J. P. Gilliver (John) said:
Does their system actually recognise individual computers, then? I
would have thought this difficult to implement, with modern NAT
routers.
Any program running on your host can generate a fingerprint based on
whatever criteria the coder decided. For example, when you visit a site
where you allow it to run Javascript in the web browser running on your
host, it can find out THAT host's IP address rather than report the
WAN-side IP address of the NAT router. A program running on your host
could look at the BIOS' firmware signature, what CPU you had, amount of
memory, number of drives, their manufacturer, and their firmware sigs,
what OS you are running (version, edition), get your hostname,
workgroup, list of programs, and so on. I can create a "device"
signature used to identify THAT one. It may not be unique across all
users but it is probably more than unique enough for each account.
When they say that they "may" collect information from your computer but
which is not personally identifying, yeah, they aren't identifying YOU
as the legal identification of the person but that doesn't preclude them
from fingerprinting the computer.
If you visit with a web browser (instead of a client program), they can
still generate a [partial] fingerprint of you based on what web browser
connected to them (the User-Agent and other HTTP headers), what add-ons
it had installed (which ones were active), system fonts, your version
and edition of OS, your timezone, if they can save a cookies, if cookies
are enabled or not, and anything else that Javascript can collect.
Javascript has its security model. That is not a privacy model. Visit
http://panopticlick.eff.org/ to see what they could use for a
fingerprint of your visit. When I went there and did their test, they
said "Your browser fingerprint appears to be unique among the 2,760,048
tested so far." Well, 2 million isn't super high but just how many
users have visited there? Probably 2 million. They also state
"Currently, we estimate that your browser has a fingerprint that conveys
at least 21.4 bits of identifying information." Well, 21 bits seems a
long enough fingerprint to me.
Then consider they are running Javascript versus a client program you
installed on your host and either gets all the same privileges of the
Windows account under which you login or has been granted (by you)
elevated privileges because, gee, they said they needed it for their
program to work correctly. The same info and much more can be collected
by a client running on your host to generate an even longer fingerprint.
So, yes, a client running on your host can identifying it well enough,
especially when considering they are differentiating hosts only within
the scope of a single account, to know which "device" is connecting to
that account.
Sure, nothing about YOU personally is included in the fingerprint (since
they don't have to bother reading any of your document files) but that
doesn't bar them from using a fingerprint of your host to identify it as
a unique "device" connecting to their service and for just one account.
I suspect (though could certainly be wrong) that he's somehow ticked,
or not ticked, a box while trying to set up Skype on the new
computer, so that it (the combination of the software and the Skype
server) thinks he's trying to set up a new account rather than access
an existing one.
If that's the cause, I'd start hunting around inside the Skype client to
see if it has a means of exporting its configuration either for use to
restore it should a re-install of the program is needed, like after a
computer rebuild, or to migrate that configuration to other devices
(computers, mobile devices, etc).
"How do I back up my configuration and instant message history?"
https://support.skype.com/en/faq/FA413/how-do-i-back-up-my-configuration-and-instant-message-history
(simply found with a Google search on "skype export configuration")
For the OP, copy the existing folder elsewhere as a backup copy during a
test to see if sliding in a copy of the folder from the working host
fixes his problem. Of course, if they're using fingerprints, a problem
could arise if they build it only on installation and save in a file in
this folder. The two hosts couldn't be concurrently connected because
it would look like the same device (by the static fingerprint) was
connected twice to the same account which they probably don't allow for
security purposes or simply as a quota limitation for the service tier
currently contracted.