Slashdot Mirror

← Back to Stories (view on slashdot.org)

Skype Protocol Has Been Cracked

Posted by ryuzaki0 on from the rising-in-the-east dept.

nsrCZ writes "The Skype core protocol has been reverse-engineered by a Chinese company. The interesting thing is, that although the protocol is closed, it is not patented and thus it is not against the law to crack it. If it's true, then it could affect the whole eBay/Skype business in many ways, including that they might not get their piece of the emerging Chinese cake." From the article: "By cracking the Skype protocol, the company claims it can also block Skype voice traffic, Paglee said. 'They could literally turn the lights off on Skype in China very, very quickly,' said Paglee, who is also a lawyer and engineer, speaking from California on Friday. The company could transfer the technology to the Chinese government, which has continually sought ways to tighten its filtering and control over the Internet. So far, the company doesn't have any plans to market its blocking capabilities, Paglee said."

32 of 279 comments (clear)

  1. Innovation by SleeknStealthy · · Score: 3, Insightful

    I love how the Chinese innovate. Corporate espionage, reverse engineering and overall IP infringement...Skype should have patented its technology, but it's not like the Chinese respect IP anyway.

    --
    Math
    1. Re:Innovation by Anonymous Coward · · Score: 4, Insightful

      I love how the Chinese innovate. Corporate espionage, reverse engineering and overall IP infringement...

      Yes, the US have been a good master.

    2. Re:Innovation by spyrochaete · · Score: 4, Insightful

      Thanks for sharing your generalizations about the most populous country in the world. Obviously every aspect of China meets your concise description.

    3. Re:Innovation by JPribe · · Score: 3, Insightful

      And patenting their protocol here in the States would have what effect in China? Please share, as I seem to have forgetten and am in need of a reminder.

      --

      Why go fast when you can go anywhere? O|||||||O
    4. Re:Innovation by sholden · · Score: 5, Insightful

      Because the US respected all the British IP in its early days.

    5. Re:Innovation by castoridae · · Score: 2, Insightful

      Even if our ancestors were also "wrong", it's still "wrong" for China (defined as the collective group of infringing companies, government agencies and individuals which happen to reside and work in China) to do it.

      * Quotes intentionally added to "wrong" to allay any possible tangent subthreads about how IP/patents/copyrights are in principal wrong/imorral/broken. Gotta know your audience. :-)

    6. Re:Innovation by IAmTheDave · · Score: 3, Insightful

      Thank you - not to mention that every true innovation stands on the shoulders of giants who came before. Want to know why patents/copyrights are killing innovation? Because there are now police lines around those proverbial shoulders.

      True, groundbreaking innovation is rarely anything more than a modification of an existing process or practice or idea or thought. An ingenious one, yes - but without the work that came before, there would be nothing. Stopping the work that can come after is nothing short of criminal.

      --
      Excuse my speling.
      Making The Bar Project
    7. Re:Innovation by c_forq · · Score: 2, Insightful

      Come on now, he didn't comment on every aspect of China, just the corporate one. And to be fair in the corporate arena you pretty much have to do what the competition is doing to stay in business, wither it be espionage, bribes, maximizing efficiency, price cutting, or advertising.

      --
      Computers allow humans to make mistakes at the fastest speeds known, with the possible exception of tequila and handguns
    8. Re:Innovation by tomstdenis · · Score: 3, Insightful

      Um hello, IBM PC clones anyone?

      Oh that's right you were born in the 90s and don't remember the 80s.

      Kids these days...

      --
      Someday, I'll have a real sig.
    9. Re:Innovation by Em+Ellel · · Score: 5, Insightful

      Skype should have patented its technology, but it's not like the Chinese respect IP anyway.

      Erm, ok, if they patent it, don't they have to disclose details of it? Kinda defeats the purpose of having a secret closed protocol that Skype wanted. I think there might be a better way to protect IP, via "trade secret" or something like it, but I am no specialist in the area :-)

      -Em

      --
      RelevantElephants: A Somatic WebComic...
    10. Re:Innovation by fotbr · · Score: 2, Insightful

      According to your, mine, and many other people's sense of ethics, perhaps. Ethics, like morality, are individual.

    11. Re:Innovation by 1u3hr · · Score: 2, Insightful
      it's still "wrong" for China (defined as the collective group of infringing companies, government agencies and individuals which happen to reside and work in China) to do it.

