HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
Skype to hide IP addresses by default, protecting gamers everywhere
Microsoft has rolled out a new version of the desktop Skype client that should make users of its service a little safer from denial-of-service attacks. The Skype client has long leaked IP address information, allowing other users on the network to determine which IP address is being used by an account. A number of online services of various degrees of shadiness offer instant IP address lookups, and historically at least, these have worked effectively.
This leakage has been particularly widely abused in gaming communities. Many professional Dota 2 games last year were disrupted by denial-of-service attacks. Players were forcibly disconnected from the game, causing their team to play at a 4-versus-5 disadvantage. Skype, which is often used for coordinating games and in-team communication, was routinely fingered as the culprit since it leaks the IP address information of the players and thus enables these attacks.