funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Skype reportedly reverse-engineered

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Tue, 7 Jun 2011 12:10:22 -0800
http://j.mp/kt72Ke+
 

"Yesterday we reported on a freelance researcher reverse-engineering the
Skype protocol and beginning to write open-source code that would work with
this popular VoIP network. A representative of Skype has now contacted
Phoronix to inform us they will be taking "all necessary steps" to stop this
effort." 


I've always been wary of Skype for their SBO stance, despite the many security 
friends who have used it, love it, and promote it at every turn.  Prior to this year's 
disclosures of increasing success in attempts to decode the thing (and the purchase 
by Microsoft), I was even thinking that I might have to jump on the bandwagon 
and start using it, as one of the most realistic ways of phoning home from various 
countries overseas.

This new wrinkle in the situation reminds me of the battle royal, many years ago, 
between Microsoft and AOL over instant messaging functions.  (Little good can 
come out of the fight, I suspect, other than the high probability that someone will 
come up with some form of realistic alternative to Skype.)  In the instant 
messaging scrap, both sides worked furiously on developing new versions of their 
client software that would be incompatible with the other.  This activity 
culminated in one vendor creating one with a buffer overflow situation.  Not by 
accident: this was done deliberately so that some instant messaging functions could 
*only* be accessed by a buffer overflow, thus reducing the (comparative) 
functionality of the other client.

Not the actions of a vendor that has user security at heart ...

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
      - Is it plugged in?                  - I can't see.
      - Why not?                           - The power's off here.
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: