Re: Skype 2.0.0.97 Major BUG

[Dalibor Straka <dast () panelnet cz>]

On Thu, May 18, 2006 at 10:46:47PM +0000, Eliah Kagan wrote:
> Why is this a security problem at all? This seems to be an intended
> behavior that doesn't carry any security risk.
>
> If an untrusted person is able to sign on with my Skype account, or
> access my Skype sessions once logged on, then my security is already
> compromised. And if such a person is *not* able to do this, then they
> cannot exploit the "bug" of which you speak.
>
> It seems that it would be a useful feature for Skype to provide alerts
> in both simultaneous sessions telling of what is going on, but I
> wouldn't call the absence of that feature a "security hole."

A warning message would be very appreciated and appropriate solution.

-- Dalibor Straka