      What "infringement"? As TFA says, THERE IS NO PATENT. They reverse-engineered a protocol. A week ago, some Americans did the same to the Galileo GPS signal. And that will lead to a direct monetary loss to Galileo. Was that "wrong"?

      copyrights are in principal wrong

      The word is "principle".

    12. Re:Innovation by kfg · · Score: 5, Insightful

      Even if our ancestors were also "wrong". . .

      IF our ancestors were also wrong. . .

      It remains to show they were wrong, and in doing so you necessarily question the legitimacy of the USA's sovereignity. We were signatory to no treaties to "respect" British IP and our ip laws still differ. It took a special act of Congress to partially respect the British copyright of Peter Pan (which is, in effect, in perpetuity, forbidden by the US Constitution).

      If and when China does not respect American ip they are wrong because we are both signatory to the Berne Convention treaty, even if we were both wrong to do so.

      And bearing in mind that the current administration has declared that treaties it has willfully signed are not binding upon it, as that violates American legal sovereignity. Yes, the Supremes have recently bitch slapped them over that, but the current adminstration seems to be gearing itself up to treat that as a legal opinion not actually binding upon it.

      And herein lies the real damage that has been done to America's international standing in the past few years. If we declare null and void international law to which we are signatory on war, torture and due process why the fuck should anyone respectfully decline to copy Pauly Shore movies, no matter how cruel that is?

      KFG

    13. Re:Innovation by DarkDragonVKQ · · Score: 2, Insightful

      Oh I don't know, perhaps the inventions from long long ago that made their way across the Silk Road into EUROPE. Yeah...

      --
      "I thought what I'd do was I'd pretend I was one of those deaf-mutes" ~ Laughing Man - GITS:SAC
    14. Re:Innovation by blugu64 · · Score: 1, Insightful

      ya know that that was legal right?

      --
      "Personal ownership is a hallmark of conservative capitalism. And I don't believe I am entitled to anything that I did n
    15. Re:Innovation by tomstdenis · · Score: 4, Insightful

      And so is reverse engineering skype. I don't see why everyone is harping on China here. It's not like their the only country to do this.

      It's just ignorant xenophobia that allows people to bad mouth an entire nation based on what are essentially standard operating practices anywhere else.

      Tom

      --
      Someday, I'll have a real sig.
    16. Re:Innovation by indil · · Score: 2, Insightful
      Why should Skype have patented this...?

      Because a secure protocol design does not require secrecy. If the security of a design relies upon its secrecy, then it won't be secure for very long. This is why it doesn't matter that the encryption algorithms commonly used today, such as RSA, are open and can be freely inspected.

      If the Skype protocol is made unsecure because it was reverse-engineered, then it's not worth using anyway.

  2. Open Source? by guruevi · · Score: 1, Insightful

    Open source it and put it in a decent project like say, Asterisk... I hate Skype just because their protocol is closed. I can't do anything useful with it except when I use their crap.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
    1. Re:Open Source? by BioCS.Nerd · · Score: 3, Insightful

      What the hell is that supposed to mean? First of all, let's address this statement:

      I can't do anything useful with it except when I use their crap.

      Perhaps you wrote this incorrectly, but, by definition, nothing is useful unless you use it. Would you care to elaborate why you think their service is useless crap? Oh yes, this nugget of gold:

      ... I hate Skype just because their protocol is closed.

      (emphasis mine)

      What you're saying, implicitly, is that you have no real qualms against Skype aside from their lack of openess with respect to their protocol. That's absurd! I could understand if you disliked this about their service, but to actually hate their service because of this one fact is borderline stupid.

  3. Tapping by slindseyusa · · Score: 2, Insightful

    Isn't the more important aspect of this the concern that anyone could use this to tap into a conversation over Skype?

    1. Re:Tapping by Chris+Toohey · · Score: 1, Insightful

      Would you expect them to say, "Yes, we can track everything you're saying in those conversations. Now please keep using Skype for stuff like calling your accountant..."?!

      Chris Toohey
      http://www.dominoguru.com/
      --
      Chris Toohey
      http://www.dominoguru.com/
  4. Does it really matter? by Rosco+P.+Coltrane · · Score: 4, Insightful

    Closed Skype protocol gets cracked in X months == Skype releases a new version with a new closed protocol that'll take X more months to crack. Big deal...

