Help Skype security flaw?

[Eric Bishop]

Huffington Post Article regarding possible/confirmed Skype security flaw that lets other apps access its contact list.

Anyone have more info from Skype or Android developers on this? Can someone shed some light on what data is typically encrypted and what is not for mainstream apps. For example, are my contacts in the bone-stock Android contacts app encrypted or properly permissioned such that other apps don't have access by default?

Just read it this morning. Don't know if there are any known apps that are exploiting this vulnerability, but I know that many people have been rooting, roming, using hacked versions of Skype, etc. already on the Thunderbolt.

BE CAREFUL WITH WHAT APPS YOU INSTALL. MAKE SURE TO RESEARCH WHAT YOU DO THOROUGHLY.

 

[CyberPitz]

Big deal to some, not a big deal to me. I could care less if someone can call/view info to an E-buddy of mine.

For people that use it as their IRL thing, it would be more of an issue. Hope it gets fixed soon for them.

 

[jcase]

Big deal to some, not a big deal to me. I could care less if someone can call/view info to an E-buddy of mine.

For people that use it as their IRL thing, it would be more of an issue. Hope it gets fixed soon for them.

Note in my article, I mention access to more than just contact information. Ponder what else skype maybe storing.

 

[ska.t73]

Note in my article, I mention access to more than just contact information. Ponder what else skype maybe storing.

First of all thank you jcase for all you do for the Android community, you work is top notch, and thank you also for finding this hole.

I do have a question though, should we stop using the app until a patch is released? In other words is this just a worst case senario right now? I know that Skype is working on pushing out a patch as soon as possible for this.

 

[Romikemi]

All of my Skype contacts use IM-like, forum-like nicks and no personal data. No biggie.

 

[AustinTech]

News reports say that Verizon devices are not effected by the security weakness.

 

[jcase]

News reports say that Verizon devices are not effected by the security weakness.

News report you read are wrong.

 

[jcase]

All of my Skype contacts use IM-like, forum-like nicks and no personal data. No biggie.

Yeah no biggie, not an issue that I can see your credentials token at all.

 

[jcase]

First of all thank you jcase for all you do for the Android community, you work is top notch, and thank you also for finding this hole.

I do have a question though, should we stop using the app until a patch is released? In other words is this just a worst case senario right now? I know that Skype is working on pushing out a patch as soon as possible for this.

That is a personal choice, I will continue to use the video version.