2 stories
today

User discovered flaw reveals major security weakness in Skype for Android

Skype

Of all the different services provided by technology firms, communications is often held to be the most privacy-centric. Ever since the early days of Blackberry Messenger angering totalitarian regimes globally, the disposable thoughts of the population at large have been a compelling target for security agencies.

However, these threats to user privacy do not always come from outside, human error can ensure weaknesses are built into the very systems that are designed to protect user data. As was seen with the threat presented by the Heartbleed bug earlier in 2014, the danger presented by these structural weaknesses can be quite significant.

Major security flaw reported in Skype for Android

As such, it was much to the concern of Microsoft recently when users reported a major flaw in Skype for Android, which allows one user to hijack the camera and microphone of another with a minimum of effort. The feat is rather simple to replicate and requires two devices signed into Skype, for example a phone and a desktop computer would be a common configuration.

The user would then call their target’s Android device on Skype with the phone, disconnecting when the device is ringing, before answering the direct call back with the PC, this would then grant them access to their target’s camera and microphone. It is suspected that the issue is related to Skype trying to pick up a dropped call where none exists. Microsoft are aware of this issue and are currently working on a fix, though an ETA has not been given as to when this will arrive. Given that there are such a large number of Android owners around the world, many of whom are users of Skype, this flaw could prove to be something of a bugbear for the firm if it is not resolved quickly, as such, expect a solution very soon.

Does this affect your opinion of Skype on Android? Let us know in the comments below.

Further reading: , ,