back to article Infosec bods: This is a backdoor in Skype for Macs. Microsoft: No.

A security hole in Skype for OS X allowed installed apps to silently delve into the user's chat logs, record their calls, and leaf through their contacts. The authentication bypass vulnerability was discovered by security researchers at Trustwave SpiderLabs, which described the flaw as a backdoor that allowed access to all …

  1. Anonymous Coward
    Anonymous Coward

    Well it's lucky that OS X doesn't exist anymore so doesn't affect anyone :p

    1. Anonymous Coward
      Anonymous Coward

      I guess if you're in a cross-platform shop, you could run into it by being forced to use BizSkype to be chat compatible with the Windows admins, but otherwise there is already FaceTime. Skype has been off my Mac Menu since it was broken off from the Ebay/PayPal/Skpye Trinity.

      Trinity is what the internal interconnection betwixt those three heavily connected properties was known as.

    2. chivo243 Silver badge

      I upvoted you, but there is still OS X. My old G5 still runs OS X 10.5.8. It would be nice if it could run macOS...

      And this isn't news unless you have skype auto update turned off... I'm past the version(s) in question and never manually update.

  2. Anonymous Coward
    Big Brother

    "Redmond doesn’t do backdoors"...

    Exactly... these days they just come in through the front door...

  3. kryptylomese

    Mac Security LOL

    You don't buy a Mac for security, you buy it because it is pretty and you are dumb!

    1. Dan 55 Silver badge

      Re: Mac Security LOL

      Isn't this a Skype problem?

      1. Anonymous Coward
        Anonymous Coward

        Re: Mac Security LOL

        You don't install Skype for security either…

      2. DMcDonnell

        Re: Mac Security LOL

        Sure sounds like a problem with Skype itself. Send Skype server the correct string of characters and get back information you shouldn't be allowed to get. Sent from any OS.

    2. kryptylomese

      Re: Mac Security LOL

      In this case, this is about Skype. However OSX is well known to be weak securitywise. I am interested to know why people buy Macs (is it for OSX or is it because the hardware looks pretty?)

      1. Dan 55 Silver badge

        Re: Mac Security LOL

        In my case UNIX command line & environment, nice GUI (I'm too old for Linux's shit), and reliable fixable hardware. However the hardware stopped being that long time ago and the GUI's getting iOSified.

        1. Anonymous Coward
          Anonymous Coward

          Re: Mac Security LOL

          and reliable fixable hardware

          /me looks at 2008-era MacBook with bloated-like-a-puffer-fish battery that overheats and craps itself the moment the CPU gets pegged at 80% for more than 3 seconds… then looks at much older 2003-era Toshiba Pentium 4M laptop that has still semi-working battery and runs fine in-spite of its age.

          Yep, you had me until you said that.

      2. Tachikoma
        Trollface

        Re: Mac Security LOL

        I am interested to know why people buy Macs

        So they can tell everyone they bought one

        1. steamrunner

          Re: Mac Security LOL

          Why have a Mac? I am, in short, a networking specialist. I build and support IT networks, of various shapes and sizes, for numerous clients. This means connecting to multiple networks, multiple clients, multiple different types of routers, switches, firewalls, servers, and so forth, pretty constantly. I'm usually remoted in to a whole pile of different things and places at once, pretty constantly. I live and breath both Windows and Linux servers daily, including both on-prem, virtualised and cloud systems. My weapon of choice to get me on to all this stuff: A MacBook pro. In particular for multiple networks: a Mac can handle multiple networks and connections at the *same time* much (much) better than Windows can. Switching networks, adding/removing additional interfaces, running multiple different VPN clients at once, not worrying about driver updates, etc etc so on and so forth: all so much easier and so much more reliable than on Windows. Reliability is key, especially when someone's network or system is up the creek and you're trying to fix it. Whilst I like to 'twiddle' with things as most techies do, it's critical that my system stays working. No muss, no fuss, just works. Plus, of course, I can *also* run Windows for those moments when I need to - and that Windows can sit on top of all the Mac networking, which is even more useful (my virtual Windows can use all my Mac networking and VPN tools for example). It also slaves to my phone for mobile access with zero issues, and the VPN solutions available are... shock, horror... very stable. Using a pure Windows laptop would be a right PITA in my case. We're not all creatives. Some of us do real work :-)

      3. Anonymous Coward
        Anonymous Coward

        Re: Mac Security LOL

        >However OSX is well known to be weak securitywise. I am interested to know why people buy Macs

        Most people who buy Apple are insecure IME - easy 90% hit rate with iWatch bearers.

  4. Mikel

    Backdoor implies deliberate intent

    Of course Microsoft would plead incompetence before malice.

    But does it matter?

  5. patrickstar

    So, something running on the same computer with the same privileges as Skype can compromise it? Not exactly something that would keep me up at night worrying about... Isn't this, like, how computers work?

  6. Will Godfrey Silver badge
    Coat

    What is this 'Skype' of which you speak.

    Yes, I know. Got it, going.

  7. Zippy's Sausage Factory
    Trollface

    In other words "dodgy old API that's already discontinued found to be dodgy".

    And that's what passes for cutting-edge security research, folks...

  8. John Brown (no body) Silver badge

    "encourage customers to always upgrade to the latest version."

    Yeah, we all did that with the pushed update to the DHCP client and look where that ended up :-p

  9. John Smith 19 Gold badge
    WTF?

    Did not ask for

    Do not want

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like