Skype flaw reveals users' location

Researchers have found a flaw in Skype, the popular Voice-over-Internet-Protocol service which allows users to make video phone calls and internet chat with their computers. The vulnerability can expose your location, identity and the content you're downloading. Microsoft, which owns Skype, says they are working on the problem.

"Even when a user blocks callers or connects from behind a Network Address Translation — a common type of firewall — it does not prevent the privacy risk," according to a release from NYU-Poly.

The technology team tracked the Skype accounts of about 20 volunteers as so then as 10,000 random users over a two-week period and found that callers using VoIP (Voice over Internet Protocol) systems can obtain the IP address of another user when establishing a call with that person. The caller can at that time use commercial geo-IP mapping services to determine the other user's location and Internet Service Provider.

The user can as well initiate a Skype call

The user can as well initiate a Skype call, block some packets and quickly terminate the call to obtain an unsuspecting person's IP address without alerting them with ringing or pop-up windows. Users do not need to be on a contact list, and it can be done even when a user explicitly configures Skype to block calls from non-contacts.

The challenge of true data protection spans databases, internal and external networks, physical and offsite storage, business partners and more. These resources offer expert perspective from the basics through specific key components of data protection strategies.