Wed 7 Feb 2007
Skype Reads Your BIOS and Motherboard Serial Number
Wednesday, Feb 7th, 2007 at 8:26 amCategories: Computers; Privacy
Posted by Administrator
Skype (covertly) learns a lot about your computer
Users of Skype that run 64-bit versions of Windows like me probably have noticed that … Skype’s trying to run a .com file, which won’t work on Win64 because there’s no NTVDM. Let’s try opening it in Hex Workshop. Access denied? OK, I’ll terminate Skype to read it. Still can’t?! This thing is really starting to annoy me. I’ll use WinDbg to terminate winlogon.exe to force a kernel panic. I reboot and NOW I can read the damn file.
An unreadable executable file coming from Skype sounds interesting, so I look at it …. It’s dumping your system BIOS, which usually includes your motherboard’s serial number, and pipes it to the Skype application. I have no idea what they’re using it for, or whether they send anything to their servers, but I bet whatever they’re doing is no good given their track record.
Via SlashDot.
BIOS coder opinion - discussion @ SlashDot
Reading your BIOS to determine CPU ain’t gonna be useful. I doubt any BIOSes store info on which CPU is on the board.
As a former BIOS coder, I’ll second that. Even if the BIOS did store some system specific info in Flash (on Embedded BIOSs sometimes this is done because CMOS is not reliable), there is NO way that Skype would know the format/place/meaning of this. It would be specific to a certain build of a specific BIOS for a specific board by a specific vendor.
In any case, the method described to dump the BIOS is not very likely to get anything close to the complete, original BIOS image to begin with. By dumping memory at F000:0000 through F000:FFFF, a 16 bit DOS program, under Windows, will get the memory resident part of the BIOS. Most BIOSs are far bigger than 64KB and the memory resident part is the decompressed runtime part, which is nothing like what the actual BIOS image looks like at boot time.
They are most likely using this in combination with other more or less ‘unique’ things to identify a specific machine. It wouldn’t surprise me if after this some people would do a more in-depth analysis of their code and find out that it also reads the serial number of the harddrive and gets the MAC address of the Ethernet adapter.
[slashdot.org: SlashDot]
Bad History? - discussion @ SlashDot
[Bad history] could be referring to the time where Skype would only allow 10-way conference calling on dual-core Intel processors. Those running AMD processors could only have 5-way conference calls. At the time they cited the “technical superiority” of Intel processors over AMD ones.
Of course thie gave bad publicity to both Intel and Skype after AMD issued a subpoena against Skype and the fact that it was discovered that the software simply checked the processor ID and enabled the feature based on that. A patched version was also released which bypassed this artificial limitation.
[Cocoshimmy: SlashDot]
Conspiracy Theory - discussion @ SlashDot
I am gonna repeat my grand conspiracy theory: It is my belief that eBay’s purchase of Skype was somehow coaxed by the NSA/CIA and here is why: Ebay’s purchase of Skype never made sense.
Ebay could have included skypeout:// links in their auctions without spending a penny. That would be like saying slashdot can’t use IM unless they buy AOL. Skype spent way above considered market value for Skype and their share holders have applied no real pressure to have it turn a profit. This makes the transaction suspicious.
The reason of course if because prior to the eBay’s purchase Skype was owned in Luxembourg and definitely not an ideal partner for eavesdropping on “terra’rists” (given those crazy European privacy laws).
Given that the calls are encrypted, and that Skype does maintain the keys to decrypt those session, getting Skype under US subpeona power is a powerful tool for eavesdropping. Infact, because it is VoIP for most if not all of the calls, it can easily route traffic into the US were it can be picked up, decoded and monitored. Or, since it is known that open IP’s become super nodes, Skype can naturally be coaxed into steering packets toward a super-node that can easily be monitored.
I use to work for the company that wrote Carnivore. People got worked up over that? It was only the prototype.
[sideswipe76: SlashDot]
Leave a Reply
You must be logged in to post a comment.
Next Post:
Panic Bloom Economy
Previous Post:
Flow Chart