Skype Bug Sends Messages To Random Contacts

← Back to Stories (view on slashdot.org)

Skype Bug Sends Messages To Random Contacts

Posted by samzenpus on Monday July 16, 2012 @05:59AM from the everyone-gets-a-message dept.

An anonymous reader writes "A bug has been discovered in Skype that sends users' private instant messages to other contacts whom the messages were never intended for. Skype has confirmed the issue and is working on a fix. 'We are aware that in rare circumstances IM's between two contacts could be sent to an unintended third contact,' a Skype spokesperson told Engadget. 'We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype.'"

77 comments

Min score:

Reason:

Sort:

48fps is too fast by Bob+the+Super+Hamste · 2012-07-16 06:02 · Score: 4, Funny

Why would I go to a theater to see a movie not shot at 24 fps, 48fps is just too fast for me.

--
Time to offend someone
1. Re:48fps is too fast by X0563511 · 2012-07-16 06:10 · Score: 0
  
  Wrong story, Bob. You meant to post in this one.
  This one's about a Skype bug, and the one before it a recent achievement at the National Ignition Lab.
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
2. Re:48fps is too fast by Ashbory · 2012-07-16 06:11 · Score: 4, Funny
  
  Did you post this comment from Skype?
3. Re:48fps is too fast by Githaron · 2012-07-16 06:15 · Score: 3, Insightful
  
  Maybe he was commenting ironically?
4. Re:48fps is too fast by Anonymous Coward · 2012-07-16 06:16 · Score: 0
  
  whoooooooooooosh
5. Re:48fps is too fast by Bob+the+Super+Hamste · 2012-07-16 06:21 · Score: 1
  
  That is what I was going for
  
  --
  Time to offend someone
6. Re:48fps is too fast by X0563511 · 2012-07-16 06:22 · Score: 3, Informative
  
  Woosh, apparently. My bad ;)
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
7. Re:48fps is too fast by Bob+the+Super+Hamste · 2012-07-16 06:22 · Score: 1
  
  Maybe?
  
  --
  Time to offend someone
8. Re:48fps is too fast by Anonymous Coward · 2012-07-16 06:44 · Score: 0
  
  Whoosh!
9. Re:48fps is too fast by Anonymous Coward · 2012-07-16 06:45 · Score: 0
  
  Whooooooosh.
10. Re:48fps is too fast by Bob+the+Super+Hamste · 2012-07-16 06:55 · Score: 1
  
  No problem. Apparently others felt it was off topic and it got bounced down to -1 for a bit.
  
  --
  Time to offend someone
also by Anonymous Coward · 2012-07-16 06:02 · Score: 4, Interesting

Skype also sends crap to port 80 at systems where the skype client is or has been running.
This shows up as garbage log lines in Apache.
This has been going on for years and they never fixed it.
1. Re:also by Anonymous Coward · 2012-07-16 06:16 · Score: 0
  
  A reasonable program would have used a HTTP command instead of sending crap.
2. Re:also by Anonymous Coward · 2012-07-16 06:18 · Score: 3, Informative
  
  It's called an open proxy scan, you dipshit
  no its not, Skype listens on 443 and port 80 by default, just open your settings in Skype and see under "connections"
  if you have a webserver on your gateway then this is where the garbage appears as skype clients try to connect to 80/443 on the public IP before choosing a NAT'ed port
  dipshit
3. Re:also by Anonymous Coward · 2012-07-16 06:26 · Score: 2, Insightful
  
  When you don't have Skype listening on 80 and 443, other systems are still trying to connect those ports and are sending garbage, which appears in the Apache logs.
  When Skype wants to run on port 80, it should encapsulate its traffic (at least the initial command to see if it is talking to another skype) in valid HTTP(S).
  It makes no attempt to do so, which I consider a bug.
4. Re:also by tokul · 2012-07-16 09:03 · Score: 1
  
  This has been going on for years and they never fixed it.
  
