Comments on: Skype security FUD

By: ab

ab — Wed, 07 Feb 2007 17:01:19 +0000

How about Skype reading part of your BIOS with “1.com” file?

http://www.pagetable.com/?p=27

Looks nice, huh?

By: Alma

Alma — Wed, 24 Jan 2007 18:44:00 +0000

There is another loop hole in it when you talk on it they can stand in your office and hear what your saying

By: David Warde-Farley

David Warde-Farley — Wed, 24 Jan 2007 01:52:16 +0000

Hehehe… AIM does this too, except only incoming messages are broadcast to both clients.

I’ve never used Skype, but AIM’s implementation of this feature has a catch: when you log in a second time, you’re IM’ed by “AOL System” or something, telling you that you’re logged in from two locations, telling you to IM back something specific to disconnect the other party. Without this feature I’d consider multiple logins something of a privacy risk, since passwords can be compromised. Of course, someone could always just sniff your LAN traffic, but that requires at least a little technical sophistication.

Does Skype do something similar, notifying you if you’re logged in twice? Because I’d think it should.

By: Snarky

Snarky — Sat, 20 Jan 2007 03:53:57 +0000

Actually, this “bug” is present in instant message protocols as well. They normally kick you off if you’re logged in twice from a different IP. I frequently am logged in on multiple machines on my home network, with no problem. And yes, if the service merely THINKS you’re on the same network it’s the same (aka, if you put a proxy on my machine, and login through that, I won’t be logged off). Maybe there are jabber clients I haven’t had a chance to play with, but I’d be very surprised if any major network has solved this “bug” completely.

Best fix for this “bug”? Go somewhere you trust your bosses, or can safeguard your login.

Note: No, I don’t think its a security hole, the “bug” is just to use their wording.

By: Alex

Alex — Sat, 20 Jan 2007 00:24:57 +0000

There are jabber clients and servers that do not allow multiple logins at the same time. These ones disconnect the former connection and replace it by the new one. Maybe Joakim only wants to present that multiple logins are possible on Skype.

By: Jonathan

Jonathan — Fri, 19 Jan 2007 23:54:45 +0000

This is truly a useful feature not a security hole.

I hope they don’t plug it, but maybe there should be a force all other sessions to end (Happens when you change password?)

By: Ganwell

Ganwell — Fri, 19 Jan 2007 23:26:43 +0000

Well, I know that since long. I think this is a feature not a bug, too.

By: Kab

Kab — Fri, 19 Jan 2007 19:48:05 +0000

Well, Someone read it… it’s just that they don’t understand what they read!!

By: Daniel Aleksandersen

Daniel Aleksandersen — Fri, 19 Jan 2007 18:58:15 +0000

I never realized that anyone could read my e-mail if they had my account password! ;P

I wonder how Aftonbladet could publish an article like this? Did someone actually read trough it before they published it?