By Stephen Schenck | April 15, 2011 1:29 PM
We trust plenty of personal data to our smartphones, and that involves distributing that trust across a whole bunch of parties. We need carriers to securely transmit our data, operating systems that manage permissions to read and modify that data, as well as the apps that we use to store it in the first place. Problem is, that creates lots of opportunities for something to go wrong, as looks to be the case with Skype on Android, just revealed to pose a potential threat to your privacy.
The problem is an oversight in how Skype stores personal data on your Android device. Though the OS has protections in place to keep one app from reading another’s data, Skype neglects to set the proper access permissions when creating certain files. This means that another app running on your phone could sneak a peek at that data with no problems. It wouldn’t be an issue if the files were encrypted, but they’re in plain text, revealing all your contact info, the contact info that you’ve stored for friends and colleagues, as well as full chat logs. Altogether, that information could range from the benign, to the embarrassing, or worse.
Skype has responded that it’s on the case, and is working to update the app to make sure it sets the proper permissions. In the meantime, if you want to keep Skype installed, just be careful what other apps you load on your smartphone – it just takes one with malicious intent to read all of Skype’s secrets.