Skype reads out BIOS data

heise-security.co.uk — The Windows version of the video and telephony software Skype reads and stores the BIOS data of a users computer. As a hacker with the pseudonym Myria reports in a blog entry, once the software is launched it saves an executable file called 1.com in the user's temporary folder. This file contains code that transmits the data found in the BIOS. Feb 8, 2007 View in Crawl 4

Save
Bury

76 Comments

lamtd Feb 9, 2007

0 diggs
-0 / +0

Show Buried Comment
Report

Digg
Bury

FTA: "Interestingly, the Skype software apparently also attempts to prevent the contents of .com file that it has created, from being examined. Myria writes that the file could only be opened after the system had been rebooted because of a forced kernel panic."Okaaaay, so what is a "forced kernel panic" exactly, and how come it happens the first time you try to open a file, but not the second time ? Sounds alot like bulls**t coming from a wanabee-hacker to me, there is no way a software can force a "kernel panic" on Windows XP. Even though you *could* use a hook to detect if the file is being opened or not, that sounds like a very twisted way to proceed, considering it would be much less hassle to just read from the BIOS and store the data in memory. Or even in the registry.

r1ch Feb 9, 2007

0 diggs
-0 / +0

Show Buried Comment
Report

Digg
Bury

Dude, did you actually read the linked article? He explains exactly how he forces a "kernel panic" - by killing winlogon.exe using windbg. The "forced kernel panic" does not occur when reading the file - he forced one to enable him to read the file that was locked even after the process terminated. Probably overkill but certainly not bulls**t from a wanabee-hacker.