Coffeehouse Thread

21 posts

Skype wants your BIOS

Back to Forum: Coffeehouse
  • User profile image
    Another_​Darren

    http://www.pagetable.com/?p=27

    Anyone want to have a guess at why Skype want a copy of your BIOS?

  • User profile image
    Cornelius Ellsonpeter

    Although I never used Skype, it is a little odd. It wouldn't take much to send that information back to a database.

    Say...didn't Lenn (a founding Niner here) go over to Skype? Perhaps he could answer that...

  • User profile image
    littleguru

    Doesn't Skype say on their web site that they are ad and spyware free? I wonder if somebody in the US is going to sue them now Tongue Out

  • User profile image
    ScanIAm

    Someone posted in the comments a pretty plausible reason for this.  Since Skype is P2P, they need to uniquely identify each node.  Further, they probably need that identity to be repeatable.  You can be pretty sure that if you put the Serial Number and Bios Model together, you can get a unique number that will repeat.  This means that they can:

    1) associate your 'phone number' with your computer
    2) make sure you are uniquely identified on the network


    If you notice, it doesn't read your whole BIOS, it just reads a few pieces of info and there is nothing that says that this info is sent back to Skype headquarters.

  • User profile image
    AndyC

    Generating some form of unique hash from the BIOS serial number so they can identify if you move machines makes sense. Getting that info by doing some sort of nasty DOS dump rather than just querying WMI is just unforgivable though. Tongue Out

  • User profile image
    blowdart

    AndyC wrote:
    Generating some form of unique hash from the BIOS serial number so they can identify if you move machines makes sense. Getting that info by doing some sort of nasty DOS dump rather than just querying WMI is just unforgivable though.


    But Skype isn't linked to a single machine anyway, so why would they need that information?

  • User profile image
    AndyC

    blowdart wrote:
    
    But Skype isn't linked to a single machine anyway, so why would they need that information?


    So they know which of the machines I'm currently at to direct calls to?

  • User profile image
    blowdart

    AndyC wrote:
    
    blowdart wrote:
    But Skype isn't linked to a single machine anyway, so why would they need that information?


    So they know which of the machines I'm currently at to direct calls to?


    You're running the software; it knows from that surely.

  • User profile image
    AndyC

    blowdart wrote:
    

    You're running the software; it knows from that surely.


    But if I want to transparently roam between machines without constantly signing in/out would that be enough?

  • User profile image
    blowdart

    AndyC wrote:
    
    blowdart wrote:

    You're running the software; it knows from that surely.


    But if I want to transparently roam between machines without constantly signing in/out would that be enough?


    And how would reading the BIOS help? The software would be running on multiple machines, so how would it know where to forward to?

  • User profile image
    AndyC

    Well, if you had a routing table that was keyed by some sort of unique id (which may or may not came from the bios serial number) then surely you can use that coupled with notification of which id was most recently active to attempt to intelligently direct a call.

    There may well be better ways, I'm just speculating.

  • User profile image
    ScanIAm

    blowdart wrote:
    
    AndyC wrote: 
    blowdart wrote: 

    You're running the software; it knows from that surely.


    But if I want to transparently roam between machines without constantly signing in/out would that be enough?


    And how would reading the BIOS help? The software would be running on multiple machines, so how would it know where to forward to?


    Each phone has to be unique, not each user.  They can set up software that forwards your calls to whichever phone you use, but they need a way to identify an actual phone. 

    It's analogous to what is done at the junction box right before your house.  Your phone line is given a unique spot on the punchout panel and the phone company uses that to make your phone ring.  The phone number that everyone uses is simply a shorthand for that.

  • User profile image
    blowdart

    AndyC wrote:
    Well, if you had a routing table that was keyed by some sort of unique id (which may or may not came from the bios serial number) then surely you can use that coupled with notification of which id was most recently active to attempt to intelligently direct a call.

    There may well be better ways, I'm just speculating.


    Indeed. How about the last used machine registering itself; via UDP (a bit like it works now). Even with multiple machines behind NAT you could do uPNP to get unique ports and forwarding. I really can't think of a decent reason to sweep the BIOS

  • User profile image
    ScanIAm

    blowdart wrote:
    
    AndyC wrote: Well, if you had a routing table that was keyed by some sort of unique id (which may or may not came from the bios serial number) then surely you can use that coupled with notification of which id was most recently active to attempt to intelligently direct a call.

    There may well be better ways, I'm just speculating.


    Indeed. How about the last used machine registering itself; via UDP (a bit like it works now). Even with multiple machines behind NAT you could do uPNP to get unique ports and forwarding. I really can't think of a decent reason to sweep the BIOS


    Then why do MAC addresses exist?

    Why do they need to be unique on the local network?

    This is all just speculation, so take it with a grain of salt, but even in your uPNP above, your network card needs to be unique. 

  • User profile image
    blowdart

    ScanIAm wrote:
    
    Then why do MAC addresses exist?

    Why do they need to be unique on the local network?

    This is all just speculation, so take it with a grain of salt, but even in your uPNP above, your network card needs to be unique. 


    Well yes, but macs don't go past the router, so can't be used for indentification over the internet as a whole.

  • User profile image
    ScanIAm

    blowdart wrote:
    
    ScanIAm wrote: 
    Then why do MAC addresses exist?

    Why do they need to be unique on the local network?

    This is all just speculation, so take it with a grain of salt, but even in your uPNP above, your network card needs to be unique. 


    Well yes, but macs don't go past the router, so can't be used for indentification over the internet as a whole.


    Why can't they be used as a universal identifier?

  • User profile image
    msemack

    ScanIAm wrote:
    Why can't they be used as a universal identifier?


    Not sure if this answers the question, but MAC addresses are not universally unique.

  • User profile image
    AndyC

    msemack wrote:
    
    Not sure if this answers the question, but MAC addresses are not universally unique.


    Er, they are supposed to be. Networks could seriously break if they weren't.

    As for UDP or UPnP, not much use behind a strict corporate firewall and it's the corporates Skype seem to be targeting these days.

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.