Skype Vulnerability Exposes User Locations Without Permission

Using the Skype messaging and calling system can inadvertently allow users to share their physical location from people they may want to hide that information from.

Researchers at New York University’s Polytechnic Institute tracked the activities of 20 volunteers and 10,000 other users over a two week period and through their testing they were able to tell where each user had placed their calls and examine their peer-to-peer (P2P) file-sharing activity.

In a news release Keith Ross, professor of computer science at NYU-Poly noted:

“A hacker anywhere in the world could easily track the whereabouts and file-sharing habits of a Skype user – from private citizens to celebrities and politicians – and use the information for purposes of stalking, blackmail or fraud.”

Researchers also found that logging out of Skype wasn’t enough to stop information from being revealed since that info was made available for up to 72 hours.

The hack also allows users who are not on a persons contact list to track their location and data pulls and that information could be gathered even when a user blocks calls from non-contact members.

With more than 600 million people currently using the Skype service it’s likely Microsoft will quickly attempt to remedy the issue, especially after spending $8.5 billion to buy the service just seven months ago.

Skype currently controls 20% of all overseas calls.

Skype has admitted that such IP information can be obtained and they say that any service that connects through an IP address offers the same risks and a Skype rep told the FinancialPost:

“Through research and development, we will continue to make advances in this area and improvements to our software.”

Will you stop using Skype until a fix for the current hack is discovered?