{"id":33,"date":"2006-05-05T10:38:22","date_gmt":"2006-05-05T18:38:22","guid":{"rendered":"http:\/\/jaredrobinson.com\/blog\/?p=33"},"modified":"2006-05-05T10:38:22","modified_gmt":"2006-05-05T18:38:22","slug":"skype-insecure","status":"publish","type":"post","link":"https:\/\/jaredrobinson.com\/blog\/skype-insecure\/","title":{"rendered":"Skype insecure"},"content":{"rendered":"<p>\nI was reading about Ekiga (Linux VoIP application) at<br \/>\n<a href=\"http:\/\/lwn.net\/Articles\/181568\">LWN<\/a> and stumbled across this mention of<br \/>\nSkype:<\/p>\n<blockquote><p>Worth mentioning is the proprietary Skype protocol, which has some<br \/>\nserious security implications, according to what researchers presented<br \/>\n(<a href=\"http:\/\/www.blackhat.com\/presentations\/bh-europe-06\/bh-eu-06-biondi\/bh-eu-06-biondi-up.pdf\">PDF<\/a>) at the Black Hat Europe 2006 conference. Skype clients can be<br \/>\nabused for the purpose of port scanning, distributed Denial of Service<br \/>\n(dDoS) attacks and other unpleasant things.<\/p><\/blockquote>\n<p>The <a href=\"http:\/\/www.blackhat.com\/presentations\/bh-europe-06\/bh-eu-06-biondi\/bh-eu-06-biondi-up.pdf\">PDF<\/a> says that although the Skype technology is clever, it is<br \/>\n&#8220;Impossible to protect from attacks&#8221;.<\/p>\n<p>LWN reader &#8220;tajyrink&#8221; says that Skype &#8220;works around [NAT] by being a<br \/>\nP2P program, not just a VoIP program, by using ruthlessly the bandwidth<br \/>\nof other users even without them knowing about it.&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I was reading about Ekiga (Linux VoIP application) at LWN and stumbled across this mention of Skype: Worth mentioning is the proprietary Skype protocol, which has some serious security implications, according to what researchers presented (PDF) at the Black Hat Europe 2006 conference. Skype clients can be abused for the purpose of port scanning, distributed &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/jaredrobinson.com\/blog\/skype-insecure\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Skype insecure&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-33","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts\/33","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/comments?post=33"}],"version-history":[{"count":0,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts\/33\/revisions"}],"wp:attachment":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/media?parent=33"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/categories?post=33"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/tags?post=33"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}