In the news: Soon to be published, Skype back-door trojan code?
Roberto Ragusa
mail at robertoragusa.it
Sun Aug 30 23:02:26 UTC 2009
Marko Vojinovic wrote:
> But surely I am not the first one to have such an idea, or am I?
You are not.
People studied Skype:
http://www.recon.cx/en/f/vskype-part1.pdf
http://www.recon.cx/en/f/vskype-part2.pdf
and found that it contains tons and tons of cryptography,
obfuscation and countermeasures against debugging or reverse
engineering.
A closed source code like that and with an explicit
purpose to build a crypted P2P network bypassing firewalls
with every trick possible is something to be nervous
about.
The code constantly checks itself (this is why it uses a
lot of CPU) and it decides things it should not (it was
said that Intel convinced Skype to cripple multiconference
on AMD CPUs to improve the reputation of Intel CPUs).
I'd like a good alternative to Skype, even _without_
Skype compatibility.
--
Roberto Ragusa mail at robertoragusa.it
More information about the fedora-list
mailing list