Skype Reads Your BIOS and Motherboard Serial Number

Users of Skype that run 64-bit versions of Windows like me probably have noticed that when starting Skype, the following dialog box appears:

The program or feature “\??\C:\Documents and Settings\Myria\Local Settings\Temp\12\1.com” cannot start or run due to incompatibility with 64-bit versions of Windows. Please contact the software vendor to ask if a 64-bit Windows compatible version is available.

Well, that’s weird. Skype’s trying to run a .com file, which won’t work on Win64 because there’s no NTVDM. Let’s try opening it in Hex Workshop. Access denied? OK, I’ll terminate Skype to read it. Still can’t?! This thing is really starting to annoy me. I’ll use WinDbg to terminate winlogon.exe to force a kernel panic. I reboot and NOW I can read the damn file.

An unreadable executable file coming from Skype sounds interesting, so I look at it. It’s 46 bytes long. For copyright reasons I can’t post the file or a complete disassembly. However, I can describe the program in terms of 16-bit DOS C:

int main(void)
{
fwrite((const void far*) 0xF0000000, 1, 0xFFFF, stdout);
fwrite((const void far*) 0xF000FFFF, 1, 1, stdout);
return 0;
}

It’s dumping your system BIOS, which usually includes your motherboard’s serial number, and pipes it to the Skype application. I have no idea what they’re using it for, or whether they send anything to their servers, but I bet whatever they’re doing is no good given their track record.

In 32-bit Windows NT, including Vista, the kernel permits NTVDM to make a read-only mapping of the BIOS at address 000F0000. This allows DOS programs running under NTVDM to make use of the BIOS. That’s how this 46-byte program is capable of sending the BIOS to the Skype application, and also explains why they use this mechanism to begin with.

If they hadn’t been ignorant of Win64′s lack of NTVDM, nobody would’ve noticed this happening.

pixelstats trackingpixel

286 Responses to “Skype Reads Your BIOS and Motherboard Serial Number”

  1. [...] klientas? Susidomėjusiems – Firefox profilo skaitymas nėra vienetinis atvejis. Skype aktyviai nuskaito BIOS nustatymus, kurie apskritai neturėtų turėti naudingos informacijos tokiai programai, kaip Skype. Skype [...]

  2. [...] Skype Reads Your BIOS and Motherboard Serial Number – заметка в йНОго, разоблачающая махинации, скрыто проделываемые Skype, читающим BIOS и серийный номер материнской платы: http://www.pagetable.com/?p=27. [...]

  3. El Novi says:

    Привет всем!
    А почему собственно осНи программа вычисляет адреса йиОса и другие параметры системы Она вредить собирается? Она может делать обратную суППу иС части йиОса (напр. 1024байта) – Он ведь но изменяется программно (ну иНи почти) – почему-бы но использовать эти данные для аутентификации уникального ключа который используется для шифрования.

  4. [...] and apparently, Skype Reads Your BIOS and Motherboard Serial Number upon startup. Now thats a nasty backdoor and privacy threat. What better way to catalog the [...]

  5. Peps says:

    Они могут накапливать в своей базе серийник вашей мамки + твой логин. А значит следить какие логины использовались на одном компе.
    Сам факт какого-то постороннего кода уже подозрителен.. Что-то здесь не то!

  6. Прикольный биос получается!

  7. Yea and itunes installed something similar. I bet everything does

  8. ?????? says:

    I bet everything does.Yea and itunes installed something similar. I bet everything does

  9. Frak Jovine says:

    Thankfully this was solved a while back, but it could be re-engineered elsewhere. Nice post!

  10. [...] Skype Reads Your BIOS and Motherboard Serial Number – ??????? ? ?????, ????????????? ?????????, ?????? ????????????? Skype, ???????? BIOS ? ???????? ????? ??????????? ?????: http://www.pagetable.com/?p=27. [...]

  11. Borislav Sabev says:

    I;d rather they didn’t do this, but here:
    http://blogs.skype.com/security/2007/02/skype_extras_plugin_manager.html
    they explain why. Still, the Privacy Agreement is met…

    “Of course, in line with our Privacy Agreement, Skype does not retrieve any of this data. It is only used by the EasyBits software to ensure that plug-in use complies with the appropriate license token or key.”

