Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

Hacked Skype IP Address Search Shows Who's Speaking From Where

Comments Filter:
    • looking at the message history, quotes like "Service is down again: skype strikes back" imply that skype is doing something to protect their users' privacy. at the least it proves that Ivan thinks so.
      • What strikes me as a bit sick (or at least sad) is that anyone might feel this project is a good use of their time. I can think of no reason why a skype user need be legitimately stalked in this way except for purposes of law enforcement, and those authorities already have resources at their disposal.
        • by Anonymous Coward

          Because without people like this guy, who is probing for weaknesses and making some noise about them, you rely on a security model of 'security through obscurity', and we all know that only idiots think that's real security.

        • Because this sort of project proves how flawed skype's so-called security model is in the first place.
          It's yet one more thing you can point at when listing skype's defects.

  • not surprising (Score:4, Insightful)

    by v1 (525388) on Tuesday May 01, 2012 @12:59PM (#39858799) Homepage Journal

    Can be done very simply with a little bit of tcpdump. they're just sniffing network traffic from the machine to reveal information that skype doesn't normally display.

    They make it sound like it's some awesome service hacking app when it's just displaying information the client app is just choosing not to show you.

    Does this really surprise anyone? Skype directly connects you to another user. Their servers aren't a relay, they're just a meeting point to hook users together. Both users' computers simply have to have the IP address of the other person for their service to function. (though I could see them relaying just text traffic, but certainly not audio/video)

    • Re:not surprising (Score:5, Informative)

      by Anonymous Coward on Tuesday May 01, 2012 @01:22PM (#39859101)

      Actually, the service works by sending the owner of the username a contact-info request (used for instance while searching for users to add to your contact list). The difference from what you mentions is that the target is not notified in any way (as opposed from when sending them a message or calling them), and also have no option to block the request.

    • by Lumpy (12016)

      Um. no.

      Skype DOES use relay servers when there is no ports open on the firewall that a user is behind. It's why skype works all the time and raw VoIP can not without opening ports.

    • Actually, Skype DOES use relaying. I use skype from behind a NAT, and so do most of my contacts, we're all inaccessible through our external IP addresses, and sometimes, me and my contact are from the same ISP, and hence behind the same NAT, sharing same external IP address. why it works? because our communication goes through skype servers!

    • Re:not surprising (Score:5, Insightful)

      by s_p_oneil (795792) on Tuesday May 01, 2012 @03:06PM (#39860395) Homepage

      "Can be done very simply with a little bit of tcpdump."

      Um, no. Not even close. This is a web site that can find any Skype user in the world by their Skype username. No one (not even the web server) needs to have Skype installed to use this, and no packet sniffing is being done. Since the encryption used for Skype's TCP connections starts with a Diffie-Hellman key exchange, a tcpdump would be pretty useless. Sure you could see your own Skype client talking to 100 different IP addresses, but you wouldn't have any idea who was at the other end of them, and you would have no way of sniffing the packets of every Skype user world-wide.

      I agree that this isn't surprising, though. Skype's protocol has been cracked (and those cracks have been published) so that anyone could write a program to talk to the Skype supernodes (any normal Skype client that allows incoming connections can be promoted to a supernode) and to perform this kind of search. The problem here lies in how much Skype supernodes trust any client that knows how to speak its language. The author considered that part of the Skype client to be sufficiently crack-proof, but he was wrong.

      • this isn't surprising, though. Skype's protocol has been cracked (and those cracks have been published) so that anyone could write a program to talk to the Skype supernodes (any normal Skype client that allows incoming connections can be promoted to a supernode) and to perform this kind of search. The problem here lies in how much Skype supernodes trust any client that knows how to speak its language. The author considered that part of the Skype client to be sufficiently crack-proof, but he was wrong.

        QFT. I remember reading about the potential security exploits of skype some 5 years ago. If you speak skype to a node, it'll be happy to handle your requests with almost zero authentication, and it doesn't log it either. So you could extremely easily turn someone's skype box into a zombie to route your nefarious actions through. They'd have no clue you were doing it, no proof you did, and all evidence would show their IP was responsible. Perfect scapegoats.

  • Infact, its likely that most people reading this comment would be able to do this in lass than a minute
    • * less than a minute
    • Not if the service worked the way it should. While actual calls should be done peer-to-peer, things like requests for information, call setup/teardown, etc should be handled by Skype's servers, not exposing the IP of another user until a call has been established.

