__/ [ raylopez99 ] on Wednesday 07 February 2007 21:06 \__
> On Feb 7, 11:30 am, Roy Schestowitz <newsgro...@xxxxxxxxxxxxxxx>
> wrote:
>> Skype Reads Your BIOS and Motherboard Serial Number
>>
>> ,----[ Quote ]
>> | An unreadable executable file coming from Skype sounds interesting,
>> | so I look at it. It's 46 bytes long. For copyright reasons I can't
>> | post the file or a complete disassembly. However, I can describe
>> | the program in terms of 16-bit DOS C:
>> |
>> | int main(void)
>> | {
>> | fwrite((const void far*) 0xF0000000, 1, 0xFFFF, stdout);
>> | fwrite((const void far*) 0xF000FFFF, 1, 1, stdout);
>> | return 0;
>> | }
>> |
>> | It's dumping your system BIOS, which usually includes your
>> | motherboard's serial number, and pipes it to the Skype application.
>> | I have no idea what they're using it for, or whether they send
>> | anything to their servers, but I bet whatever they?re doing is no
>> | good given their track record.
>> `----
>>
>
> That's interesting. Think of the bright side though: it could have
> been worse-- if they did not include "const" as a modifier to the
> pointer, they could have changed your BIOS settings.
At least /someone/ is watching the code... and that person isn't even
authorised to do so.
CSS: "Here. Have this blob. Just run it. It does... stuff."
--
~~ Best wishes
Roy S. Schestowitz | $> wget -r -erobots=off http://www.*
http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
11:20pm up 15 days 23:38, 6 users, load average: 0.41, 0.76, 0.90
http://iuron.com - Open Source knowledge engine project
|
|
