In the news: Soon to be published, Skype back-door trojan code?

Gene Heskett gene.heskett at verizon.net
Mon Aug 31 14:27:39 UTC 2009 

On Monday 31 August 2009, Alan Cox wrote:
>On Sun, 30 Aug 2009 11:28:58 +0100
>
>Marko Vojinovic <vvmarko at gmail.com> wrote:
>> On Sunday 30 August 2009 09:20:59 Tim wrote:
>> > On Sat, 2009-08-29 at 14:09 -0700, Joel Gomberg wrote:
>> > > I thought Skype was P2P application
>> >
>> > Supposedly it is, but with closed source, you've no real idea what it's
>> > going to do.  Even hacking software to reverse engineer it may only
>> > give you a partial picture, particularly if it's convoluted.
>>
>> Is there any initiative or attempts to reverse engineer its protocol?
>
>There have been but it uses every malware like trick of the book to self
>encrypt and the like. With virtual machines it isn't of course quite so
>safe any more.
>
>There are also some other awkward factors
>
>- The person who completely reverse engineers skype probably destroys it.
>  If you can write a skype client than the spammers can write skype spam
>  tools as well.
>
>- Skype appears to contain various law enforcement intercept facilities
>  judging by the evidence - although mostly circumstantial.
>
>- The Skype business model depends upon interoperability not working
>  (like early instant messaging systems), so you would expect a mix of
>  protocol changes and thermonuclear level legal responses if the work
>  was done in the USA or other countries with broken DMCA type laws.
>
>> programming... But surely *someone* does, is there any known attempt to
>> do this?
>
>I would imagine anyone doing so is keeping fairly quiet - there is big
>money on offer from the bad guys for skype trojans, intercepts and
>clients, while anyone on the good side fiddling with it faces jail and
>harrasment - a fine example of perverse economic incentives.
>
>Alan

Absolutely spot on Alan.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
<https://www.nrahq.org/nrabonus/accept-membership.asp>

Nezvannyi gost'--khuzhe tatarina.
	[An uninvited guest is worse than the Mongol invasion]
		-- Russian proverb

More information about the users mailing list