Skype for iPhone 4GS may put your phone book at risk

Author Information

Reneta Alexandrova has 7 Published Articles

Bulgaria,
Plovdiv,
Plovdiv,
plovdiv,

Skype for iPhone 4GS may put your phone book at risk

Posted On : Oct-19-2011 | seen (528) times | Article Word Count : 515 |

TechCruch has said that the developers at Skype were not fully aware of this problem and are working to ensure that the program becomes secure for all iPhone 4GS users in a future update.

It seems as though whenever there is a new version of popular software out for the iPhone 4GS there is a bug or hole. Around 3 out of 6 times the software is a major release by a big name like Skype. This time the hole has been found in Skype for latest iOS platform which essentially allows for a hacker to access your phone’s address database without much effort. A hacker with the right tools and exploit script can essentially get into your phone without your knowledge and copy all the data to his computer for obvious malicious intent.

Type of Hole in Skype

The venerability has been categorized as being a Cross Site Scripting hole which mainly exists in the program’s chat message bar in version 3.0.1 of Skype as well as some earlier versions which are for iPod touch and iPhone. The way a hacker will probably approach this is to use a JavaScript code which directly runs on a server, so when a user view a message the hacker will be able to access their data. The data revealed will be the full name of the owner of the phone; however this is not the real scary part of this hole.

What the Skype Hole is all about?

Many security experts have also been quick to criticize Skype since it does not define a URL properly which is built into its webkit browser for the application. This essentially will give the hacker full access to the file system which allows the hacker to access any file that the application can access or has been given permission to access. At the very least this means that the phonebook is easily accessible by a hacker since by default Skype has access it to it.

So in a nutshell anything that Skype can do on your iPhone 4GS the hacker who has the right tools should be able to accomplish. However, if you are worried then there is also some good news. You can use the app sandbox design of the OS to your advantage as it does not allow sensitive information from easily being accessed but because like many other chatting apps Skype has access to the address book. There has also been a proof of concept video which was released last week which shows how exactly the address book can be accessed and data be stolen via correctly using this vulnerability.

Is it all that bad?

However, TechCruch has said that the developers at Skype were not fully aware of this problem and are working to ensure that the program becomes secure for all iPhone 4GS users in a future update. This is yet another example of half baked applications which put the security of an iPhone user at risk despite iOS being a comparatively secure and stable platform. There should probably be a standard by which every app should be measure before it is released as a final version which people assume are stable and secure.

Re-Publish this Article

<h1>Skype for iPhone 4GS may put your phone book at risk</h1> Author: <a href='http://www.articleseen.com/profile_Reneta Alexandrova.aspx'>Reneta Alexandrova</a> It seems as though whenever there is a new version of popular software out for the iPhone 4GS there is a bug or hole. Around 3 out of 6 times the software is a major release by a big name like Skype. This time the hole has been found in Skype for latest iOS platform which essentially allows for a hacker to access your phone’s address database without much effort. A hacker with the right tools and exploit script can essentially get into your phone without your knowledge and copy all the data to his computer for obvious malicious intent.
 
Type of Hole in Skype

The venerability has been categorized as being a Cross Site Scripting hole which mainly exists in the program’s chat message bar in version 3.0.1 of Skype as well as some earlier versions which are for iPod touch and iPhone. The way a hacker will probably approach this is to use a JavaScript code which directly runs on a server, so when a user view a message the hacker will be able to access their data. The data revealed will be the full name of the owner of the phone; however this is not the real scary part of this hole.
 
What the Skype Hole is all about?

Many security experts have also been quick to criticize Skype since it does not define a URL properly which is built into its webkit browser for the application. This essentially will give the hacker full access to the file system which allows the hacker to access any file that the application can access or has been given permission to access. At the very least this means that the phonebook is easily accessible by a hacker since by default Skype has access it to it.
 
So in a nutshell anything that Skype can do on your iPhone 4GS the hacker who has the right tools should be able to accomplish. However, if you are worried then there is also some good news. You can use the app sandbox design of the OS to your advantage as it does not allow sensitive information from easily being accessed but because like many other chatting apps Skype has access to the address book. There has also been a proof of concept video which was released last week which shows how exactly the address book can be accessed and data be stolen via correctly using this vulnerability.
 
Is it all that bad?

However, TechCruch has said that the developers at Skype were not fully aware of this problem and are working to ensure that the program becomes secure for all iPhone 4GS users in a future update. This is yet another example of half baked applications which put the security of an iPhone user at risk despite iOS being a comparatively secure and stable platform. There should probably be a standard by which every app should be measure before it is released as a final version which people assume are stable and secure. 
About the Author: To know more about the new model of Apple check this site for <a rel="nofollow" href="http://www.3.dk/d/iphone-4s/">iPhone 4GS</a>.You can read more about the device <a rel="nofollow" href="http://www.pcworld.com/product/545030/apple_32gb_iphone_4_gsm_atandt.html">here</a>. Article Source: <a href='http://www.articleseen.com/Article_Skype-for-iPhone-4GS-may-put-your-phone-book-at-risk_94134.aspx'> http://www.articleseen.com/Article_Skype for iPhone 4GS may put your phone book at risk_94134.aspx</a>

Article Source : http://www.articleseen.com/Article_Skype for iPhone 4GS may put your phone book at risk_94134.aspx

Author Resource :
To know more about the new model of Apple check this site for iPhone 4GS.You can read more about the device here.

Keywords : iPhone, iPhone 4GS, iPhone new model, New iPhone, iPhone 4,

Category : Communications : Mobile Phones

Print this Article Send to Friend