On Monday, a flaw in Skype's software was revealed to the public that could allow people to discover the IP addresses of other Skype users. In response, Microsoft sent out a statement saying they were "investigating reports of a new tool that captures a Skype user’s last known IP address." Now a new report claims that a research team actually found the flaw in November 2010 and informed Skype at that time.
The Wall Street Journal reports that the French research institute Inria, along with the Polytechnic Institute of New York University, not only sent their discovery to Skype but published a paper about the flaw in October 2011. The teams found they could track 10,000 Skype IP addresses in two weeks. The team's leader, Stevens Le Blond, said he used the same technique last week and found that Skype still had not fixed the issue.
Le Blond said this security flaw could let hackers go after Skype users via their IP addresses. Another researcher on the team, Keith Ross, said it could also be used by companies, saying, "You can scale this to track tens of thousands of employees and determine their strategy and who they’re trying to do business with." So far Skype has not revealed when they plan to finally address this flaw.
11 Comments - Add comment