Skype security or what flaws the messenger contains. A hacker hacked and released the source code of Skype into the public domain. Programs for communication via the Skype protocol.
The same people who developed the first file sharing program, KaZaA, contributed. Unfortunately, Skype inherited the worst features of its predecessor: the VoIP program operates as a self-organizing distributed peer-to-peer (P2P) network. Skype is a kind of “black box”, which has a multi-level encryption system. The system also uses anti-debugging techniques for the executable file, which, in turn, makes it possible to download confidential information from a computer and transmit it to the network using a closed protocol. The mentioned protocol has the ability to bypass firewalls, and also cleverly masks its traffic, which prevents it from being blocked. All these “super powers” of Skype make it an excellent carrier of viruses, worms and drones, which establish their own personal distributed networks within the Skype network. In addition to this, Skype quite brazenly uses the resources of the user's node, straining the central processor and generating a powerful flow of traffic, which is rarely, and especially in Russia, free. It turns out that calls are free, very conditionally.
In the structure of the Skype network you can find: regular nodes (SC - Skype Client) and super nodes (SN - Super Node). A node that has a public IP address and has a fairly wide channel automatically becomes a super node and serves to pass traffic from SC nodes, helping them overcome security (for example, bypassing firewalls or network address translators) and equally distributing the load between hosts . This self-organizing distributed decentralized peer-to-peer network has a centralized element - Skype-login server, which is responsible for authorizing Skype clients and guarantees the uniqueness of call signs for this distributed network.
This problem can be solved using the TURN protocol. This protocol increases latency and the possibility of losing a large number of UDP packets, and this has a detrimental effect on the quality and stability of communications.
In this case, administrators close UDP traffic. Skype, meanwhile, automatically connects to the new TCP. The administrator, of course, can close all unused ports, but that was not the case, because there are no such ports. When connecting to a remote host, the operating system assigns the client any free TCP/UDP port that will be used to receive packets. If you close all ports, it will be impossible to establish TCP/UDP connections.
There is only one way out of this situation - disable direct Internet access and force all users to log in through a proxy server. Although these measures will be useless: Skype will “familiarize itself” with the browser configuration and will use the proxy server as its own.
Blocking Skype traffic
Skype developers warn administrators that any attempts to identify and block its traffic will be unsuccessful, since recognizing Skype traffic is a very complex process, and blocking it is possible only by encrypted content that does not contain any logical sequences. But, due to the fact that the Skype developers missed some points, there is also an unencrypted part of the traffic. The traffic analyzer can detect a UDP connection using an open protocol to obtain public IP addresses of super nodes, and the RC4 stream is used twice by a TCP connection, which makes it possible to decrypt part of the constant fields of the Skype protocol headers and calculate the first 10 bytes of the key by decryption parts of the constant header fields of the Skype protocol. Unfortunately, at the moment there is no completely ready-made Skype traffic blocker.
UDP traffic is much easier to recognize and easier to block. A two-byte identification number (ID) and payload type appear at the beginning of each frame. The UDP packet contains a 39-byte NACK packet, which is passed through the obfuscator program, and contains data packet identifier, function number (func), which was passed through the obfuscator, sender IP and recipient IP.
This means that to block UDP traffic, you need to add the following rule to your firewall:
Blocking UDP traffic won't help anything, because Skype automatically switches to TCP, but there is something you can do in this case. Incoming IP headers
Today, everyone knows that the popular Skype program has gained fame all over the world. Using Skype, we can correspond with relatives, friends, work colleagues, make free or paid calls around the world, practice foreign languages, transfer files, conduct video conferences, make conference calls, and play.
We can talk about the benefits of Skype for a long time. Just a few hours ago, it became known that the Skype source code had been hacked. The hacked code was posted publicly on the file-sharing resource Depositfiles and the world-famous torrent tracker The Pirate Bay and posted links to the code on its blog. According to RIA Novosti, the person who hacked the source code of the VoIP telephony leader Skype is an independent developer Efim Bushmanov. It is reported that Mr. Bushmanov made a statement from which it is clear that he has the source code of the popular IP telephony service Skype and the data encryption mechanism built into the program, and posted this data on the Internet. Efim Bushmanov also calls himself a “freelance researcher.” He explained the purpose of his action with the desire to make Skype specialized open source software.
