The serious breach in the widely-used, internet video chat program means that any evil computer nerd could easily hunt down users' whereabouts, according to a study co-authored by an NYU-Poly professor.
The flaw in Skype could allow a skilled hacker to find out the IP address from which a user has logged in to Skype, thereby determining the location of Skype users, which is a massive breach of privacy and security. The company is trying to downplay the flaw, claiming that the ability to derive IP addresses was common with all web based communication clients.
The flaw can reportedly be exploited without the user's knowledge, and can be executed on a massive scale. The reserch team demonstrated this by scheduling hourly calls to tens of thousands of Skype users.
Adrian Asher, Skype's chief information security officer, said that IP addresses are easily uncovered in most web communications clients."Just as with typical Internet communications software, Skype users who are connected may be able to determine each other's IP addresses. Through research and development, we will continue to make advances in this area and improvements to our software," he told.