Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Does Skype Read the BIOS?

Posted by kdawson on from the phone-home dept.

pfp writes "Myria at pagetable.com, among others, noticed that Skype reads the machine's BIOS code on startup. This probably would've gone unnoticed if the operation didn't fail on 64-bit windows. From the post: 'It's dumping your system BIOS, which usually includes your motherboard's serial number, and pipes it to the Skype application. I have no idea what they're using it for, or whether they send anything to their servers, but I bet whatever they're doing is no good given their track record... If they hadn't been ignorant of Win64's lack of NTVDM, nobody would've noticed this happening.'"

9 of 327 comments (clear)

  1. Re:bad history? by Anonymous Coward · · Score: 5, Informative

    I think he was talking about the company who owns it. They also made kazaa, which was full of spyware and other harmful malware.

  2. Re:bad history? by Ledsock · · Score: 5, Informative

    While it is true that the developers were responsible for Kazaa, currently Skype is owned by eBay. They bought them on Oct. 14, 2005 for around $2.6 billion.

    --
    What is mankind really? Well, it's just two words put together Mank, and ind.
  3. Re:bad history? by anethema · · Score: 5, Informative

    Actually, the original Kazaa (which WAS dev'd by the same people as skype) was -not- full of spyware and adware. Kazaa was made an atrocity by Sharman, who still owns it.

    --


    It's easier to fight for one's principles than to live up to them.
  4. Here's a question for you.... by Khyber · · Score: 5, Informative

    I once read somewhere that the only identifying information that you could legally acquire, being installed on someone's computer, was MAC, IP, and Nickname. Anything else (Pentium 3 fiasco, anyone?) constituted a breach of privacy. Dunno if it's true, or not, but personally, I don't want you trying to identify what the hell makes up my system. Perhaps I'm building it SECRETLY for a fucking reason. You don't need to know what CPU or HDD I have installed - the only reason you would want to would be to directly target advertisements at their own users, concerning their own fucking hardwaer. If Skype did that, they'd lose not every bit of faith from me, but I'd go tell my company that I work for, which uses SKYPE on a regular basis. I can guarantee you that IT is so stupid they'd drop Skype and install Asterisk on a whim if I told them too, since I usually end up having to fix their intranet when it goes down.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  5. Re:bad history? by Cocoshimmy · · Score: 5, Informative

    They could be referring to the time where Skype would only allow 10-way conference calling on dual-core Intel processors. Those running AMD processors could only have 5-way conference calls. At the time they cited the "technical superiority" of Intel processors over AMD ones.

    Of course thie gave bad publicity to both Intel and Skype after AMD issued a subpoena against Skype and the fact that it was discovered that the software simply checked the processor ID and enabled the feature based on that. A patched version was also released which bypassed this artificial limitation.

  6. Re:What about Macs ? by descil · · Score: 5, Informative

    Skype won't run if you have softice installed on windows. Pretty funny - I guess they don't want you to look.

    Ollydbg still works though.

  7. Re:Processor info? by slashdot.org · · Score: 5, Informative

    Reading your BIOS to determine CPU ain't gonna be useful. I doubt any BIOSes store info on which CPU is on the board.

    As a former BIOS coder, I'll second that. Even if the BIOS did store some system specific info in Flash (on Embedded BIOSs sometimes this is done because CMOS is not reliable), there is NO way that Skype would know the format/place/meaning of this. It would be specific to a certain build of a specific BIOS for a specific board by a specific vendor.

    In any case, the method described to dump the BIOS is not very likely to get anything close to the complete, original BIOS image to begin with. By dumping memory at F000:0000 through F000:FFFF, a 16 bit DOS program, under Windows, will get the memory resident part of the BIOS. Most BIOSs are far bigger than 64KB and the memory resident part is the decompressed runtime part, which is nothing like what the actual BIOS image looks like at boot time.

    They are most likely using this in combination with other more or less 'unique' things to identify a specific machine. It wouldn't surprise me if after this some people would do a more in-depth analysis of their code and find out that it also reads the serial number of the harddrive and gets the MAC address of the Ethernet adapter.

  8. Re:What about Macs ? by mrogers · · Score: 5, Informative
    Skype contains encrypted code, self-modifying code, timing loops to detect whether it's running inside a debugger, and any number of other tricks to prevent reverse engineering. Which hasn't stopped people trying:

    http://www.recon.cx/en/f/vskype-part1.pdf
    http://www.recon.cx/en/f/vskype-part2.pdf

  9. Re:Processor info? by Anonymous Coward · · Score: 5, Informative

    Fact 1: 0xF0000-0xFFFFF are the SHADOWED copy of BIOS on almost every BIOS. It's write-enable-able.

    Fact 2: That's usually where the SMBIOS pointer is found.

    Fact 3: It's easy (and the only way really) to scan for SMBIOS and find it.

    Fact 4: SMBIOS *does* often contain serial numbers and hardware details.