FierceWirelessFierceWirelessEuropeFierceDeveloperFierceMobileContentFierceBroadbandWirelessFierceEnterpriseCommunicationsFierceIPTVFierceTelecomFierceOnlineVideoFierceCable

Free Newsletter

About | View Sample | Privacy

Skype tapping program code released

August 31, 2009 — 10:26am ET | By
Tools

A software developer who designed a way to tap and record calls made on Skype and other VoIP networks has made the source code of the spying program public, a move he said will allow other programmers to build workarounds to the potential threat. The programmer, Ruben Unteregger, was tasked by his former company ERA IT Solutions to write a Trojan horse program that could tap VoIP calls for the Swiss government.

Apparently, the program bypassed Skype's heralded encryption process, one that has vexed security officials in Europe multiple times. UPDATED: Skype spokesman Chaim Haas pointed out a Symantec post that clarifies the specific technical nature of the hack. According to the Symantec's security team, the existence of the trojan "isn't due to any problems with Skype itself." The trojan actually taps into the audio data feed between the Skype client and the audio device being used on the call, so Skype's encryption itself has not been breeched by this specific hack.

In a translated interview, Untregger discussed his rationale for releasing the code.

"The code will be published, it will get analyzed as soon as the binaries got uploaded, signature patterns will be created by anti-virus companies, the malware will be detected, blocked and deleted, if it tries to infect a system," Untregger said.

Untregger's motives appear to be genuinely in the interest of private citizens and enterprises that use VoIP services like Skype, as the publicizing of the code makes its use by security agencies redundant, according to a Computer World report. However, making this code available could have negative repercussions if hackers can use it to build even more powerful tapping programs. Other instances of Skype hacking, such as China's purported monitoring of dissident communication via VoIP programs, gives one pause when considering the public availability of such information.

For more:
- see the ComputerWorld report here
- see the SC magazine write-up here 

Related articles
VoIP, Skype get EU heat over lawful intercept
Is China monitoring Skype calls?
Taliban VoIP calls


SHARE
WITH:
Email Twitter Facebook LinkedIn StumbleUpon
Get Your FREE FierceEnterpriseCommunications Email Newsletter:


More stories about Trojan Horse Program   Security Officials   Computer World   Skype   Lawful Intercept