Reddit user Ponkers posted an interesting find to /r/Android today, pointing out a significant privacy hole in Skype that essentially allows users to force an Android device to answer a call, making eavesdropping nearly effortless.
Ponkers drew a diagram below, which I feel compelled to include based on its artistic merits, but here’s the gist of how the process works.
Assume you have three devices, device 1, device 2, and device 3. There are also two Skype accounts involved: account A and account B. Device 1 and device 3 are attached to account A. Device 2 is attached to account B.
If a user uses device 1 to call device 2, then shuts off any network connection to device 1, device 2 will then automatically call and connect to device 3, giving the holder of account A a connection to device 2 without the owner of the device necessarily knowing.
Skype thinks that the users want to be connected and that the lost network connection is a mistake, so it tries to fix the situation by reconnecting the two. Under normal circumstances, if both parties have willfully connected to a call, this kind of behavior would be welcome, as it would ensure that any interruptions in the conversation are minimal. The issue is that this can happen before the party receiving a call has accepted it. From what users have deduced so far, the bug seems to be specifically related to how Skype’s Android app connects calls.
SHARE
Previous articleThe Limited Edition Samsung Galaxy Alpha
Next articleamazon is offering over 40 Paid apps and games for free on Christmas eve
shinendrakumar@beamdroid.com'
Shinendra is an avid android fan and founder of beamdroid.com. Mobile technology has been his first priority ever since. He's currently doing B.E. and As an avid android fan and writer nothing pleases him more than to write about the exciting world of Android and Gadgets. He hopes to provide the latest Android news and reviews about the products. When not making words happen on the Internet, he can be found playing guitar and surfing on cellphone.

LEAVE A REPLY

Please enter your comment!
Please enter your name here