With this, according to the “freelancer,” everyone was able to download Skype, program and customize the client to suit their consumer goals and needs. It is alleged that an experienced hacker was able to obtain sensitive information about the Skype protocol, including information about the encryption mechanisms that are used in the program, using so-called “reverse engineering” methods (studying the code of a program in order to find out how it works).
Skype management states that unauthorized use of the service code amounts to a violation of the company's intellectual property rights. Skype spokesperson: "We will take all necessary measures to stop these nefarious attempts to undermine Skype." It is assumed that Efim Bushmanov is a pseudonym and experts believe that he lives in the Russian Federation or is a native of Russia. Let's remember that at the beginning of last month Skype was acquired by Microsoft for $8.5 billion.
Comments and reviews
Not long ago we conducted detailed testing of the IBOX Combo F5+ (PLUS) Signature DVR. Studying...
Agree, it is hardly possible to imagine a modern person without some kind of mobile device. The most...
Modern casual mobile games have lost all their uniqueness and interestingness - the developers...
Quite often, monitors come onto the market that are designed specifically for gamers who value image quality...
Not long ago, sales of a new series of Thermaltake power supplies with quiet and backlit fans started...
Description
Skype URL protocol: allows you to create paired calls (that is, one-on-one calls), as well as conference calls, video calls and chats.
Note
By default, local Skype displays a call confirmation dialog before making a call. This dialog box also has the ability to disable its display in the future when making a call.
Terms of Use
If the list of interlocutors specified (using telephone numbers or Skype logins) is more than one, then the numbers or names of Skype accounts (logins) are separated by a semicolon (for example, interlocutor1;interlocutor2;...;interlocutorN).
Browser support
Article
URL components
Audio and video calls
Audio calls are divided into obvious And not explicit. Not explicit audio calls imply that only the list of interlocutors is indicated in the protocol.
skype:interlocutor1;interlocutor2;...;interlocutorN.
Explicit audio calls imply specifying in the “skype:” protocol not only the list of participants, but also the “call” argument.
Call Indicates an explicit audio call. In this case, it is also possible to set additional arguments, such as the video argument and the topic argument:
- topic‒ allows you to specify a line with the subject of the conversation for a conference call, which will be displayed to all conference participants. It is important to remember that the topic specified in this way is part of the URL, so the topic name string must meet the URL criteria, that is, some special characters must be escaped. For example, a space is replaced with the characters "%20". Otherwise, if the spaces are not replaced with the appropriate characters, the handler will accept the characters before the first space as the topic name, and the characters after the space will be interpreted as additional arguments that may be ignored or misunderstood.
skype:interlocutor1;+1234567890;...;interlocutorN?call&topic=Line%20topic
In order to specifically indicate an audio call without video, you must set the “video” argument with the value “false” (video=false).
- video‒ Video call argument. When making a call between Skype users, video exchange (if technically possible) between the interlocutors is automatically enabled. When specifying several participants, a group video call is performed. However, the number of participants in a video conversation is limited to ten, with a recommended number of no more than five to ensure the best call quality.
skype:interlocutor1;+1234567890;...;interlocutorN?call&video=true
Note: Participants using mobile devices can join a group video call only via voice communication.
Chats
Creates paired dialogues and group chats.
If a conversation is carried out with a participant or participants with whom there are already conversations in the history, then the Skype application opens an existing conversation, and if such a conversation does not exist in the Skype history, then a new conversation is created. If at the same time an existing conversation is opened (having a specific topic) and the topic is also specified using the “topic” argument, then the Skype application changes the topic of the conversation to a new value.
- topic‒ Chat topic argument. Special characters in the argument subject value (for example, spaces), as in the case of audio calls, must be escaped.
skype:interlocutor1;+1234567890;...;interlocutorN?chat&topic=Line%20topic
In short: SIP- an open standard, and Skype– closed. But Skype adapts better to real conditions, SIP focused on conditions close to ideal.
