Researchers: Skype Ignored Location-Tracking Vulnerability for More Than a Year

By | May 3, 2012

Source: Wired

by 

In this article “Skype learned more than a year ago about a privacy vulnerability that would allow someone to identify the IP address and possibly the geographic location of a user, but left it unfixed, according to researchers who say they notified the company in 2010.

Stevens Le Blond, a former researcher at the polytechnic institute Inria in France, who now works at the Max Planck Institute for Software Systems, told the CIO Journal that he and fellow researchers at the Polytechnic Institute of New York University disclosed the vulnerability to Skype in November 2010 and published the information in October 2011. Therefore they were surprised to find that the vulnerability was still unfixed last week after someone posted a script online showing Skype being exploited to uncover the local and remote IP addresses for users.”

Leave a Reply