this is probably the case with the vast majority of
A properly configured firewall as above, but setup to 'Ask' every
time even for the browser and authorization has been given to the
browser at least once and the browser is still open.
This should work if the browser is Firefox or Opera, for example, as
they normally open a new URL in the same window & process that's