If for some reason you enjoy draining your cellular minutes and your Skype credit simultaneously while making Skype calls from your S60 handset (even for calls to your Skype contacts!), you probably use iSkoot instead of the true MoIP solutions offered by fring. Ok that’s fine, we all have our crosses to bear. You might be interested to learn however, that a serious security flaw was recently uncovered in the way iSkoot transmits your credentials. To make a long story short, it forgoes all encryption and passes all information including user name and password data in the clear. Yikes! The discovery was made over the weekend by popular Nokia blogger Phoneboy, and evidence in the form of tcpdump records provided indisputable evidence. iSkoot promptly responded to the post and claimed that a “non-production version” of the S60 client had accidentally made its way onto its site for public download. It also insisted that versions other than the native S60 client were not affected. We’re not clear on why an internal test version was signed with a public certificate but whatever the case may be, iSkoot users with S60 handsets should probably seek an alternative solution until an update is issued; especially if public WiFi is used frequently while iSkooting.
iSkoot Learns People Care About Security
Updated Dec 19th, 2018 5:59PM EST
If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.
Zach Epstein has been the Executive Editor at BGR for more than 15 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.
His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.
