Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Looking for information regarding the use of Skype in an Enterprise network

From: krymson () gmail com
Date: Wed, 7 Jan 2009 14:19:20 -0700
Not to be a jerk, but I think you want to be careful when throwing the below line as a security risk. For two reasons.

1. Has someone written a tool to do this yet? Maybe so, but are you going to tell a CFO the *potential* for wrongness 
at some arbitrary time in the future? Again maybe so, but this is a very shaky foundation for a stance. The difference 
here may be whether we're talking about a remote exploit or wormable issue, or just something like a social engineering 
attack such as a link to badness. I'm just saying you need more than just this statement.

2. Can't I level that same argument against pretty much every software and hardware technology you and every company 
uses daily?


<- snip ->
Skype can be used to penetrate into your network if someone write the 
right tool for it.
Previous By Date Next
Previous By Thread Next

Current thread: