April 15, 2011 02:02 am EDT

Skype for Android vulnerable to hack that compromises personal info

If you didn't already have enough potential app privacy leaks to worry about, here's one more -- Android Police discovered that that Skype's Android client leaves your personal data wide open to assault. The publication reports that the app has SQLite3 databases where all your info and chat logs are stored, and that Skype forgot to encrypt the files or enforce permissions, which seems to be a decision akin to leaving keys hanging out of the door.

Basically, that means a rogue app could grab all your data and phone home -- an app much like Skypwned. That's a test program Android Police built to prove the vulnerability exists, and boy, oh boy does it work -- despite only asking for basic Android storage and phone permissions, it instantly displayed our full name, phone number, email addresses and a list of all our contacts without requiring so much as a username to figure it out. Android Police says Skype is investigating the issue now, but if you want to give the VoIP company an extra little push we're sure it couldn't hurt.

Skype for Android vulnerable to hack that compromises personal info originally appeared on Engadget on Thu, 14 Apr 2011 22:02:00 EDT. Please see our terms for use of feeds.

Permalink | Android Police ||Comments

Original Link: http://www.engadget.com/2011/04/14/skype-for-android-vulnerable-to-hack-that-compromises-personal-i/

View Full Article

Engadget

Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics. Engadget was launched in March of 2004 in partnership with the Weblogs, Inc. Network (WI

More About this Source Visit Engadget