Skype for Android Found With Scary Security Flaws Making It Vulnerable For Sensitive User Data

Just one week back, The Internet security, Android Police, checked into the mobile app of Pandora to make sure that the company has not been transferring “mass quantities” of user data with ad agencies according to the allegations. Since after the allegations Skype has been kept under full scale surveillance, especially the Android mobile app of the company is most controversial as it seems to have the potential of sharing your stored personal data.

It was found out earlier that a leaked beta version of the VoIP app had flaws and was completely weak if attacked it could give complete access to the entire user data of Skype. Android Police has attempted different methods of approach towards closing this loop whole of Skype for Android, which is offered online to anyone since October 2010, but it has been getting the same response each time. It has been clear now that this vulnerability is not in the ‘Skype Mobile for Verizon app,’ as it looks completely clean, except for Skype for Android.

Obviously the minute technological particulars are a little over the reach for a normal user, but it will be easily understood by a Lehman if we imply considering that Skype keeps all of its user data in a unique folder with the user’s screen-name. Now the problem is that the file in that database which contains this entire folder has now got faulty permissions. Permissions here imply that the approval of access of that data, even worse, these vulnerable files is not encrypted at all. Hence consequently, if something is still left ambiguous, it is still enough to know that, the files which actually hold the user data ranging from contacts and profile information to message logs, can not only be accessed but also read easily with barely any fatigue or effort.

However, problem is not limited to that; it goes even deeper than that. According to the problems explained just now, any possible burglar will still have to require the user’s Skype screen-name in any case. But there real danger is that there also a quick method to obtain the user’s Skype name too. Android Police states that the full-size hazard risk remains if any kind of rogue developer, releases another tampered version of this particular app, which will even eradicate this problem and the data will be transmitted private user information.

Predictably innumerable suggestions are already been made to Skype as regarding the covering up this particularly exposed loop hole of his system. An update was published later today stating that the company has been constantly investigating this issue.