Skype protocol hack could have been prevented claims StarForce
StarForce's comments come in the wake of blog postings by security researcher Efim Bushmanov who, earlier this month, claimed to have reverse engineered the Skype protocol.
"My aim is to make Skype open source," he said in a blog posting on June 3, adding links to download executable files compatible with Skype versions 1.4, 3.8, and 4.1, as well as IDA Pro disassembly database files, and - crucially, Infosecurity notes - his reverse engineered pseudo source code.
Liliya Volodina, StarForce Technologies marketing director, said that Bushmanov's took Skype's client application, disassembled the code and then worked out how the protocol plus its encryption functions operate.
"It's not clear how much time it took but it seems that the hacker was working alone", she said, adding that he is now recruiting other people holding the same views (say, other hackers) who, he says, `have enough time' to finish the project.
"Enough time is a loose concept and we can guess that he spent more than a year to disassemble the program when he worked alone. This is a good illustration of the fact that giving enough protection to a program's code may prevent its reverse-engineering for a long time, especially if the hacker doesn't know the basic principles of the protection", she explained.
Volodina went on to say that there could be tough times ahead for Skype.
In addition to the fact that the company needs to fix program instabilities, she says, it also needs to rebuild the protocol and code protection.