Justin Case Expose’s Skype Vulnerability

Posted on Apr 15 2011 - 4:12pm by Kyle

You know that new leaked version of Skype Video Chat that leaked out earlier this week? Well it seems the app, even though it works pretty well, is exposing your personal information, and isn’t alone in doing so.

Justin Case had decided to try out the leaked Skype app on his Thunderbolt, and then take it apart and what he found was not good. He discovered the app did not try very hard at keeping your information safe. Without needing any special permissions or root it was very easy to pull up personal information.

Thinking that this was only in the leaked version, Justin took a look at the Skype app available in the Android Market, and discovered the same privacy concerns as in the leaked version.

This privacy issue is affecting any and all users who have downloaded the app from the market. However, there is a small ray of sunshine,  Verizon’s version Skype Mobile doesn’t seem to be effected.

Now the question is how exactly did this happen? Well, thanks to Justin we have the answer.

The Skype data directory, which stores all of you information such as name contacts, email, chat logs and so forth was left with improper permissions making it accessible to anyone who knows what they are doing. Now the scary part is the main.db file is also in the same boat. This directory holds you name, phone numbers, address, account balance, date of birth and more. On top of that, the same holds true for the contacts table and chat table.

What this basically means is a developer could make or modify an existing application without much difficulty, put the app on the market, and collect all the private information available.

Thanks to Justin and his digging into Skype’s Android app, he has more than likely saved many of us from the possibility of having our personal information gathered. Along with also getting Skype to work on fixing this issue. As you see above Skype has released a statement regarding this flaw and is working on correcting the issue quickly.

Once again we would like to thank Justin Case for all his hard work on this matter!!!

Source:

Android Police

tags:

 Subscribe to our newsletter!

We respect your email privacy

About the Author

  • http://twitter.com/MaggieL Maggie Leber

    “…doesn’t seem to be AFFECTED….”