Skype - exposed

**karavay** · March 13th, 2006, 05:01 PM

Hey guys as the popularity of this messenger-voip communication software, grows I was thinking to investigate the security side of this software:

-Communication security
-Local security
-overall security issues

Please post any information u came across (security related) in regarding to this software!

***ByTeWrangler*** · March 13th, 2006, 05:18 PM

Greeting's

Skype for windows V 2.x

Skype for windows V 1.x

Skype for Pocket PC 1.x

Skype for Mac OS X 1.x

Skype for Mac OS X 0.x

Skype for Linux 1.x

Skype for Linux 0.x

Try www.google.com

***J_K9*** · March 13th, 2006, 05:27 PM

Skype's own Security Bulletins might be handy too. Don't forget to check out SecurityFocus either.

Cheers,

-jk

**karavay** · March 13th, 2006, 05:44 PM

http://www.simson.net/ref/2005/OSI_Skype6.pdf - Security Overview

***SirDice*** · March 13th, 2006, 05:47 PM

Skype Uncovered

**Sm0kinP0t** · March 13th, 2006, 06:11 PM

Skype claims to have a 128bits encryption, but there's p.o.c. that existing programs (like Cain&Abel - www.oxid.it ) can tap and intercept VoIP conversations.
This is an automated process done by the program, the user has to have no ability at all, no knowledge in spoofing and alikes to hijack and record the conversation...you can see how this could compromise a company on many aspects.

I would use it in day to day calls (their charge rates are really worth it), but never on a corporate enviroment.

**karavay** · March 13th, 2006, 06:33 PM

it uses RC5 to chiper its text chat communication but the key can be recoverd from outgoing UDP datagam... whats the point !!

script kiddie protection

**karavay** · March 13th, 2006, 07:20 PM

how about local security where does it store passwords / conversation history / crypted or not?

**Digoy** · March 14th, 2006, 11:09 AM

Originally posted here by karavay
Hey guys as the popularity of this messenger-voip communication software, grows I was thinking to investigate the security side of this software:

-Communication security
-Local security
-overall security issues

Please post any information u came across (security related) in regarding to this software!

heres what i found:

http://articles.news.aol.com/busines...16153509990024

http://www.ctv.ca/servlet/ArticleNew...16?hub=SciTech

http://www.networkworld.com/community/?q=node/3375

http://www.strike-the-root.com/3/blow/blow6.html

http://www.smh.com.au/news/breaking/...151801336.html

http://www.skype.com/security/files/...evaluation.pdf

http://www.usatoday.com/printedition...kype17.art.htm

http://blogs.zdnet.com/ip-telephony/index.php?p=919

http://arik.baratz.org/wordpress/200...es-encryption/

http://www.voipplanet.com/trends/article.php/3567391

if you ask me this program probably have a much strong encryption
http://www.famatech.com/products/radmincs/ (not free)
but it doesnt use public servers like skype

Thread: Skype - exposed

Thread Tools

Display

Skype - exposed

Re: Skype - exposed

Posting Permissions