Skype Aware of IP Security Flaw Back in 2010

Some more interesting information has come to light regarding the IP revealing security flaw in Skype. Researchers from Inria, a research institute in France, and the Polytechnic Institute of New York University discovered the flaw. Stevens Le Blond, one of the team's researchers who discovered the exploit told the Wall Street Journal that the team first discovered the flaw in November 2010. They were actually able to track the city-level location of more than 10,000 Skype users over a period of two weeks simply by making short calls to users that don't cause a Skype notification popup and the calls don't appear in the call histories. omg

The WSJ Journal article explains:

The researchers say the vulnerability could allow corporate rivals to track the movement of individuals from a company, as they travel between cities and states.

“You can scale this to track tens of thousands of employees,” said Keith Ross, a researcher from the Polytechnic Institute who worked on the 2011 paper, “and determine their strategy and who they’re trying to do business with.”

Le Blond also said the flaw could be used as a first step for hacking into the computer of an executive.

Forget executives - celebrities, government employees, politicians, and other high-profile individuals can be stalked or worse. This isn't Skype's brightest hour, but I suspect with all the recent news coverage, the Skype and Microsoft teams will fix this quickly. Unless of course, there is a core architectural reason why this isn't easily fixed, which I discussed yesterday.

Tags: , , , , , , Related tags: , , , , ,

Related Entries
  • Skype Responds to IP Address Privacy Vulnerability - May 01, 2012
  • Skype Responds to Android Vulnerability - Apr 15, 2011
    android-logo.jpg
  • UM Labs Brings 256-bit AES Secure VoIP to Mobile Phones - Oct 05, 2010
    um-labs-ltd-logo.jpg
  • VoIPshield Finds Security Flaws in Microsoft Office Communications Server 2007, Office Communicator and Windows Live Messenger - Nov 12, 2008
    voip-shield-systems-logo.jpg
  • Asterisk Security Vulnerability in SIP Channel Driver - Jan 03, 2008
  • Skype v4.0.1325 Released for Apple iOS - May 21, 2012
  • Comcast Skype on Xfinity $9.95/month - Lame or Cool? - May 16, 2012
    xfinity-rear-remote.png
  • Does HTML5 Rock Your Mobile World? - May 01, 2012
    html5-logo.png
  • New Skype for iPhone, iPad, iPod touch Sports Ability to Move Video Preview - Apr 30, 2012
  • Skype@Home Telephone Products Coming? - Apr 20, 2012
    i-eat-green-berets-for-breakfast.jpg
  • TrackBacks | Comments | Tag with del.icio.us | VoIP & Gadgets Blog Home | Permalink: Skype Aware of IP Security Flaw Back in 2010

    Copyright VoIP & Gadgets Blog

    Call Center Outsourcing Community Virtual Contact Center
    Sponsored by the Call Center Outsourcing Community & the Virtual Contact Center Outsourcing Community

    By: [author-name]

    This article was syndicated via RSS from: http://feedproxy.google.com/~r/voipgadgets/~3/-ng0lpHvqtc/skype-aware-of-ip-security-flaw-back-in-2010.asp

    No comments yet.

    Leave a Comment

    You must be logged in to post a comment.