Protect Your Data from Skype for Android

The Skype for Android app puts your sensitive information at risk, possibly exposing it to different apps without your knowledge operating theatre consent. Skype is working on a fix, but what should you do in the meantime to protect your information?

Justin Case at the Android Police force first uncovered the flaw, and developed an app called Skypwned as a test copy of concept to demonstrate how sensitive information such atomic number 3 the Mechanical man device owner's full name, headphone number, email addresses, contacts, and even Skype chaffer logs can be accessed without even off requiring a username.

Android security warning — Skype for Mechanical man puts sensitive data at risk happening Android devices.

The potential data rupture is not, however, a result of a blemish or exposure as such, just rather poor security configuration by Skype. Steamy Abrams, director of technical education for ESET, explains, "Unlike many Android apps that are codified to simply take the information, the Skype app exposes data through sloppy programming practices. It is the deviation between malice and incompetence."

Andrew Storms, theater director of security trading operations for nCircle, clarifies, "At that place are 2 problems here that point in Skype's direction. First, the files should equal better protected with stricter permissions. Second, and more importantly, all the customer/substance abuser information should be stored encrypted," adding, "The application is not loss out of its way to ex-filtrate your data but it is making it very easy for some other rogue application to do exactly that."

In a Skype Security web log post from Friday, Skype acknowledged the issue. The postal service states, "We take your privacy very seriously and are working quickly to protect you from this exposure, including securing the file permissions on the Skype for Humanoid application."

Skype recommends that users exercise caution in selecting and installing apps on an Mechanical man gimmick to avoid installing malicious apps that power take reward of the holes in Skype to access uncovered information. The problem with that guidance, though, is that on that point is no more right smart for a user to actually recite if an app might be malicious or attempt to access the exposed data because No suspicious or additional permissions would be required of such an app.

So, what are Android users supposed to do to watch out for issues like this and keep off installment any malicious apps? Geoff Webb, product marketing director for Credant Technologies says that imputable a lack of transparency for how information is stored by mobile apps, it is difficult to know whether an application is secure, insecure, or actively attacking your Android device. Webb cautions that businesses in special should be more careful just about allowing devices like these to connect to the meshing and memory access sensitive data of whatever kindly, stating, "Until these devices are being managed and bonded in at least the equal way as your corporate laptop computer surgery desktop system, the risk to data connected them is exit to beryllium high."