<<< Date Index >>>     <<< Thread Index >>>

[IP] more on Skype protocol cracked?





Begin forwarded message:

From: Irwin Lazar <imlazar@xxxxxxxxx>
Date: July 14, 2006 11:45:06 PM EDT
To: dave@xxxxxxxxxx
Subject: Re: [IP] more on Skype protocol cracked?

FYI: Skype's official comment (via Tom Keating's Blog -
http://blog.tmcnet.com/blog/tom-keating/skype/skype-cracked.asp):

Skype has responded with this statement, "Skype is aware of the claim
made by a small group of Chinese engineers that they have reverse
engineered Skype software. We have no evidence to suggest that this is
true. Even if it was possible to do this, the software code would lack
the feature set and reliability of Skype which is enjoyed by over 100m
users today. Moreover, no amount of reverse engineering would threaten
Skype's cryptographic security or integrity."

Over at Skype Journal they have a list of 5 reasons why this is good
news for Skype:
http://www.skypejournal.com/blog/archives/ 2006/07/5_reasons_the_skype_crack_is_good_for_sk.php

Irwin

On 7/14/06, David Farber <dave@xxxxxxxxxx> wrote:


Begin forwarded message:

From: "David P. Reed" <dpreed@xxxxxxxx>
Date: July 14, 2006 6:01:55 PM EDT
To: dave@xxxxxxxxxx
Subject: Re: [IP] Skype protocol cracked?

For IP...

So I looked for the source code or doc that proves this happened.
(just my core skeptic side).  Not finding any actual evidence, I
speculated:

I can "crack" Skype in about 1 hour by just encrypting the Linux
client code inside an opaque wrapper that expands the code into
memory and runs it (the linux client can be run with a shim on any
X86 OS).   I can even change the UI by observing the window system
drawing and input events and generating a different-styled UI (with a
quite different look and feel).  The user of such a "crack" cannot
tell, and verifying that a gob of mysterious code actually is a
"crack" is pretty difficult.  It's hard enough to tell if it is a
trojan horse that will steal all your data a few months down the
road....

And who would care?  Skype gives its client away for free... What can
you do that the Skype client cannot do for you?  The story is fishy,
and remains fishy.

So claims to have reverse engineered Skype, while fun, can just as
well be hoaxes.

Cui bono?   Well, the "Chinese" company gets kudos for doing
something that demonstrates its acumen.   But so did they Chinese guy
who cloned a TI DSP and passed it off as a homegrown high-performance
chip demonstrating Chinese technology prowess.  Or maybe it's a scam
that is intended to make the Chinese sound like they are ripping off
technology rather than doing their own.

A smart (Chinese) company would do a peer-to-peer SIP client, and
make it open source.   It would demo prowess, and corporate users
wouldn't have a problem adopting it, since it is completely open,
unlike Skype.

David Farber wrote:
>
>
> http://www.voipwiki.com/blog/?p=16
>
>
>
> -------------------------------------
> You are subscribed as dpreed@xxxxxxxx
> To manage your subscription, go to
>  http://v2.listbox.com/member/?listname=ip
>
> Archives at: http://www.interesting-people.org/archives/interesting-
> people/
>
>



-------------------------------------
You are subscribed as imlazar@xxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting- people/



-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/