On 03/22/2013 02:21 PM, Andreas Bader wrote: > Anthony Papillion: >> On 03/22/2013 05:23 AM, Joseph Lorenzo Hall wrote: >> >> >>> On 3/21/13 9:36 PM, Michael Carbone wrote: >>>> Anyone looked into the reports that Skype leaks your IP >>>> address? Apparently you do not have to interact with the person >>>> whose location you are interested in to be able to get their >>>> IP address. >> >>> I think this is (still) the vulnerability Kieth Ross and his >>> team at NYU-Poly found a few years ago... last I talked to him >>> this particular flaw was still exploitable and hadn't been >>> fixed: >> >> That is definitely true. Basically, you can get the IP address the >> account last logged in from. Do a search for 'Skype Resolver' and >> you'll find a bunch of services that do this. >> >> Here's one: http://www.anonware.net/index.php?page=resolver >> >> Put in the Skype username. If it fails, try again as it sometimes >> messes up the first time. Apparently, Microsoft has not fixed this >> yet. > > Is this the same "Script Kiddie Hack" that was available for IQC a few > years ago? Don't you think that will solve itself?
Possibly. I've not read up on the details of it yet. But, regardless, it does show that Skype leaks information that could be used in an attack. How did it solve itself with ICQ? Anthony -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