    Anyway, Skype is a big no-no for me. I don't like software that connects to who-knows-what and uses bandwidth all the time without any way to know what the heck it's doing.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  5. Wouldn't it depend on perspective? by Timex · · Score: 4, Insightful
    The interesting thing is, that although the protocol is closed, it is not patented and thus it is not against the law to crack it.

    I'm sure Skype's lawyers might see this differently.

    If this happened in the US, lawyers would be crying "foul!" on the basis of the protocol being a Trade Secret, and they would have something to say about the agreement that one sees when installing the software. I believe I remember seeing a "no reverse-engineering" clause in there.

    This being a Chinese source, though, means that US rules don't necessarily apply.
    --
    When politicians are involved, everyone loses.
    1. Re:Wouldn't it depend on perspective? by vertinox · · Score: 3, Insightful

      I'm sure Skype's lawyers might see this differently.

      I'm sure the Chinese authorities might not care what they see differently.

      --
      "I am the king of the Romans, and am superior to rules of grammar!"
      -Sigismund, Holy Roman Emperor (1368-1437)
  6. Closed Protocol != Security by Penguin+Programmer · · Score: 4, Insightful

    Closed protocols are not a substitute for security. Any traffic that goes over the internet can be intercepted. Once you have the packets, it's just a matter of figuring out what they mean. This certainly does raise concerns that tapping into Skype conversations may become easy, but this was bound to happen eventually and should be no surprise to anyone.

    Besides, who really cares? Phone conversations can be tapped into. Cell phones, too. Everyone knows not to transmit confidential information over the phone.

  7. Not really cracked until we see skype.c by Anonymous Coward · · Score: 1, Insightful

    It's not really cracked until the "crack" is public.

  8. Re:Grammar Nazi to the Rescue by tprox · · Score: 2, Insightful

    Talking into a teapot or a teacup would probably block most of the sound provided you weren't talking very loud.

  9. Incorrect view of the law. by Anonymous Coward · · Score: 2, Insightful

    As most people here seem to be somewhat lacking in knowledge over the legal aspect, just because something does not have a patent does not mean it is legal to crack it. Reverse engineering may or may not be legal depending on the country the reversing was done in. US law is *NOT* global law, as so many large US companies and the US government itself is learning. Patents, ignoring their frequent misuse by US companies, are designed to protect innovative ideas long enough for a person or entity to make profitable use of the innovation. It also prevents other companies from copying the idea without some form of licensing - free or otherwise.
    However, a patent does *NOT* protect an idea only the implementation of an idea; that's a very important distinction. Further, not having a patent on an innovation does not mean you cannot sue if someone uses your innovation without your permission - in fact the only real value to a patent is a kind of 'date-stamp' to *help* decide (but not confirm) who got there first.

    But as to the question of a patent making it illegal to reverse engineer an innovation - No, patent law does not cover this aspect of the law. Anti-reversing laws are a totally separate beast and country dependant.

  10. Re:DMCA? by drinkypoo · · Score: 3, Insightful
    as a previous poster pointed out, it interoperability didn't stop the MPAA suits against DeCSS.

    The DMCA also prohibits the construction, possession, and/or use of a device to defeat copyright infringement. In a case where the law contradicts itself, the people with the most money win.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  11. Re:Hmm by flooey · · Score: 4, Insightful

    What's to stop them from changing the protocol now?

    The several million people whose copies only support the current one.

  12. Re:They renamed the protocol by Anonymous Coward · · Score: 1, Insightful

    Just because it abuses a stereotype doesn't mean it can't also be very funny. And it doesn't make me any more of a racist to laugh at it, even though I dislike racism, and wouldn't use humor that way myself. Try as I might, I can't find it unfunny. Guys getting kicked in the nuts is also pretty funny to watch, but that doesn't mean I advocate testicular violence. So get over your enlightened condescension and enjoy the ride.

  13. Re:Blocking by jroysdon · · Score: 2, Insightful

    Using "SSL" over 443 has long worked for bypassing firewalls and even proxies. I wrote about this back in 2003 and have been using ever since. It works even through a proxy server, as the proxy server just has to blindly forward all "SSL" traffic over port 443. By the very nature of SSL traffic, there is nothing you can do about it. All I do is wrap my SSH (or whatever) traffic inside an "SSL" stream and you can't touch it without breaking every other https site.

    The only way to block this would be to create a whitelist of SSL/https sites and allow only those access. Since every business relationship is driven online these days and everyone wants it encrypted, unless you sell tires to folks that walk in and just have a cash register, you'll still going to have to allow SSL.