SIP protocol, Session Interaction Protocol (RFC 3621) is completely open to developers. It is quite well thought out, and is currently the most popular, since it is quite simple to implement in hardware and, in addition to organizing voice communication sessions, provides a number of additional capabilities. In protocol tasks SIP All that is required is to establish and coordinate the connection, and this connection does not have to be voice - it can be any real-time data stream - video, multimedia data, interactive service.
The protocol's commands resemble HTTP, down to the smallest details.
The key feature of SIP is its client-server orientation. This assumes that any SIP telephony network has a server ( GateKeeper).
Protocol SIP well oriented to work in local networks and on good Internet channels. But what happens when the Internet provider, for some reason, does not want users to be able to make calls via SIP? To achieve his goal, he will only need to “cut” UDP packets with port value 5060 in order SIP stopped working normally. There are ways to avoid such arbitrariness, but this requires interfering with the protocol, making you forget about compatibility with standard equipment.
Protocol used Skype has always been and continues to remain closed to third party developers. It has a number of features that distinguish it from SIP.
First, the protocol Skype focused on p2p network (Peer-to-peer). Skype works on the principle self-organizing distributed peer-to-peer network, which does not have permanent servers. The role of servers is performed by the network participants themselves, who have a direct IP address and a wide Internet connection.
Secondly, in the protocol Skype Encryption is mandatory. This is a forced measure due to the p2p structure of the network Skype: Traffic passes through nodes that should not be trusted.
Third, Skype has high resourcefulness, allowing it to work even on limited Internet connections. Skype is aimed at a wide range of users from different countries and interference in the operation of the network with the aim of banning VoIP is less scary for him, because he is prepared for this. It is known that the protocol Skype has the ability to find ways to transmit voice information. For example, if the required range of UDP protocol ports is closed (usually the Skype protocol uses the port UDP 40150), Skype switches to using free TCP ports, up to the known open port 80 (HTTP), and, if necessary, will use a connection through an HTTP proxy. It means that Skype will work almost everywhere where Internet sites “open”.
There is reason to believe that Skype uses a modified version of the standard SIP protocol. In other words, SIP was taken as the basis for the protocol Skype and improved, thanks to which Skype has competitive advantages over operators SIP telephony– low cost of servicing the subscriber network and readiness to work almost anywhere and in any conditions.
The popular Skype program is one of the most innovative and at the same time popular social services all over the world. This is easily explained due to the mass of various advantages and unique opportunities that include unlimited communication with any Skype subscribers, regardless of their location or social status. In addition, there is no mandatory subscription fee for the program, and the principle of its management will be easily understood even by a beginner. However, each user should definitely familiarize themselves with the basic program documents and principles of its operation.
What are the features of the program protocol?
If you are interested in what the Skype protocol is, then simple explanations from professional programmers will easily and clearly help you understand this term. The Skype protocol is one of the most important elements of the interactive network, which is built specifically for the operation of the Skype program.
Important: for the purpose of maximum security, all technical characteristics of this cipher are virtually inaccessible to a wide range of users, have a special source code and are completely classified.
The main features of the Skype program cipher are the following:
- The Skype program protocol is used by professionals to investigate any attempts at illegal access to the software, promote reliable protection of all data and identify all illegal users.
- In 2014, it was declared obsolete, so many of its users may have encountered some problems and operational difficulties. However, after receiving all the updates and innovations, the new Skype protocol provided even more special features to all service subscribers.
What protocol does Skype use?
Many Skype users are probably interested in the question: what protocol does Skype use, to which there is a clear answer. To ensure security, software developers keep secret all the codes and data that underlie its well-functioning operation, however, the following facts are known:
- signal transmission occurs using a special RC4 algorithm;
- voice data is transmitted using AES.
Important: many individual and corporate Skype users claim that they were able to declassify the unique Skype cipher, but this is impossible.
The program protocol allows its users to receive the following special interactive services:
- communication via Internet connection;
- watching news;
- exchange of SMS and instant messages.
This protocol is implemented in the process of connecting the individual account of each user of the program. The connection occurs via a special NAT path, after which firewalls and individual hosts are searched using the public IP addresses of users. Then the authenticity of each connection is necessarily verified with an individual password.
Thus, the program developers took care of creating a unique Skype protocol, which has a unique secret code, and also provides complete security and the ability to use all the advantages of this program.