The detectives over at Android Police have found an interesting weakness in Skype for Android. The site has discovered that the popular VoIP chat client stores contact details, conversation logs, and a host of other information in a series of unprotected squlite3 databases. “Skype mistakenly left these files with improper permissions, allowing anyone or any app to read them,” reads the article. “Not only are they accessible, but completely unencrypted.” The vulnerability was initially found in the recently-leaked Skype build for Verizon’s HTC ThunderBolt, but upon further review the current build of the software was also found to have the issue. The article’s author has even provided a proof-of-concept application that can leverage the databases’ weakness. Skype has published an official response saying that the company takes privacy very seriously and is “working quickly to protect users from this vulnerability.” Hit the jump to see a video of the proof-of-concept in action.
Related Articles
New leaks further detail the phone that could be every Android fan's Android dream
Maker of Android flashlight app with 50M downloads avoids fine after selling location data
Everything iPhone users need to know before switching to Android
Plastic HTC One (M8) will reportedly launch next month at half the price
Leak points to major redesign in upcoming new version of Android