      Either that, or just dial *67 first...
  • The article says you just need to enter their skype username - does this mean that it works for even people who are offline? I know that I have at least one or two pseudonyms I've used for voice-chat while playing vidya games. If it does work for offline people, that would mean Skype is keeping logs of most-recent IP addresses.

    Service seems to be down right now, so there's no way for me to test it.

  • by jmDev (2607337)
    Now I can have even more people tell me that they have my IP address and they know someone that can hack me!
  • by Ziekheid (1427027) on Tuesday May 01, 2012 @01:25PM (#39859141)

    Is it me or did the person who wrote the summary of this article accidentally include his IP when linking to the portal page?

  • Wow so they think they can determine your location via your IP address and the ISP location. My ISP is HQ'd in or near Denver CO, I live in Utah, all the web-ads that try to target my location target me as being in Denver. So hack away, you'll still be hundreds of miles off, based solely on my IP.
    • Re: (Score:2, Funny)

      by Anonymous Coward

      Thank you sir for that info... We will be making adjustments to our database to compensate for the error.

    • by laffer1 (701823)

      This really depends on your ISP and package. As I have a business class package with static IPs and Comcast delegates them via ARIN, one can see my home address via my IP address.

  • by cryptizard (2629853) on Tuesday May 01, 2012 @01:38PM (#39859323) Homepage
    I saw this presented about a year ago at a security talk. If I recall correctly they were getting IP addresses by initiating a call but then terminating it before some threshold where the other party was actually notified, so it was invisible to the people they were tracking. The cooler part in my opinion was how they showed that something like 80% of people could be located on Skype (in the directory) based on information in their Facebook or LinkedIn profiles, allowing for targeted tracking of people. They also had some more advanced geo IP stuff to the point where they could get really good location results. The example they had was a woman in Florida where they could track her whole week's routine i.e. at work at 9:00, home by 5:00, where she goes to lunch, when she is visiting her grandmother in the next town. It is especially effective against people who are logged into Skype on their smart phones. Arguably the even cooler part was where they showed that they could track the entire population of a small country with something like $20,000 in computer hardware. As obvious as the nefarious applications of this are, it could also be pretty useful for tracking large scale movement for stuff like city planning.
  • by 93 Escort Wagon (326346) on Tuesday May 01, 2012 @01:41PM (#39859347)

    At least if you're a Skype user. It sounds like Skype is banning anyone who's logged in from the same IP address they're running this tool on.

    • Really??

      Great! Now we just have to figure out how to convince all those stupid "I found you online and thought you looked cool!" Skype Bots to connect to that address!

    • by Anonymous Coward

      That's precious. We have a potential privacy issue, and if the blackhats without skype accounts do it, well, nothing we can do about that. But if you dare research it yourself, we'll shitcan your account. Don't you know it's wrong to be curious!

  • Although not quite as easy as just firing up tcpdump (If it was - this would have been 'exploited' a long time ago)

    http://pastebin.com/rBu4jDm8 [pastebin.com]

    Not sure if the version of skype client is relevant (Maybe you just need to enable debug mode)

    You could replace looking at the logfile with sniffing packets if they are in plain text (Which they probably shouldn't be)

    I haven't tried this.

  • by sirdude (578412) on Tuesday May 01, 2012 @03:01PM (#39860321)

    "LOL, Skype killed us." is what I see when I visit the site. IP ban?

  • There is a solution (Score:5, Interesting)

    by Technician (215283) on Tuesday May 01, 2012 @08:14PM (#39863413)

    If you must hide your IP address, you can use one of many Skype/Sip gateways. SIP to SIP to the gateway then Skype to Skype from the gateway. Since Skype does not work well in Linus, I use SIP instead. SIP is P-P too, a SIP call will reveal my IP to a SIP caller. A Skype caller will only see the gateway.

    There are several gateways. IPPI.fr is only a representative example.

    You can Skype me in France anytime. I have never been to France.

    http://www.ippi.com/ [ippi.com]

    I don't use this to hide my IP address. I use it with an ATA so calls ring my phone, even when I'm not online. With their speed dialer, I can make Skype calls without turning on the computer.

    I can be called by Google Voice, an INUM number, SIP, Skype, or IPKall number and any will ring my SIP phone, provide voice mail, caller ID, etc.

    Analog Telephone Adapter (ATA) http://www.voip-info.org/wiki/view/Linksys+PAP2T [voip-info.org]

  • Of course this site is no longer active as the US Government now follows /.

    "This domain and website have been suspended because of abuse or copyright reasons."

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (8) I'm on the committee and I *still* don't know what the hell #pragma is for.

Working...