1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking Benchmarking Platform
Phoromatic Test Orchestration

Skype Goes After Reverse-Engineering

Free Software

Published on 28 October 2011 05:35 AM EDT
Written by Michael Larabel in Free Software
45 Comments

While Skype has now expanded their Linux API support to allow other applications to take advantage of Skype video calls and other features, a few months ago the Skype protocol began to be reverse-engineered by an independent researcher. Skype took action several times against this work.

In early June I mentioned the Skype protocol was reverse-engineered by a researcher. He was successful in reverse-engineering the Skype 1.4 protocol and subsequently wrote a "send message to Skype" open-source demo program. He followed through and published details regarding the Skype protocol.

A day later I was proactively contacted by a public relations agency representing Skype. The vice president of the PR company was informing me that Skype would be going after this researcher for "unauthorized use of our application for malicious activities" and "We are taking all necessary steps to prevent/defeat nefarious attempts to subvert Skype's experience." It looks like they did.

Only when writing about the new SkypeKit release did this reverse-engineering over the summer come back to mind. When checking out the skype-open-source blog where this work was published, there were multiple DMCA takedowns.

The day of publishing his initial details, Google's Blogger (where his blog is hosted) received a DMCA (Digital Millenium Copyright Act) notice that two of his blog entries had to be removed: the post about his success in reverse-engineering the Skype protocol and then a second post about more technical details.

The complainant issuing the DMCA notice was in fact "Skype Inc" and the basis for the complaint is "Source code. The publication of this code, in addition to infringing Skype's intellectual property rights, may encourage improper spamming activities." (Google publishes DMCA complaints to ChillingEffects.org.)

Skype issued a second DMCA copyright notice after this researcher published more Skype related code. Those files have since moved to being hosted elsewhere. Skype is claiming copyright on the code even though the open-source code was written by the researcher. Another DMCA takedown attempt regarding the same work was issued again in early August when the researcher tried doing a DMCA counter-notice, and he ended up putting up links again to this "copyrighted" work.

The links seem to be up right now for his "Epycs" code and it's since propagated to various file sharing web-sites. It's also hosted on GitHub, but the skypeopensource user has limited activity there beyond hosting files from June and July.

The Epycs code allows sending messages to Skype users by emulating the Skype 1.4 protocol session handshake. Skype Inc ended up abandoning support for this older version of the protocol. According to a status update from the beginning of October, the researcher is working on extensively patching Skype v4.1 and Skype 3.8 for future work. "And then we can continue analyzing and writing a new (updated) protocol for session handshake to send messages to any skype version, including skype v5.x binary." Evidently things have changed quite a bit in the latest Skype client binaries and the protocol itself.

For reference, it does appear that this researcher is not doing "clean-room" reverse engineering. One of the comments he writes on his blog reads, "It is because I have only de-obfuscted 3.8 and 4.1(BETA) versions of skype binary." (In response to why he isn't targeting Skype 5 support at this time.)

It is a Free Software Foundation high priority project to create an open-source alternative to Skype, but so far there hasn't been much concerted effort in this direction.

About The Author
Michael Larabel is the principal author of Phoronix.com and founded the web-site in 2004 with a focus on enriching the Linux hardware experience and being the largest web-site devoted to Linux hardware reviews, particularly for products relevant to Linux gamers and enthusiasts but also commonly reviewing servers/workstations and embedded Linux devices. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics hardware drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated testing software. He can be followed via and or contacted via .
Latest Articles & Reviews
  1. Sub-$20 802.11n USB WiFi Adapter That's Linux Friendly
  2. The Lenovo T450s Is Working Beautifully With Linux
  3. Linux 4.0 SSD EXT4 / Btrfs / XFS / F2FS Benchmarks
  4. Linux 4.0 Hard Drive Comparison With Six File-Systems
  5. Lenovo ThinkPad T450s Broadwell Preview
  6. How Open-Source Allowed Valve To Implement VULKAN Much Faster On The Source 2 Engine
Latest Linux News
  1. EXT4 In Linux 4.1 Adds File-System Level Encryption
  2. Open-Source Ardour 4.0 Audio Software Has Big Improvements
  3. Linux-Powered Endless Computer Raises $100k+ In A Few Days
  4. GCC 5.1 RC2 Arrives, GCC 5.1 Planned For Next Week
  5. F2FS For Linux 4.1 Has New Features & Fixes
  6. Phoronix Server Upgrade This Weekend: Dual Haswell Xeons, 96GB DDR4
  7. Google's Experimental QUIC Transport Protocol Is Showing Promise
  8. Red Hat Joins Khronos, The Group Behind OpenGL & Vulkan
  9. NetworkManager Drops WiMAX Support
  10. Wine 1.7.41 Works More On Kernel Job Objects, MSI Patches
Most Viewed News This Week
  1. Nouveau: NVIDIA's New Hardware Is "VERY Open-Source Unfriendly"
  2. Linux 4.0 Kernel Released
  3. Microsoft Announces An LLVM-Based Compiler For .NET
  4. Linux 4.1 Brings Many Potentially Risky x86/ASM Changes
  5. Encryption Support For EXT4
  6. VirtualBox 5.0 Beta 2 Released
  7. Mozilla Start Drafting Plans To Deprecate Insecure HTTP
  8. KDBUS Is Taking A Lot Of Heat, Might Be Delayed From Mainline Linux Kernel