Hacked Skype IP Address Search Shows Who's Speaking From Where

← Back to Stories (view on slashdot.org)

Hacked Skype IP Address Search Shows Who's Speaking From Where

Posted by timothy on Tuesday May 1, 2012 @04:52AM from the we-see-you-mr-appelbaum dept.

mask.of.sanity writes "An online search portal has been launched that reveals the IP addresses of any Skype user. The portal needs only a Skype username entered in a search bar for it to produce the IP address of a target user. It then uses IP addresses to geo-locate users on a map and reveal their ISP information."

3 of 84 comments (clear)

Min score:

Reason:

Sort:

not surprising by v1 · 2012-05-01 04:59 · Score: 3, Insightful

Can be done very simply with a little bit of tcpdump. they're just sniffing network traffic from the machine to reveal information that skype doesn't normally display.
They make it sound like it's some awesome service hacking app when it's just displaying information the client app is just choosing not to show you.
Does this really surprise anyone? Skype directly connects you to another user. Their servers aren't a relay, they're just a meeting point to hook users together. Both users' computers simply have to have the IP address of the other person for their service to function. (though I could see them relaying just text traffic, but certainly not audio/video)

--
I work for the Department of Redundancy Department.
1. Re:not surprising by Talennor · 2012-05-01 06:17 · Score: 4, Insightful
  
  http://en.wikipedia.org/wiki/NAT_traversal
  Skype servers help make the connection, but aren't involved in the data stream.
  
  --
  
  //TODO: signature
2. Re:not surprising by s_p_oneil · 2012-05-01 07:06 · Score: 4, Insightful
  
  "Can be done very simply with a little bit of tcpdump."
  Um, no. Not even close. This is a web site that can find any Skype user in the world by their Skype username. No one (not even the web server) needs to have Skype installed to use this, and no packet sniffing is being done. Since the encryption used for Skype's TCP connections starts with a Diffie-Hellman key exchange, a tcpdump would be pretty useless. Sure you could see your own Skype client talking to 100 different IP addresses, but you wouldn't have any idea who was at the other end of them, and you would have no way of sniffing the packets of every Skype user world-wide.
  I agree that this isn't surprising, though. Skype's protocol has been cracked (and those cracks have been published) so that anyone could write a program to talk to the Skype supernodes (any normal Skype client that allows incoming connections can be promoted to a supernode) and to perform this kind of search. The problem here lies in how much Skype supernodes trust any client that knows how to speak its language. The author considered that part of the Skype client to be sufficiently crack-proof, but he was wrong.