Why Does Skype Read the BIOS? 327
pfp writes "Myria at pagetable.com, among others, noticed that Skype reads the machine's BIOS code on startup. This probably would've gone unnoticed if the operation didn't fail on 64-bit windows. From the post: 'It's dumping your system BIOS, which usually includes your motherboard's serial number, and pipes it to the Skype application. I have no idea what they're using it for, or whether they send anything to their servers, but I bet whatever they're doing is no good given their track record... If they hadn't been ignorant of Win64's lack of NTVDM, nobody would've noticed this happening.'"
Re:bad history? (Score:5, Informative)
Re:bad history? (Score:5, Informative)
Re:bad history? (Score:5, Informative)
Re:Processor info? (Score:2, Informative)
Reading the BIOS only gives information about the motherboard. With great difficulty, it might be possible to determine what processor familes the motherboard supports, but I'm not sure how.
--Justin
Re:Processor info? (Score:2, Informative)
Here's a question for you.... (Score:5, Informative)
Re:bad history? (Score:5, Informative)
Of course thie gave bad publicity to both Intel and Skype after AMD issued a subpoena [slashdot.org] against Skype and the fact that it was discovered that the software simply checked the processor ID and enabled the feature based on that. A patched version [slashdot.org] was also released which bypassed this artificial limitation.
Re:Processor info? (Score:3, Informative)
Re:To prevent abuse? Usage statistics? (Score:5, Informative)
Re:What about Macs ? (Score:5, Informative)
Ollydbg still works though.
Re:Processor info? (Score:3, Informative)
(*) = I don't know if CPUID is user mode under any OS or is dependent on some setting. RDTSC is user mode under Windows but not under Linux (there is some bit in some CRx register or whatever that determines whether RDTSC is privileged or not).
Re:Processor info? (Score:5, Informative)
As a former BIOS coder, I'll second that. Even if the BIOS did store some system specific info in Flash (on Embedded BIOSs sometimes this is done because CMOS is not reliable), there is NO way that Skype would know the format/place/meaning of this. It would be specific to a certain build of a specific BIOS for a specific board by a specific vendor.
In any case, the method described to dump the BIOS is not very likely to get anything close to the complete, original BIOS image to begin with. By dumping memory at F000:0000 through F000:FFFF, a 16 bit DOS program, under Windows, will get the memory resident part of the BIOS. Most BIOSs are far bigger than 64KB and the memory resident part is the decompressed runtime part, which is nothing like what the actual BIOS image looks like at boot time.
They are most likely using this in combination with other more or less 'unique' things to identify a specific machine. It wouldn't surprise me if after this some people would do a more in-depth analysis of their code and find out that it also reads the serial number of the harddrive and gets the MAC address of the Ethernet adapter.
Re:What about Macs ? (Score:5, Informative)
http://www.recon.cx/en/f/vskype-part1.pdf [recon.cx]
http://www.recon.cx/en/f/vskype-part2.pdf [recon.cx]
seeding a random function (Score:1, Informative)
why always feed it with zero or get-ticks-since reboot?
bye
Re:Processor info? (Score:5, Informative)
GetSystemInfo() in Win32 and GetNativeSystemInfo() in WoW64 will give you some CPU information:
It will tell you if your running on Intel, IA64 or AMD64, it will also identify 386, 486 and Pentium, Processor Level and Stepping and processor Revision. I think this will be sufficient in most cases to identify the CPU.
Re:Finally... (Score:5, Informative)
The audio quality over my MacBook, through a public WiFi network, through a very restrictive firewall, across the net, through another anally restrictive corporate firewall, across a nearly saturated WAN, to my client's desk is much, much better than using my digital mobile phone.
The ease of use is great. We whip together video calls or conference calls all the time and never have to worry about getting a third party involved to set it up for us.
Being able to call out is fabulous also. I've spent a lot of time in ICU's lately where I'm not able to use the mobile phone, but am able to use the WiFi network. It is very neat to be able to phone from an ICU to pretty much anyone (Skype or phone) with the option for video if they are on Skype also.
The Jabber community just hasn't gotten their stuff together quick enough. There was plenty opportunity to beat Skype to market, but no one else, using open protocols, got the job done. I wish they would have.
Joe
Re:Hmmm.....what could you do with this? (Score:4, Informative)
That Blackhat link is very interesting, thanks. Deliberate spying behaviour aside, Skype doesn't seem a very trustworthy app!
Re:Processor info? (Score:5, Informative)
Fact 2: That's usually where the SMBIOS pointer is found.
Fact 3: It's easy (and the only way really) to scan for SMBIOS and find it.
Fact 4: SMBIOS *does* often contain serial numbers and hardware details.
Another reason not to use Skype (Score:4, Informative)
Re:Don't like it one bit. (Score:1, Informative)
Re:Finally... (Score:1, Informative)
Re:Their Spyware Past (Score:3, Informative)
Re:About figures (Score:2, Informative)
Re:NSA conspiracy (Score:3, Informative)
The session keys, however, are ephemeral if I'm reading Tom Berson's Skype security analysis [skype.com] correctly. See sections 3.3 and 3.4.1 in particular. The attack vector would be to impersonate one endpoint, which you could do with the Skype network private key.