Hackers Crack Skype’s Proprietary VOIP Protocol
By on July 12th, 2010

Skype is the current leader in VOIP technologies and generates a lot of buzz with each of the developments it makes. Skype holds its VIOP technology as its most prized possession and a hacker has recently managed to crack it!

skype-logo

For obvious reasons, Skype is unhappy at the blog, which pointed this out and brought down the post in question. However, it is still available on  Google Cache.

The author  Sean O’Neil  writes in his blog saying,

For over 10 years, Skype enjoyed selling the world security by obscurity. We must admit, really good obscurity. I mean really really good obscurity. So good that almost no one has been able to reverse engineer it out of the numerous Skype binaries.

It is not all security by obscurity of course. There is plenty of good cryptography in Skype. Most of it is implemented properly too. There are seven types of communication encryption in Skype: its servers use AES-256, the supernodes and clients use three types of RC4 encryption – the old TCP RC4, the old UDP RC4 and the new DH-384 based TCP RC4, while the clients also use AES-256 on top of RC4. It all is quite complicated, but we’ve mastered it all.

O’Neil  wants to say that Skype uses all the security it can to secure its voice data. There are seven encryptions involved in Skype’s protection and it was broken only for educational purpose. The people behind this hack are IT Cryptologists. However, they also admit to the fact that a part of this code was leaked and might be in use by crackers already.

Skype is being very secretive about this and is refusing to make any official reply. Clearly, it is a fault on part of the hackers that this code was leaked. Still, Skype should officially assure its users regarding this security issue.

(News Source)

Tags: ,
Author: Chinmoy Kanjilal Google Profile for Chinmoy Kanjilal
Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at Techarraz.com. You can connect with him on Twitter @ckandroid.

Chinmoy Kanjilal has written and can be contacted at chinmoy@techie-buzz.com.

Leave a Reply

Name (required)

Website (optional)

 
    Warning: call_user_func() expects parameter 1 to be a valid callback, function 'advanced_comment' not found or invalid function name in /home/keith/techie-buzz.com/htdocs/wp-includes/comment-template.php on line 1694
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN