There’s been a lot of buzz around the internet over the past couple of days concerning the privacy hole found in Skype for Android by Android Police. Now, let me preface what I’m about to say with this: I’m a huge fan of privacy and security. I’ve dabbled in network penetration testing and overall security, and I know what it means to stay secure. Now with that being said, let me say this:
“The privacy hole isn’t a huge deal.”
Now, I’m waiting for the flaming to commence, but hear me out. The vulnerability works by using a malicious third party app to steal information from the Skype app. That means, in order to exploit the vulnerability, you have to have downloaded a malicious app onto your phone. Sure, we’ve seen some pop up in the Market in the past, but most malicious apps come from attempting to pirate perfectly legitimate APKs.
So, kudos to Android Police for revealing the exploit, as we’re all about security and privacy, but remember – Joe Plumber probably doesn’t have too much to worry about.