Talk:Skype protocol

Computing Unassessed

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing ??? This article has not yet received a rating on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the project's importance scale.

This article may be too technical for most readers to understand. Please help improve it to make it understandable to non-experts, without removing the technical details. (August 2009) (Learn how and when to remove this message)

• how private are my private conversations in Skype?
  • much better than other easy-to-use Messengers.
• Can the NSA listen-in or monitor chat sessions for keywords and identify the users involved?
  • probably not very well due to the distributed network.
    • but now, as Microsoft purchased them, are Microsoft top executives anti-patriotic? I guess European and Chinese businessmen should refresh leakage of Echelon spynet 79.111.223.5 (talk) 19:57, 14 May 2011 (UTC)[reply]

124.197.18.179 22:29, 28 June 2007 (UTC)[reply]

I am left asking myself the same questions! The article plainly states that Communication is encrypted using RC4; the method used does not provide any privacy.

But, hello! If the traffic is encrypted it DOES provide SOME privacy. If it would provide NO PRIVACY then the author knows something that we don't. IMHO this is unacceptable behaviour in the wikipedia world. Please clarify this aspect or tell us why you cannot. (The NSA is controlling wikipedia content?)

85.197.23.252 (talk) 11:06, 2 July 2008 (UTC)[reply]

These issues belong in the "Skype security" article, not in this technical article about how the inside mechanics work. Just like asking "is this clock accurate" does not belong in an article about the wheels and springs inside the clock.

77.215.46.17 (talk) 23:10, 3 April 2010 (UTC)[reply]

Right and Wrong. The above paragraph is right in mentioning the Skype security article, which states (sic): Skype uses 256 bit AES encryption to encrypt communication between users, complicating the decryption of these communications. Skype's encryption is inherent in the Skype Protocol and is transparent to callers. Because of this integration the communication between users is considered to be private, although several security concerns exist. I'm just about to remove the stupid remarks about using "...256 bit AES encryption to encrypt" and "complicating the decryption of these communications" in that article, the latter being exactly what encryption algorithms are supposed to do. But it's wrong in stating that such issues "do not belong" into this technical article. If the 'article about the wheels and springs' speak about a clock that has no accuracy, then the article is worthless. -AVM (talk) 22:33, 24 April 2011 (UTC)[reply]

Baset and Schulzrinne used:

• Ethereal
• NetPeeker.

Biondi and Desclaux used:

• PytStop to circumvent checksums
• Skype checks for SoftICE to prevent debugging. However RR0d debugger works.
• Scapy interactive packet manipulation program
• shellcode Oracle Revelator in Shellforge
• IPQUEUE
• SIRINGE
• Skypy : a scapy wrapper to reassemble and decode obfuscated TCP streams (not released?)

Skype relies heavily on code obfuscation:

• Much of the skype binary is encrypted. It provides its own unpacker which erases the original import table as it is loaded.
• Code integrity checksums, executed randomly, and obfuscated with random lengths and random operators
• Anti-debuggers
  • attempt to identify breakpoints and trap the debugger.
  • target specific debuggers by checking for certain loaded drivers
• General code obfuscation with fake error handlers that directly manipulate memory and registers. —The preceding unsigned comment was added by Pgr94 (talk • contribs) 14:11, 7 December 2006 (UTC).[reply]

Can someone who knows please add a section listing implementations? I'm not talking about wrappers around the Skype binary client, but actual new code. The official client is obviously an implementation, it appears ++skype may also be one. Are there any others?

I'm not really sure what ++skype is. Is it just a wrapper? I'm not aware of any other implementations, but would also be interested to know if anyone has started a GPL project. Pgr94 17:14, 27 May 2007 (UTC)[reply]

According to User:217.162.207.65 "++Skype library is a library for the API of the software and not for the network." Pgr94 09:51, 18 June 2007 (UTC)[reply]

Fring does in fact do skype voice, but I don't know if it's encrypted. fring! --TIB (talk) 16:47, 2 June 2008 (UTC)[reply]

Image:Skype logo.png is being used on this article. I notice the image page specifies that the image is being used under fair use but there is no explanation or rationale as to why its use in this Wikipedia article constitutes fair use. In addition to the boilerplate fair use template, you must also write out on the image description page a specific explanation or rationale for why using this image in each article is consistent with fair use.

Please go to the image description page and edit it to include a fair use rationale. Using one of the templates at Wikipedia:Fair use rationale guideline is an easy way to insure that your image is in compliance with Wikipedia policy, but remember that you must complete the template. Do not simply insert a blank template on an image page.

If there is other other fair use media, consider checking that you have specified the fair use rationale on the other images used on this page. Note that any fair use images uploaded after 4 May, 2006, and lacking such an explanation will be deleted one week after they have been uploaded, as described on criteria for speedy deletion. If you have any questions please ask them at the Media copyright questions page. Thank you.BetacommandBot 05:53, 6 June 2007 (UTC)[reply]

This is now moot, as the logo is no longer in this article (and I am not the one who removed it).

77.215.46.17 (talk) 23:15, 3 April 2010 (UTC)[reply]

start
 2.  send UDP packet(s) to HC
 3.  if no response within 5 seconds then
 4.    attempt TCP connection with HC
 5.    if not connected then
 6.      attempt TCP connection with HC on port 80 (HTTP)
 7.      if not connected then
 8.        attempt TCP connection with HC on port 443 (HTTPS)
 9.        if not connected then
10.          attempts++
11.          if attempts==5 then
12.            fail
13.          else
14.            wait 6 seconds
15.            goto step 2

seems incorrect

attempts not initialized. --Sylvestersteele (talk) 08:52, 2 June 2009 (UTC)[reply]

• That kind of omission is OK for pseudo code as it helps readability. It is not OK in real code of cause.

77.215.46.17 (talk) 23:06, 3 April 2010 (UTC)[reply]

The obfuscated Skype RC4 key expansion algorithm has been leaked and is available in portable C code.[1] Code is available here: http://cryptolib.com/ciphers/skype/ pgr94 (talk) 19:00, 12 May 2011 (UTC)[reply]