Skip to main content

Skype for Android has a major security flaw

skype-large-logoIt was only a week ago that an Internet security firm peeked into Pandora‘s mobile app and determined that the company is sharing “mass quantities” of user info with ad agencies. Now Skype is being held under a microscope, particularly the company’s Android mobile app, and it seems that your stored personal data isn’t as safe as you’d probably like it to be.

After discovering that a leaked beta version of the VoIP app was vulnerable to an exploit that offers access to all user data, Android Police tried the same tactic with the widely used Skype for Android, available since October 2010, and saw the same results. The site notes that the Skype Mobile for Verizon app appears to be unaffected, only Skype for Android.

The technical details get a little complicated, but essentially, Skype stores all user data in a folder bearing that user’s name. The database files contained within that folder have incorrect permissions (simply, who/what can access them, and how), and furthermore, they aren’t encrypted. What all of this means is that these files, which contains everything from contacts and profile information to message logs, can be both accessed and read by anyone with minimal trouble.

The issue extends a bit deeper than that as well. If the issue were confined to just what is detailed above, potential intruders would have to have the user’s Skype name. Still not terribly secure, but certainly more manageable. Unfortunately, there is also a way to tease out this information as well. Android Police notes that the big danger here is of a rogue developer releasing a tweaked version of the app — think back to the recent malware debacle on Android Market — that pulls out and transmits private user information.

The post concludes with some suggestions to Skype as to how this could be fixed. A later update reveals that the company “is investigating this issue.”

Editors' Recommendations

Adam Rosenberg
Former Digital Trends Contributor
Previously, Adam worked in the games press as a freelance writer and critic for a range of outlets, including Digital Trends…
Hey look, the iPhone’s Dynamic Island has come to … Android?!?
dynamic island android app dynamicspot

Apple caused a great deal of excitement when it unveiled the Dynamic Island on the new iPhone 14 Pro and iPhone 14 Pro Max handsets earlier this month (although it turns out it's not for everyone).

The feature brings to life the otherwise boring pill-shaped cutout at the top of the display by changing its appearance according to the information or controls that it's showing.

Read more
The Galaxy Tab S8 has renewed my faith in Android tablets
A Samsung Galaxy Tab S8 is held up on top of a desk.

Three weeks ago, I shut down my trusty Microsoft Surface 2-in-1 to embark on a daring experiment – using an Android tablet as my primary computing device. More specifically, I mean using the Samsung Galaxy Tab S8 as my sole work machine. It might sound outlandish, but to my surprise, I came out with a mostly positive experience.

Yes, there were a few frustrations, but the Galaxy Tab S8 gave me numerous reasons to believe that Android tablets are not the lost cause that many out there think. The Android tablet experience is surprisingly strong in 2022, and I hope things continue to improve in the years to come. Here's how and why I stuck with the Galaxy Tab S8 for weeks without losing my sanity.
Where the Galaxy Tab S8 shines

Read more
Your Chromebook now has access to your Android phone’s photos
The Acer Chromebook Spin 514 sitting on a table in an angled front view.

The latest update for Chromebooks, ChromeOS 103, launches some of the interesting new features announced at Google I/O and CES, including the ability to see your Android phone's photos on your Chromebook.

There are three new things to look out for on your Chromebook in ChromeOS 103, but the biggest feature is the ability to instantly access the latest photos you took on your phone right on your Chromebook through Phone Hub.

Read more