Skype's Security Flaw Can Expose A User's Identity, Location and Filesharing Habits
A group of security researchers have revealed a security vulnerability in Skype that will expose the identity of the user. Once his identity is ascertained, the researcher are able to leverage on this information to track his location.
The researcher were also able to locate the compromised user using popular social platforms like Facebook and LinkIn. This flaw could be exploited by marketers to create an inexpensive profile database on targets; however, there are more ominous implications than this privacy concern.
In an experiment conducted by the researchers, they scanned the top 50,000 BitTorrent files and linked these files to approximately 400 Skype users. With their identity compromised, these affected users may be incriminated by copyright regulators and enforcers during legal proceedings.
The researchers did not reveal any workaround to plug this security hole and they intend to share their findings at the Internet Measurement Conference 2011 in Berlin on November 2.