Skype Reveals Remote and Local IP Address Of All Online Users

44 responses

  1. S
    April 29, 2012

    Microsoft should absolutely fix this. Skype is used by activists worldwide who would not want their IP addresses revealed to oppressive governments.

    Reply

    • Vince D Lopez
      May 1, 2012

      Problem-reaction-solution, the Hegelian dialect.

      Microsoft tells us there is an inherent privacy problem with all Peer-to-peer software, the reaction is outrage or fear, the solution they will propose is to transit all the conversations via their servers, thus making the CISPA infinitely more effective.

      Reply

  2. Zoo
    April 29, 2012

    No, they should leave it alone. How are bored internet users gonna spend their time?

    Reply

  3. Spice
    April 29, 2012

    Had a friend of mine go through it. When you first visit it redirects to:
    http://skype-ip-finder.tk/govalidateyourself#%5Bnumbers%5D:%5Bport%5D:%5Bip%5D:%5Bport%5D/
    Basically, it creates a DB of everyone who visits. People who will go there will generally look themselves up, which is added to the DB at the beginning, then it just puts two and two together and makes the entry to the database so that your IP is applied to the username if it doesn’t already have an entry (I believe). The flash object in the bottom corner is from .skype.com, and is used in the “About Skype” section of the software, so that’s also nothing special.
    Also, as trivia, the server is hosted in Amsterdam and the host IP is malicious:
    http://support.clean-mx.de/clean-mx/viruses.php?ip=94.75.209.182&sort=first%20desc

    Reply

  4. DNS666
    April 29, 2012

    It’s probably legit. Presumably the site simply implements the scheme presented in this 2011 paper:

    http://cis.poly.edu/~ross/papers/skypeIMC2011.pdf

    The issue’s been known for a while (and Skype isn’t the only vulnerable service).

    -D.

    Reply

    • DNS666
      April 29, 2012

      And oh yes, this needs fixin’…

      Reply

  5. Spice
    April 30, 2012

    Is there any known way to add some opacity to this? Last thing I need is a few men in black coats kicking down my door and grabbing my computer based on my router’s DHCP table.

    Reply

    • Dino
      April 30, 2012

      Yea. Put your tinfoil hat on. Should keep the boogies away for a bit anyway

      Reply

  6. Leprechaun
    April 30, 2012

    Each forum can see your ip when you post.
    Each site can see your ip.
    Each application connected to the network can see your ip.

    Enough of this misinformation … you are ridiculous …

    Reply

    • Martin Brinkmann
      April 30, 2012

      But this is a passive look up.

      Reply

  7. bastik
    April 30, 2012

    Leaking applications and protocols are bad and therefor should be fixed.

    There are people relying on not being revealed by just their “screen-name” in Skype. I’m not affected and don’t care when one would see me IP.

    Reply

  8. John
    April 30, 2012

    Another reason to not use skype.

    Reply

  9. Rick
    April 30, 2012

    Here’s the exciting part for hackers. If they know you are using skype, and they know your IP and open port, injecting software onto your system COULD be more simple as they will be using a trusted application to do so.

    This “unveiling” is just the first step to a huge security issue.

    Reply

  10. Matias Aquino
    April 30, 2012

    Martin, I think your IP is not obfuscated on the top part of the last screenshot (left and right of the “Locate” button).

    Reply

    • Martin Brinkmann
      April 30, 2012

      Thanks and corrected.

      Reply

  11. Elijah Lynn
    April 30, 2012

    You state that “There is currently no way of protecting yourself against the lookup of the IP address” and then contradict yourself by going on to say that there is a way –> “The only other option would be the use of a virtual private network or proxy to hide the IP address from users who look it up.”

    Why don’t you just say “The only way of protecting yourself against the lookup of the IP address is to use a virtual private network or proxy to hide the IP address from users who look it up.”?

    Reply

    • Martin Brinkmann
      April 30, 2012

      You can’t protect yourself against the lookup, as the other party is still able to lookup your vpns or proxy’s IP address. These usually do not add full anonymity, as law enforcement and other legal parties may still get your real IP after all. I should have worded it more carefully though.

      Reply

  12. Hy
    May 1, 2012

    Does this work to look up a Skype user who is online on Skype but has their Skype status set to “Invisible”?

    Reply

    • Martin Brinkmann
      May 1, 2012

      This would be interesting to try out. Anyone tested this?

      Reply

  13. Kamal-Jit Khanna
    September 24, 2012

    In the recent past I had set up an skype ID to have video conversation with relatives and out of blue afetr few days of my last conversation with one of them (Out of two contacts) the ring tone sounds to which I responded but there was silence on the other side. I am just curious if I can track down the originating IP and location address of such individuals just to clear my suspicion and block it for ever. I did delete my first skype ID and set up new one this time two new skype ID show up without and contact from my side.

    Any help will be much appreciated. Thank you.

    Reply

  14. Craig Stadler
    December 21, 2013

    Martin, speaking of Skype and IM, have you seen this directory? http://www.search-im.com ?

    Reply

Leave a Reply

 

 

 

Back to top
mobile desktop