  12. mean games says:

    mean games…

    [...]Skype Reads Your BIOS and Motherboard Serial Number « pagetable.com[...]…

  13. hacker hack hackers security…

    [...]Skype Reads Your BIOS and Motherboard Serial Number « pagetable.com[...]…

  14. Really i am impressed from this post….the person who created this post is a genious and knows how to keep the readers connected..thanks for sharing this with us.i found it informative and interesting. Looking forward for more updates..

  15. dom says:

    In this day and age its always good to be on the alert. We all benefit in some way when knowledge is power. Power to people i say! It will always keep these huge companys on the alert, instead of big brother watching us, its our turn to keep watch on them. Good post!

  16. eddi4 says:

    Teper’ skajp sam sebia obnovliaet, neobxodim DotNet.4 i kak minimum Vista, dla poiska. inache voobshe fignia na ekrane.
    Podozrevaju 4to on eshe i proveriaet vxodiashie magnet linki – tipa torrenta itd.

  17. AHMAD says:

    Scabi very good site and I want to subscribe to

  18. AHMAD says:

    200
    62326?+65
    3+

    5++

    965

  19. Do you mind if I quote a couple of your posts as long as I
    provide credit and sources back to your site? My blog site is in the very
    same area of interest as yours and my visitors would genuinely benefit from a lot
    of the information you present here. Please let me know if this
    alright with you. Regards!

    Also visit my website; best seo companies

  20. ?????? says:

    Hi! I’ve been following your weblog for some time now and finally got the bravery to go ahead and give you a shout out from Porter Tx! Just wanted to mention keep up the fantastic job!

    Feel free to visit my site – ??????

  21. is it always true ? did they change somethings because of your post ?

  22. christmas says:

    This is very attention-grabbing, You’re an overly professional blogger.
    I’ve joined your feed and look forward to seeking
    extra of your great post. Additionally, I have shared your
    website in my social networks

  23. Isagenix Reviews…

    Skype Reads Your BIOS and Motherboard Serial Number ? pagetable.com…

  24. Hi there! This post could not be written any better!
    Reading this post reminds me of my previous room mate!
    He always kept talking about this. I will forward
    this article to him. Fairly certain he will have a good read.
    Thanks for sharing!

  25. Chassidy says:

    Aw, this was a really good post. Finding the time and
    actual effort to make a great article? but what can I say? I
    put things off a whole lot and don’t seem to get anything done.

  26. I think the admin of this web page is really working hard in favor of his website, as here every material is quality
    based material.

  27. Mudbox is a software for 3D sculpting and painting which is developed by Autodesk.
    The 1st Facebook game I would like to talk about is the king of classics.
    frame pieces, hardware pieces, backboard pieces, scorekeeper pieces,
    etc.

  28. You are so cool! I do not believe I’ve read through something like that before.

    So great to find another person with a few unique thoughts on
    this subject matter. Really.. thanks for starting this up.

    This site is one thing that’s needed on the internet, someone with a bit
    of originality!

  29. This kind of game gives a real experience of building a farm and planting trees.
    At present, you have the opportunity not only to communicate but also to have fun in social networks.
    The player had his picture, albeit with a strange grimace and geeky affects.

  30. I do not know if it’s just me or if everybody else experiencing
    problems with your blog. It seems like some of the text on your
    content are running off the screen. Can somebody else
    please comment and let me know if this is happening to them
    as well? This may be a problem with my internet browser because I’ve
    had this happen previously. Cheers

    Feel free to surf to my website … get verified on facebook

  31. It’ll also save a lot of cash and time for those
    on a restricted budget who want to successfully expand their
    companies. They can collect information about opinions and evaluation of
    their product. Procedures to developing a cell
    phone game start by creating a plan, followed by creating the artwork, then developing your own gameplay,
    next is combining the artwork and gameplay, and lastly is by posting your
    brand new game on the web for income.

  32. Because here is a list of multiplayer games is that the leave
    was asked for more. The Alex Cross series began in 1992
    with the publication of Along Came a Spider. ‘ Just like many other
    ‘free to play’ games there are always way to spend your money within the game.

  33. If some one needs expert view on the topic of running a
    blog afterward i propose him/her to visit this website,
    Keep up the nice work.

    Feel free to surf to my page :: pirater facebook

  34. Although most guides will inform you strategies of choosing
    up girls and they say that you are not ready to be successful all the time but when you invite
    ten girls you may possibly succeed with two or 3. Most of the time the
    client is not aware of these habits, and it requires some real work on my part
    just to convince them that they exist in the first place.
    The best seductions I’ve ever done were always the ones where I made a critical error.

    Stop by my homepage: Christian Hudson

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word