It based on deobfuscated Skypekit runtime that write clear debug log.
Wrapper just make vcard refresh from p2p skype network and then parse debug log.
Here is the sources of python wrapper https://github.com/zhovner/Skype-iplookup/
Exception AttributeError: "SkypeKit instance has no attribute 'socket'" in <bound method SkypeKit.__del__ of <skypekit.SkypeKit instance at 0x117d7a0>> ignored
Unable to create Skype instance
Any idea to fix this problem?
Also you need edit keypair.py
Please create all issues on github.
Thank you in advance man
P.S. issue opened on github ;)
MacOSX Lion, Safari [SP], Skype is installed and on, don't know what else I can tell you...
The interesting thing is that they do this without making a call. They only request contact information. This could be avoided.
Skype can mitigate this, but in the end, there is little more to be done. If you want a p2p network where anyone can be reached, at some point, you will need ips.
You don't have to be even logged in for this to work(!) according to some already published research.
(The site doesn't work so I haven't read the article.)
I wanted to see if i could find someone. Went onto twitch.tv. Picked a random stream. Got email. Looked up Skype id from email. Searched for skype id which gave me the IP and the small town where they currently reside.
Its worrying how easy this makes it to find someone.
My IP resolves to a location ~20 miles away. I don't see why having a Skype contact and knowing a 20 mile radius where they live is anything to worry about?
The risk of being DDOSed when you share a contact on Skype and they find out your IP address is hyperbole.
To creator: very impressive stuff, congrats.
Does anybody have a good short-list of Skype alternatives? I don't know that its possible for me to stop using it altogether, but I'd certainly consider cutting back...
But, it doesn't support the Skype protocol, and it runs on Java, with which some people have an issue (but also allows for cross-platform compatibility).
So is this a fixable leak, or something core to the protocol (i.e. do you request a buddy P2P too?)
Either way, it's great to know that this is possible.
Why the heck did MS pay so much for it?
Skype has a huge userbase. They can always migrate that userbase to a different technology later if they think it's worth it.
I sure hope they fix this before they get sued into oblivion for this blatant privacy breach.
EDIT: I queried the deletion with a moderater. Was informed it had been moved to the forums admin area to be discussed at their next meeting. He said he agreed it looks like a serious problem so they are aware.
Interesting to hear that they're deleting it, though.
I mean - it's one thing if Skype was advertising itself as a privacy protecting, identity hiding service... but they don't. They provide convenient A/V connections.
It also implies that they'll open the email, which most average people won't do unless they know the sender or are otherwise expecting an email.
It's not exactly shocking, but it certainly shouldn't be able to happen until you've approved a person as a contact.
Bet you're a Mac user?