Security Basics mailing list archives
Re: Skype (quick question)
From: Kenton Smith <listsks () yahoo ca>
Date: Mon, 11 Feb 2008 13:47:33 -0800 (PST)
A quick Google search will likely turn up all sorts of things. But from my previous research here are two things with which to be concerned. 1. While it uses AES encryption, Skype is very proprietary and thus the way they've implemented AES is unknown. Just because they use it doesn't mean it works if they've implemented it incorrectly. 2. Skype is a P2P application. Therefore it is possible that your call is being routed through many other computers along the way. This isn't normally the case, and of course it is encrypted (see above), but the fact that your call is going through an unknown third party system should be cause for concern. If they're using a weak encryption implementation and it is going through another person's computer it would be trivial to eavesdrop on a conversation. Kenton ----- Original Message ---- From: Richard J. Piedrahita <piedrahitar () frontiernet net> To: security-basics () securityfocus com Sent: Friday, February 8, 2008 2:11:31 PM Subject: Re:Skype (quick question) Hi: Has anyone heard of any security concerns regarding the use of Skype? If any anyone knows of any real or potential security issues, could you let me know by responding to this message please? Many thanks, Rick. Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail. Click on Options in Mail and switch to New Mail today or register for free at http://mail.yahoo.ca
Current thread:
- Re:Skype (quick question) Richard J. Piedrahita (Feb 11)
- Re: Skype (quick question) Ansgar -59cobalt- Wiechers (Feb 11)
- Re: Skype (quick question) H. Willstrand (Feb 11)
- <Possible follow-ups>
- Re:Skype (quick question) krymson (Feb 11)
- Re: Skype (quick question) Kenton Smith (Feb 11)
- Re: Skype (quick question) Secure This (Feb 12)