  It is hard to fix something controlled by application config.
5. Re:also by Anonymous Coward · 2012-07-16 20:27 · Score: 0
  
  It is not controlled by application config.
  In the version of Skype for Linux (2.2) that I run there does not even exist such a config item.
  But also, the problem is NOT that the local Skype is listening on port 80, it isn't doing that (it is running as a normal user).
  The problem is that the OTHER skype users who try to connect are trying on port 80 using another protocol than HTTP.
  They send garbage to port 80 on this system, on which there is no skype listening, there is apache.
Have they mentoned by floydman · 2012-07-16 06:03 · Score: 4, Funny

how to find out if that happened...just in case i am cheating on my wife

--
The lunatic is in my head
1. Re:Have they mentoned by SatanClauz · 2012-07-16 06:05 · Score: 5, Funny
  
  Ask your wife.
2. Re:Have they mentoned by Beardo+the+Bearded · 2012-07-16 06:38 · Score: 5, Funny
  
  Did you wake up with your penis still attached to your body?
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
3. Re:Have they mentoned by Anonymous Coward · 2012-07-16 07:39 · Score: 0
  
  Yes, but brain hurt knife ear bad feel blood floor banana fridge.
4. Re:Have they mentoned by Anonymous Coward · 2012-07-16 08:05 · Score: 0, Funny
  
  Did you wake up with your penis still attached to your body?
  Or vagina?
5. Re:Have they mentoned by sound+vision · 2012-07-16 08:19 · Score: 1, Offtopic
  
  Or vagina.
6. Re:Have they mentoned by antdude · 2012-07-16 08:29 · Score: 1
  
  Was that woman's name, Lorena Bobbit? :P
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
7. Re:Have they mentoned by Anonymous Coward · 2012-07-16 08:33 · Score: 0
  
  Give your LGT crap a rest. No one cares about those freaks.
8. Re:Have they mentoned by Beardo+the+Bearded · 2012-07-16 09:50 · Score: 1
  
  The GP's name is "FloydMan". I'm assuming that he's a dude.
  Admittedly, I've been shaving since 2004, but... uh... not that closely.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
9. Re:Have they mentoned by Anonymous Coward · 2012-07-16 11:25 · Score: 1
  
  The above AC is referring to a previous slashdot story. It turned into another slashdot meta joke, so expect to see it a lot until people get bored of it.
10. Re:Have they mentoned by rHBa · 2012-07-16 13:48 · Score: 1
  
  Blink and you'll miss it...
11. Re:Have they mentoned by Anonymous Coward · 2012-07-17 07:53 · Score: 0
  
  The above AC is referring to a previous slashdot story. It turned into another slashdot meta joke, so expect to see it a lot FOREVER!
  FTFY
Wait ... by lennier1 · 2012-07-16 06:05 · Score: 4, Insightful

Is it just me or did the Skype bugs get more entertaining after the MS purchase?
1. Re:Wait ... by Capt.DrumkenBum · 2012-07-16 06:10 · Score: 0
  
  I was just thinking the same thing. Perhaps it is just that all MS bugs are more entertaining when you don't run any MS software.
  
  --
  If I were God, wouldn't I protect my churches from acts of me?
2. Re:Wait ... by Anonymous Coward · 2012-07-16 06:16 · Score: 2, Interesting
  
  I used skype as a ghetto surveillence system and it quit working around February. My gut feeling was it was microsoft playing with the backend, then i found out they were converting to linux, so they were fucking it up. It isn't reliable anymore for very long term use, like 10 hours or more. I switched to yawcam and vlc and it is better in some ways.
  Skype still cool though.
3. Re:Wait ... by durrr · 2012-07-16 06:58 · Score: 0
  
  Why don't you just aquire a fully fledged surveillence application in indefinite trial mode from indefinite trial bay?
4. Re:Wait ... by awehttam · 2012-07-16 07:20 · Score: 1
  
  Nah, these things have been happening for years. I first encountered something similar about 2.5 years ago when messages from me where being delivered to a contact of one of my Skype contacts.
5. Re:Wait ... by Arkaic · 2012-07-16 07:57 · Score: 2, Insightful
  
  I was thinking along those lines. Has MS started adding code to Skype? :)
6. Re:Wait ... by Anonymous Coward · 2012-07-16 08:23 · Score: 0
  
  Yes, allow Microfail (Microsoft) to touch a product and it develops new "features".....it's not a bug I tell ya it's a new feature!!!!!
Skype for Linux? by fph+il+quozientatore · 2012-07-16 06:07 · Score: 3, Interesting

Is Skype for Linux affected?

--
My first program:
Hell Segmentation fault
1. Re:Skype for Linux? by slashmojo · 2012-07-16 06:34 · Score: 5, Funny
  
  It will be in about 2 years..
2. Re:Skype for Linux? by Anonymous Coward · 2012-07-16 06:55 · Score: 0
  
  like there's gonna be a linux version left after CrazySteve is done with skype...
3. Re:Skype for Linux? by Bernal+KC · 2012-07-17 10:57 · Score: 1
  
  Yes, and it has been fixed. Updates available now.
You call that a bug, lonely lonely Skype calls it by WillAffleckUW · 2012-07-16 06:07 · Score: 2

You may call that a bug.
the lonely lonely Skype program calls that "making friends".
Come on, sign it up for a dating service, it wants to make friends.

