dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
27

aurgathor
join:2002-12-01
Lynnwood, WA

aurgathor to chachazz

Member

to chachazz

Re: Miscrosoft Skype leaking IPs, TCP ports

said by chachazz:

A statement from Skype described the privacy leak as “an ongoing, industry-wide issue faced by all peer-to-peer software companies.”

Thing is, to be able to talk to the other person, without having some kind of central server that can make the connection truly anonymous, your end, or at the very least, the computers between you and the other end need to know the IP and the port of the other end to be able communicate. I'd normally be more critical of Microsoft, but this is a feature, not a bug.

chachazz
Premium Member
join:2003-12-14

chachazz

Premium Member

said by aurgathor:

said by chachazz:

A statement from Skype described the privacy leak as “an ongoing, industry-wide issue faced by all peer-to-peer software companies.”

Thing is, to be able to talk to the other person, without having some kind of central server that can make the connection truly anonymous, your end, or at the very least, the computers between you and the other end need to know the IP and the port of the other end to be able communicate. I'd normally be more critical of Microsoft, but this is a feature, not a bug.

Skype is leaking sensitive user data,
.......No contact has to be made with the user in order to get the information.
... that's a "feature" ?

Skype knew about IP address security flaw back in 2010
»www.zdnet.com/blog/secur ··· =nl.e589
quote:
The security researchers who discovered the vulnerability are part of the French research institute Inria and the Polytechnic Institute of New York University. Stevens Le Blond, the group lead, told the WSJ over the phone that they shared their original findings with Skype in November 2010.

In October 2011, they published results showing how to surreptitiously track the city-level location of 10,000 Skype users for two weeks. Given how popular Skype is in the industry, the researchers described how the flaw could be used for corporate espionage: a firm could track the movements of rival employees as they travel to determine where they’re doing business and with whom.

aurgathor
join:2002-12-01
Lynnwood, WA

aurgathor

Member

said by chachazz:

.......No contact has to be made with the user in order to get the information. ... that's a "feature" ?

But wouldn't the IP address and port eventually be necessary if you'd ever want to make a contact with a person?


In October 2011, they published results showing how to surreptitiously track the city-level location of 10,000 Skype users for two weeks. Given how popular Skype is in the industry, the researchers described how the flaw could be used for corporate espionage: a firm could track the movements of rival employees as they travel to determine where they’re doing business and with whom.

If someone is worried about tracking, then use something else. People can be tracked if they carry an ON cell phone, for example, and most people don't seem to be too upset about that.

JohnInSJ
Premium Member
join:2003-09-22
Aptos, CA

JohnInSJ to chachazz

Premium Member

to chachazz
said by chachazz:

the researchers described how the flaw could be used for corporate espionage: a firm could track the movements of rival employees as they travel to determine where they’re doing business and with whom.

Skype is not an approved business voip tool - at least not in any company I have every worked for.