Skype For Android Can Leak Data To Malicious Apps

An anonymous reader writes "It appears that Skype account information on an Android phone remains readable by all in a standard installation, at least for certain versions of Skype out in the wild. That allows another potentially malicious app to know everything about you that Skype knows (contacts, history of whatever you've chatted about or who you called, phone numbers, personal information). Skype is said to be working to fix for what appears to be a simple file permissions issue. This sheds some more light on how much private information everybody gives away for free by just owning a phone with half a wrong chmod."

Skype permissions

[Anonymous Coward]

When you open Skype in the android market, it requests a skyscraper-high list of special permissions. When I saw that, I immediately decided to forget about it. There's no way that it could possibly need that much information to do its job, and now it looks like its even worse that I thought. Sucks that it leaks info like that, but kudos to Google for at least making the risk somewhat visible.

Re:Phew

[JustinCaseAP]

Why does it have anything to do with the OS? The app developer more or less "chose" to share information, even if they did not do it on purpose. No reason proper permissions nor encryption could not of been used.