Security Risks & Vulnerabilities in Skype

4,576 views

Published on

Skype proclaims that it provides a secure method of communication. Hundreds of millions of people have chosen to use Skype, often on the basis of this assurance.
This presentation discusses some security risk and vulnerabilities of Skype.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
4,576
On SlideShare
0
From Embeds
0
Number of Embeds
300
Actions
Shares
0
Downloads
44
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security Risks & Vulnerabilities in Skype

  1. 1. Security risks & vulnerabilities in Skype Kelum Senanayake
  2. 2. Introduction Skype proclaims that it provides a secure method of communication. Hundreds of millions of people have chosen to use Skype, often on the basis of this assurance. But there are some security risk and vulnerabilities of Skype.
  3. 3. The user interface does not display a "realSkype username" in the contact list Skypes interface relies on the use of full names on the contact list rather than unique user names. It easy to impersonate other users and introduces substantial security risks. Average users are easily tricked as a result.
  4. 4. Skypes software downloads are notdelivered over a HTTPS / SSL connection Downloads may be tampered with by a third party. China has been known to produce its own Trojan-infected version of Skype. Users are exposed to interception, impersonation and surveillance.
  5. 5. Skype could provide a backdoor entry Skype allows users to establish direct connections with each other. Its also "port agile" − If a firewall port is blocked Skype will look around for other open ports that it can use to establish a connection. If you put Skype behind a firewall or NAT layer, 99% it will work without any special configuration. Skype could provide a backdoor entry into secure networks for Trojans, worms, and viruses. It could also provide a channel for corporate data to be freely shared between users without any of the usual security considerations.
  6. 6. Skypes proprietary protocol Skype uses a proprietary protocol instead of a standard one such as the SIP. This makes it an unknown from the point of view of the vulnerabilities that might be there. Every nonstandard application can add unnecessary risks to your environment. In the end no one really knows what all is built into such an application.
  7. 7. References[1] Privacy International, "Skype Called Answer Mounting Security Concerns", [Online]. Available: https://www.privacyinternational.org/article/skype-called- answer-mounting-security-concerns.[Accessed: Oct. 31, 2011].[2] Jaikumar Vijayan, "Does Skype Face Security Threat?", [Online]. Available: http://www.pcworld.com/article/123279/does_skype_face_secur ity_threat.html.[Accessed: Oct. 31, 2011].

×