Skype for Android Vulnerability!!! READ!

[deeznuts2]

This effects the skype mobile with video calling (ie the leaked version), not the regular skype mobile

Android Police ([Updated] Exclusive: Vulnerability In Skype For Android Is Exposing Your Name, Phone Number, Chat Logs, And A Lot More | Android News, Reviews, Apps, Games, Phones, Tablets, Tips, Mods, Videos, Tutorials - Android Police) has found a significant vulnerability in skype for android, basically leaving your entire phone open for whatever.

full name, phone number, contact information, etc is all available.

Seems someone forgot the encrypt and add the proper permissions to a database within skype that contains all that information.

Check out the link above or visit engadget.com for the brief version.

In the meantime, I've uninstalled skype from my TB until this matter is fixed.

(I've found Tango to provide better video anyway over 3G)

 

[upz3]

Yay for me and patience to wait!

 

[Slapnpop826]

This does not only affect the leaked Skype.

"Surely, only this leaked beta build was vulnerable, or so I thought. But upon examining the standard version of Skype for Android (which has been available since October 2010) I discovered the same vulnerability – meaning this affects all of the at least 10 million users of the app."

 

[canesfan44]

Yay for me and patience to wait!

Me too! I'm waiting for the update, because when HTC pushes out the first update, I believe Skype will be part of it.

 

[stratejaket]

I was skeptical about this from the initial leak. Very glad I decided to wait.

 

[Johnly]

Makes rooting and killing that app feel good.

 

[Chrisy]

This is why I won't use unofficial or non trusted apps or OSs.

 

[willis936]

What this means is that it's possible for someone (if they intercepted the information) to see your skype and basic phone info. If you know anything about the astronomical scale of the internet you know this is only an issue if people know exactly where to look. I uninstalled after this article because now every ad agency and their mother potentially knows about this.

-stock HTC Thunderbolt tapatalk

 

[jcase]

Hope you don't believe no one else knew to look before I wrote this up. Trust me, if I found this in an old app (original skype from oct 2010) in a matter of minutes, someone else already know.

 

[lovy]

What this means is that it's possible for someone (if they intercepted the information) to see your skype and basic phone info. If you know anything about the astronomical scale of the internet you know this is only an issue if people know exactly where to look. I uninstalled after this article because now every ad agency and their mother potentially knows about this.

-stock HTC Thunderbolt tapatalk

+1 Ditto!

 

[normio2]

Ridiculous, every time some vulnerability is found like this people go crazy and start uninstalling and all that BS. People please listen here, your information is out there already. Its all over the internet, if someone wants to find out this information about you , they WILL!!!! Yes vulnerabilities are good places for spammers to get information, that's what spam filters are for.

I just wonder if people realize how much of their information is actually out there already. All the stuff you have on your phone is nothing compared to the information that is probably floating around on some server somewhere completely open. Do you use facebook? Hell that's more vulnerable to hacking every day than your silly little skype app. Did you know on average one facebook account is hacked every hour? At least those were the numbers a couple of months ago, its probably worse now.

So what I'm saying is, don't get freaked out, if you want to uninstall it fine, but I'll be continuing to enjoy talking and seeing my family overseas on my thunderbolt.

 

[prakash99]

Yeah, I am not worried too much about it either. If anyone steals my identity, that guy will be in a much worse shape than he already is.. LOL!

Sent from my ADR6400L using Tapatalk

 

[dkoss]

Yeah, I am not worried too much about it either. If anyone steals my identity, that guy will be in a much worse shape than he already is.. LOL!

Sent from my ADR6400L using Tapatalk

Ha!! +1 on that one! I'm hoping they will steal mine, it might make it better.

 

[Johnly]

Good point, who cares about exploits anyway, I am sure the world is full of rabbits.

 

[Johnly]

This is why I won't use unofficial or non trusted apps or OSs.

Some people value their information more than others. Running leaks and ROMs does open some doors for that, no doubt. I don't mind as long as I "trust" the source. I respect running stock too.

 

[Chrisy]

I highly value my information. Recently I had an identity theft issue. I'm more cautious now.

 

[deeznuts2]

Ridiculous, every time some vulnerability is found like this people go crazy and start uninstalling and all that BS. People please listen here, your information is out there already. Its all over the internet, if someone wants to find out this information about you , they WILL!!!! Yes vulnerabilities are good places for spammers to get information, that's what spam filters are for.

I just wonder if people realize how much of their information is actually out there already. All the stuff you have on your phone is nothing compared to the information that is probably floating around on some server somewhere completely open. Do you use facebook? Hell that's more vulnerable to hacking every day than your silly little skype app. Did you know on average one facebook account is hacked every hour? At least those were the numbers a couple of months ago, its probably worse now.

So what I'm saying is, don't get freaked out, if you want to uninstall it fine, but I'll be continuing to enjoy talking and seeing my family overseas on my thunderbolt.

A rooted phone with this exploit means that someone could get more or do more through your phone without you knowing than them just getting the phone number of your grandmother.

If they have access to the database, and the database has access to your phone (check skype permissions) its more of a serious issue than you believe.

 

[Edwill86]

Email I got today from skype ( no i did not request this, yes I did Dl the leaked skype mobile app for the bolt)

"Dear __________

Thank you for downloading and using the Skype for Android software. Unfortunately, it has come to our attention that if you were to install a malicious third-party application onto your Android device, it could access the locally stored Skype for Android files. These files include cached profile information and your instant message chat history.

We take our users’ privacy very seriously and are working quickly to protect you from this vulnerability, including securing the file permissions on the Skype for Android application. This update will be available shortly and as always we urge you to install updates to benefit from our continuous fixes and improvements.

Until the update is released, to protect your personal information, we advise that you as always take care when selecting which applications to download and install onto your device from the Android Marketplace.

For more information see our Security Blog at blogs.skype.com/security or our security section at skype.com/security.

Adrian Asher
Chief Information Security Officer
Skype Information Security"

so It looks like they are aware of the issues and working on correcting it.