Report: Skype knew of IP flaw in November 2010

On Monday, a flaw in Skype's software was revealed to the public that could allow people to discover the IP addresses of other Skype users. In response, Microsoft sent out a statement saying they were "investigating reports of a new tool that captures a Skype user’s last known IP address." Now a new report claims that a research team actually found the flaw in November 2010 and informed Skype at that time.

The Wall Street Journal reports that the French research institute Inria, along with the Polytechnic Institute of New York University, not only sent their discovery to Skype but published a paper about the flaw in October 2011. The teams found they could track 10,000 Skype IP addresses in two weeks. The team's leader, Stevens Le Blond, said he used the same technique last week and found that Skype still had not fixed the issue.

Le Blond said this security flaw could let hackers go after Skype users via their IP addresses. Another researcher on the team, Keith Ross, said it could also be used by companies, saying, "You can scale this to track tens of thousands of employees and determine their strategy and who they’re trying to do business with." So far Skype has not revealed when they plan to finally address this flaw.

Report a problem with article
Previous Story

Analyst predicts 2014 launch for Apple television

Next Story

Facebook looking for $85 to $95 billion valuation in IPO

11 Comments

Commenting is disabled on this article.

You can still get an IP address of anyone by just calling them then checking the open connections. I assume this exploit did not involve that method.

Matt A. Tobin said,
You can still get an IP address of anyone by just calling them then checking the open connections. I assume this exploit did not involve that method.

I was thinking the same, its possible with any application that connects to another computer, unless this problem gives execution or access to the other machine then its not a problem.

psionicinversion said,
New term... If its broke don't fix it!!

Lol, nobody cared about it till' today. I'm pretty sure 99.9% of the users don'T even know about it and actually care about this. Truth.

dvb2000 said,
And who cares exactly?

Nobody. I've never seen any complain about it either. It's not like you had access to the computer, an ip!

boumboqc said,

Nobody. I've never seen any complain about it either. It's not like you had access to the computer, an ip!

no but it can be used to geo-locate and other evil things

remixedcat said,

no but it can be used to geo-locate and other evil things

Well if you're worried about that you really shouldn't have your computer connected to the internet.