Security Hole in SAM Skype VoiceMail

1 Comment

Andy seems to have found a big security hole in SAM Skype’s voicemail beta. (This is not to be confused with the official voicemail beta project by Skype!)

I called a colleague using skype, not knowing he was in another skype session. His Skype Answering Machine picked up and I left a message. First the parties on the call with him heard me. Secondly, I heard them. Both calls were clear as a bell to the others. The bottom line is while this piece of software is not Skype’s own, how the program was able to clearly hear an and ease-drop on “encrypted” transmission is beyond my technical abilities, but it happened and the person on the other end told me too. But this begs the question of should you be using Skype for sensitive calls.

1 Comment


This is no hole in Skype Answer Machine(SAM). The method that SAM uses to capture the messages are not that good.. this is the problem. When SAM accepts a call, It just listens to all data on the sound card and just puts into an audio file. Both the audio from speakers and mic goes into the sound card.. Thats the problem.. However, not a security hole.. SAM should change this method.. but again its having limited powers from skype’s API’s..

Comments are closed.