Privacy Leak: Modded Skype Can Track IP Addresses and Locations from User IDs

A reverse-engineered version of Skype is making the rounds on the Internet. It isn't very different from the current version of Skype that you can download from their official website, but what makes this modified version different is that it allows users to pull sensitive user information about another user--just by entering their Skype ID.

This was verified by ReadWriteWeb, who had just concluded their own investigation into the matter. RWW clarified that the privacy leak wasn't caused by a hole in Skype, nor was it a result from exploiting a flaw on Skype. Rather, it was just the handiwork of several individuals who made adjustments to Skype's propriety code to make it generate human-readable IP addresses, which they dubbed as the "skype-open-source" project.

Aside from public IP addresses, other information like a user's city, country, Internet provider, and internal user ip-address can also be obtained.

IP addresses are associated with Skype users. As the program retrieves entries for individuals in the user's contacts list, the log file shows, it retrieves an IP address that is apparently the beginning of a known route to an address the user has employed at some point in history.

-- ReadWriteWeb

Skype is aware of the existence of the tool and has described the leak as "an ongoing, industry-wide issue faced by all peer-to-peer software companies." They are in the process of conducting their own investigation and have given assurances that they're taking steps to ensure the privacy of their users.

 "We are committed to the safety and security of our customers and we are taking measures to help protect them."

-- Skype

Article by Hazel Chua
Gigadgetry: Cool Gadgets, Tech News, Quirky Devices