Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Does Skype Read the BIOS?

Posted by kdawson on from the phone-home dept.

pfp writes "Myria at pagetable.com, among others, noticed that Skype reads the machine's BIOS code on startup. This probably would've gone unnoticed if the operation didn't fail on 64-bit windows. From the post: 'It's dumping your system BIOS, which usually includes your motherboard's serial number, and pipes it to the Skype application. I have no idea what they're using it for, or whether they send anything to their servers, but I bet whatever they're doing is no good given their track record... If they hadn't been ignorant of Win64's lack of NTVDM, nobody would've noticed this happening.'"

5 of 327 comments (clear)

  1. Processor info? by Ledsock · · Score: 5, Interesting

    This is a random guess, but it could be part of skype determining the make and model of your CPU. They had made a deal with Intel a while back to only allow large conferences on their processors, and the BIOS reading could be part of that or anticipation of other deals to come.

    --
    What is mankind really? Well, it's just two words put together Mank, and ind.
  2. To prevent abuse? Usage statistics? by Cocoshimmy · · Score: 5, Interesting

    What better unique identifier than the system bios? Ip addresses are becoming less reliable since many people use wireless internet and mobile phones for skype.

    Skype is probably just looking for abusive users who sign up for their low margin unlimited calling plan only to share it with their relatives and friends accross the world. If they say detect say 5 different machines calling 5 different people all within a span of 10 minutes, then something is likely wrong.

    Of course they could just be collecting system info such as the system manufacturer, processor type, number of processors, sound card, etc. This could be combined with the survey results regarding phone quality they ask you to take after every few calls. In the end it could result in a better product and better service. Of course many other software products already do this (such as firefox, ms windows, ms office) but they are more open about it and at least give you the option of participating.

  3. Done by adpsimpson · · Score: 5, Interesting

    Dear Sir/Madam,

    As a Skype customer (adpsimpson) and software developer who has used skype-out from across the world to stay in touch with folk at home, I read with some interest on http://slashdot.org/ this morning that Skype appears to read the system bios on start up.

    While I am aware that there are legitimate reasons that some software may do this, I cannot immediately think what a VOIP application would require the data for.

    Using closed source software is always a second-best from my point of view, especially in terms of privacy and transparency of the software's function - this in fact is what led me to Skype, since it runs on Linux. As such I am slightly concerned about unexpected application behaviour.

    What does Skype do with this information? Is it transmitted across the network in any form? Is it identifiable?

    I look forward to your response,

    Yours,
    Andrew Simpson

    --
    Is crushing a suspect's child's testicles illegal?
    John Yoo: "No, [if] the President thinks he needs to do that."
  4. Tracing by ignorent · · Score: 5, Interesting

    Perhaps the federal government requires them to make all phone calls traceable?

  5. NSA conspiracy by sideswipe76 · · Score: 5, Interesting

    I am gonna repeat my grand conspiracy theory: It is my belief that eBay's purchase of Skype was somehow coaxed by the NSA/CIA and here is why: Ebay's purchase of Skype never made sense. Ebay could have included skypeout:// links in their auctions without spending a penny. That would be like saying slashdot can't use IM unless they buy AOL. Skype spent way above considered market value for Skype and their share holders have applied no real pressure to have it turn a profit. This makes the transaction suspicious. The reason of course if because prior to the eBay's purchase Skype was owned in Luxembourg and definitely not an ideal partner for eavesdropping on "terra'rists" (given those crazy European privacy laws). Given that the calls are encrypted, and that Skype does maintain the keys to decrypt those session, getting Skype under US subpeona power is a powerful tool for eavesdropping. Infact, because it is VoIP for most if not all of the calls, it can easily route traffic into the US were it can be picked up, decoded and monitored. Or, since it is known that open IP's become super nodes, Skype can naturally be coaxed into steering packets toward a super-node that can easily be monitored. I use to work for the company that wrote Carnivore. People got worked up over that? It was only the prototype.