Welcome to WebmasterWorld Guest from 54.144.81.235

Forum Moderators: bakedjake

Message Too Old, No Replies

Skype For Android App Vulnerability May Expose Your Chats And Contacts

     

engine

3:57 pm on Apr 15, 2011 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Skype For Android App Vulnerability May Expose Your Chats And Contacts [pcworld.com]
Names, e-mail addresses, phone numbers, contacts, and chat logs are all reportedly ripe for the picking in Skype's Android app, thanks to a vulnerability that could affect millions of users.

Android Police's Justin Case discovered the vulnerability after downloading a leaked version of Skype Video and poking around. He then found the same exploit in Skype for Android, which has been available since October 2010. Skype Mobile for Verizon is not affected by the vulnerability.

The problem is that Skype keeps the user's profile information in a data directory with improper permissions, and stores the username in a static location. A malicious app, therefore, could parse out this data with a bit of code. Same goes for Skype's table of contacts and chats. The vulnerability doesn't expose passwords or financial information, just a wealth of personal data and private communications.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month