--
-- Tigger warning: This post may contain tiggers! --
Re:ahhhh by Anonymous Coward · 2012-07-16 06:13 · Score: 0

Pool's closed.
I absolutely refuse by Vinegar+Joe · 2012-07-16 06:14 · Score: 1

To use the 5.0 series of Skype. I uninstalled it and went back to 4.2.0.187...........much nicer, thank you very much.

--
"The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
1. Re:I absolutely refuse by Anonymous Coward · 2012-07-16 06:57 · Score: 0
  
  Well, enjoy your no security patches.
Did you actually have to call him a dipshit? by tlambert · 2012-07-16 06:15 · Score: 1, Offtopic

It's called an open proxy scan, you dipshit. It's intentional.
He just admitted to running Skype. It's kind of a given.
Spyware by Anonymous Coward · 2012-07-16 06:17 · Score: 3, Insightful

"We are aware that in rare circumstances IM's between two contacts could be sent to an unintended third contact"
The wording is interesting. They are not saying its an error, they are just saying it was sent to an unintended receiver.
In other words: "Yes, we spy on you. But it wasn't our intention your friends know". I wouldn't be surprised if the next story is about skype having simular chat content filters as facebook showed recently.
1. Re:Spyware by KhabaLox · 2012-07-16 07:17 · Score: 1
  
  The wording is interesting. They are not saying its an error, they are just saying it was sent to an unintended receiver.
  In other words: "Yes, we spy on you. But it wasn't our intention your friends know".
  
  I think it's clear that what they meant by that comment is that the 3rd party is not who you, the user, intended to receive the message. However, what's interesting to me is that this can happen at all. I'm not an engineer by any stretch, and perhaps I'm being too paranoid, but isn't it conceivable that the bug might not be that it's sending the IM to an some 3rd party on your contact list, but rather it's sending it to that 3rd party instead of to some log file on Skype's servers, or worse yet, some NSA repository?
  
  --
  Ceci n'est pas un sig.
2. Re:Spyware by Anonymous Coward · 2012-07-16 12:27 · Score: 0
  
  Well that's easy to find out...
  Just send a Skype IM that you're going to blow some shit up tomorrow.
  If the FBI, CIA or NSA are at your door before tomorrow, you know the answer.
Half working as intended. by JustAnotherIdiot · 2012-07-16 06:18 · Score: 1

The part wrong is the recipient, it's supposed to forward your messages to big brother, not your friends.

--
What do I know, I'm just an idiot, right?
1. Re:Half working as intended. by idontgno · 2012-07-16 07:15 · Score: 3, Funny
  
  Thoughtcrime. Big Brother is your only friend. Big Brother has always been your only friend.
  
  --
  Welcome to the Panopticon. Used to be a prison, now it's your home.
Call me when... by Anonymous Coward · 2012-07-16 06:19 · Score: 0, Interesting

Skype doesn't suck 10 kinds of ass.
Seriously, to actually have a graphics-level crash these days, you have to purposefully screw your own code up.
I've never had a single graphics crash besides 3 times where I done something a little obtuse in nature by making a Firefox window with Flash transparent.
It is such a tiny use-case that I am surprised they even fixed it after I tested it another 2 times and reported the bug to both of them.
Not with games, not a single Windows graphical error, nothing.
But ever since Skype 5 and up, forced to use the video frame crap interface at the top of every call now, every so often it just fails to initialize for god knows what reason and then of course draws to nothing. And even then, that normally wouldn't do anything but kill the program. No, Skype goes a step ahead of everyone else and brings the entire OS down.
It's not like I have the most generic system ever. Nothing special about it.
Sadly other idiots I know refuse to use much better things, so stuck with that crap.
So now I have to keep a constantly running script that has a hotkey that instantly terminates Skype the moment I notice the video frame hasn't initialized.
I literally have a 2 second window of opportunity to terminate it or crash.
Seriously sucks. Every version from 5 onwards. Nothing done about it either. I've all but given up even caring about helping them anymore.
Heard so many others with the issue as well, in fact pretty sure I saw someone mention it on here a good while back on the Skype protocol article.
Also, fix the constant "you have a message but you don't" bug! My god, most annoying bug in any program. More so than the crashing.
How about the Skype registration form... by vst · 2012-07-16 06:22 · Score: 0

It's not just you.

