Skype flaw reveals users' location, file-downloading habits A team of researchers has uncovered an issue that imperils Skype users' privacy by putting their location and identity up for grabs
By Joan Goodchild, Senior Editor December 1, 2011
Researchers have found a flaw in Skype, the popular Voice-over-Internet-Protocol service which allows users to make video phone calls and internet chat with their computers. The vulnerability can expose your location, identity and the content you're downloading. Microsoft, which owns Skype, says they are working on the problem.
The issue was uncovered earlier this year by a team of researchers from Polytechnic Institute of New York University (NYU-Poly), MPI-SWS in Germany and INRIA in France and included Keith Ross, Stevens Le Blond, Chao Zhang, Arnaud Legout, and Walid Dabbous. The team presented the research in Berlin recently at the Internet Measurement Conference 2011 in a paper titled "I know where you are and what you are sharing."
The researchers found several properties of Skype that can track not only users' locations over time, but also their peer-to-peer (P2P) file-sharing activity, according to a summary of the findings on the NYU-Poly web site. Earlier this year, a German researcher found a cross-site scripting flaw in Skype that could allow someone to change an account password without the users' consent.
Skype Can Expose Your Location, Researchers Say By SOMINI SENGUPTA November 29, 2011
Remember when a prankster could make himself a general nuisance by calling your home phone and quickly hanging up?
The equivalent of a prank call on Skype, the popular voice-over-Internet-Protocol service, can be much more than a nuisance. If you are logged in to Skype, a prankster - or thief or spy - can effectively track where you are and in some circumstances, what you do and even what you download, according to an experiment led by Keith Ross, a computer science professor at the Polytechnic Institute of New York University in Brooklyn.
Mr. Ross, along with his collaborators at the French computer research institute, Inria, followed 10,000 randomly selected Skype users over 16 days.