Skype and other Internet-based phone systems have flaws that could potentially disclose the identities, locations and even digital files of the hundreds of millions of users of these systems.
The research was conducted by Chao Zhang and Keith Ross of NYU-Poly; Stevens Le Blond of the Max Planck Institute for Software Systems (MPI-SWS), Germany; and Arnaud Legout and Walid Dabbous of the French research institute I.N.R.I.A Sophia Antipolis.
It is important to mention that even when a user blocks callers or connects from behind a Network Address Translation (NAT) , it does not prevent the privacy risk.
By using commercial geo-location mapping services, the researchers, found that they could construct a detailed account of a user’s daily activities even if the user had not turned on Skype for 72 hours. In one example, they accurately tracked one volunteer researcher from his visit at a New York university to a vacation in Chicago, a return to a New York university, lodging in Brooklyn, then to his home in France. “If we had followed the mobility of the Facebook friends of this user as well, we likely would have determined who he was visiting and when,” the authors said.
How do we value our privacy?
The researchers has informed Skype and Microsoft for these vulnerabilities.