A few days ago my friend couldn't register his friend on Skype because the second email field in the registration form persistently stayed disabled/greyed-out (tried it in every browser, on both Linux and Windows)...
1. Re:How about the Skype registration form... by Anonymous Coward · 2012-07-16 23:41 · Score: 0
  
  Could have easily fixed that with Javascript, you know.
2. Re:How about the Skype registration form... by Anonymous Coward · 2012-07-19 07:29 · Score: 0
  
  Could have easily fixed that with Javascript, you know.
  Yeah, I did that FYI, but that's not the point. So, go fuck yourself, you putrid little AC cunt.
3. Re:How about the Skype registration form... by Anonymous Coward · 2012-07-20 10:54 · Score: 0
  
  If you smell a putrid little AC cunt, it's probably you. They haven't yet figured out how to transmit odors over the internet, afaik.
sounds like by geoffaus · 2012-07-16 06:28 · Score: 5, Funny

A new product - Skype Chat Roulette!

--
As an online discussion grows longer, the probability of a reference to Godwin's Law approaches 1
1. Re:sounds like by Anonymous Coward · 2012-07-16 09:13 · Score: 0
  
  They would charge for that upgrade :-)
2. Re:sounds like by sociocapitalist · 2012-07-16 09:23 · Score: 1
  
  A new product - Skype Chat Roulette!
  It's not a bug...it's a feature...
  
  --
  blindly antisocialist = antisocial
honey... by MickyTheIdiot · 2012-07-16 06:30 · Score: 1

The old bag is going to some suffragette meeting tonight or something. Bring your Mighty Mouse costume... there will be plenty of time. Can't wait to eat your cheese!!
Re:Microsoft developers working on Skype now? by SJHillman · 2012-07-16 06:35 · Score: 0

Could have something to do with Microsoft owning Skype...
Serves Skype users right by Anonymous Coward · 2012-07-16 07:56 · Score: 0

People who use Skype despite its poisonous closed protocol deserve everything they get.
1. Re:Serves Skype users right by Anonymous Coward · 2012-07-16 08:17 · Score: 0
  
  People who use Skype despite its poisonous closed protocol deserve everything they get.
  Heh. Just...... stupid.
2. Re:Serves Skype users right by Anonymous Coward · 2012-07-16 09:23 · Score: 0
  
  Facetime
How about the exit button? by Fujisawa+Sensei · 2012-07-16 09:34 · Score: 2

How about fixing the red exit button so that when I click it the application actually exits, and doesn't keep running in the background, so I have to exit it again, and the confirm?
And before I hear the whiners say:"That's what its supposed to do". I say inability to exit the application with one click is a fucking bug.

--
If someone is passing you on the right, you are an asshole for driving in the wrong lane.
1. Re:How about the exit button? by Anonymous Coward · 2012-07-16 19:37 · Score: 0
  
  Red button?! Are you using Windows?!
  You are bugged by design...
2. Re:How about the exit button? by Anonymous Coward · 2012-07-17 04:17 · Score: 0
  
  Same with music players in Linux. (I'm looking at you, Rythmbox)
  Alt-F4 should close the freaking application, not hide it in a panel and continue playing music.
feature or bug? by dhart · 2012-07-16 10:51 · Score: 1

A "bug", really? Or was it a "feature" that went slightly wrong? The mere existence of code [in Skype's codebase] that sends messages without the user's input is troublesome (although hardly surprising, considering the source).
gmail by speedc0re · 2012-07-16 16:03 · Score: 0

gmail has been doing this for years, or is that just my gmail?
1. Re:gmail by speedc0re · 2012-07-19 11:41 · Score: 0
  
  I get emails from random people sending to other gmail accounts, and the slashdot fascists don't find that the least bit informative?
It's just the Government listening in by Anonymous Coward · 2012-07-16 20:12 · Score: 0

This is just the government bug feature. They are the third party who has requested access to your conversations and wants to be kept in the loop of what you say.
https://www.networkworld.com/community/node/81026?t51hb
Hotfix for Skype IM/chat bug by chaimhaas · 2012-07-17 01:33 · Score: 1

The first set of hotfixes (Skype for Windows and Skype for Linux) to the Skype IM/chat bug are out – see http://blogs.skype.com/garage/2012/07/hotfix_for_multiple_skype_clie.html.