Skype plugs Android app privacy hole

Less than a week after confirming that a flaw in Skype for Android could leak sensitive user information, the Internet calling company Wednesday issued an urgent update to fix the problem.

Skype informed customers that "After a period of developing and testing we have released a new version of the Skype for Android application onto the Android Market, containing a fix to the vulnerability reported to us. Please update to this version [] as soon as possible in order to help protect your information."

HISTORY: Smartphone security follies

Skype says it has had no reported examples of third-party apps misusing information from the Skype directory on Android devices, though is keeping an eye on things. The flaw left exposed a user's name, email address, contacts and chat logs.

The Android Police blog, which originally revealed the Skype flaw, says the fix works: "Skype has changed the permissions of the databases (which contain the personal information) in question." However, it warned that the update will not  "remedy the vulnerability on the leaked video version of the app, so continued use is at your own risk."

PRODUCT ROUNDUP: 8 Android apps for IT

And perhaps in an effort to make up for the security shortcoming, Skype has incorporated support for 3G VoIP calling in its updated software.  Previously, calling in the U.S. was mainly available only for Verizon customers or via Wi-Fi.

It's safe to follow Bob on Twitter

Read more about anti-malware in Network World's Anti-malware section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags smartphoneswirelessskypeNetworkingPhonesconsumer electronicsSkype flaw

More about SkypeVerizonVerizon

Show Comments