1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking.org

Skype Goes After Reverse-Engineering

Free Software

Published on 28 October 2011 05:35 AM EDT
Written by Michael Larabel in Free Software
45 Comments

While Skype has now expanded their Linux API support to allow other applications to take advantage of Skype video calls and other features, a few months ago the Skype protocol began to be reverse-engineered by an independent researcher. Skype took action several times against this work.

In early June I mentioned the Skype protocol was reverse-engineered by a researcher. He was successful in reverse-engineering the Skype 1.4 protocol and subsequently wrote a "send message to Skype" open-source demo program. He followed through and published details regarding the Skype protocol.

A day later I was proactively contacted by a public relations agency representing Skype. The vice president of the PR company was informing me that Skype would be going after this researcher for "unauthorized use of our application for malicious activities" and "We are taking all necessary steps to prevent/defeat nefarious attempts to subvert Skype's experience." It looks like they did.

Only when writing about the new SkypeKit release did this reverse-engineering over the summer come back to mind. When checking out the skype-open-source blog where this work was published, there were multiple DMCA takedowns.

The day of publishing his initial details, Google's Blogger (where his blog is hosted) received a DMCA (Digital Millenium Copyright Act) notice that two of his blog entries had to be removed: the post about his success in reverse-engineering the Skype protocol and then a second post about more technical details.

The complainant issuing the DMCA notice was in fact "Skype Inc" and the basis for the complaint is "Source code. The publication of this code, in addition to infringing Skype's intellectual property rights, may encourage improper spamming activities." (Google publishes DMCA complaints to ChillingEffects.org.)

Skype issued a second DMCA copyright notice after this researcher published more Skype related code. Those files have since moved to being hosted elsewhere. Skype is claiming copyright on the code even though the open-source code was written by the researcher. Another DMCA takedown attempt regarding the same work was issued again in early August when the researcher tried doing a DMCA counter-notice, and he ended up putting up links again to this "copyrighted" work.

The links seem to be up right now for his "Epycs" code and it's since propagated to various file sharing web-sites. It's also hosted on GitHub, but the skypeopensource user has limited activity there beyond hosting files from June and July.

The Epycs code allows sending messages to Skype users by emulating the Skype 1.4 protocol session handshake. Skype Inc ended up abandoning support for this older version of the protocol. According to a status update from the beginning of October, the researcher is working on extensively patching Skype v4.1 and Skype 3.8 for future work. "And then we can continue analyzing and writing a new (updated) protocol for session handshake to send messages to any skype version, including skype v5.x binary." Evidently things have changed quite a bit in the latest Skype client binaries and the protocol itself.

For reference, it does appear that this researcher is not doing "clean-room" reverse engineering. One of the comments he writes on his blog reads, "It is because I have only de-obfuscted 3.8 and 4.1(BETA) versions of skype binary." (In response to why he isn't targeting Skype 5 support at this time.)

It is a Free Software Foundation high priority project to create an open-source alternative to Skype, but so far there hasn't been much concerted effort in this direction.

About The Author
Michael Larabel is the principal author of Phoronix.com and founded the web-site in 2004 with a focus on enriching the Linux hardware experience and being the largest web-site devoted to Linux hardware reviews, particularly for products relevant to Linux gamers and enthusiasts but also commonly reviewing servers/workstations and embedded Linux devices. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics hardware drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated testing software. He can be followed via and or contacted via .
Latest Linux Hardware Reviews
  1. Scythe Mugen MAX
  2. Intel Core i7 5960X Haswell-E On Linux
  3. Intel 80GB 530 Series M.2 SSD On Linux
  4. With A New Motherboard, The Core i7 5960X Haswell-E Lights Up
Latest Linux Articles
  1. 7-Way Linux Desktop Gaming Comparison On Ubuntu 14.10
  2. Intel P-State vs. CPUFreq Benchmarks On The i7-5960X
  3. RadeonSI GLAMOR Benchmarks With X.Org Server 1.16
  4. RadeonSI Gallium3D vs. Catalyst At 4K UHD On Linux
Latest Linux News
  1. F2FS Tools Gain FSCK Support
  2. FreeBSD 10.1 Has The New VT Driver, Hardware Improvements
  3. AntiMicro 2.6 Yields Greater Compatibility For Gamepads On Linux
  4. OpenGL 3.3 / GLSL 3.30 Lands For Intel Sandy Bridge On Mesa
  5. AMD's RadeonSI Gallium3D Driver Sees Some Improvements
  6. Mesa 10.3 Released With The Latest Open-Source GPU Driver Improvements
  7. GNOME 3.13.92 Officially Released
  8. Wine 1.7.27 Is Still Working Towards Direct2D Support
  9. Wasteland 2 Officially Launched Today, Including For Linux Gamers
  10. Tropico 5 Launches On Steam For Linux
Latest Forum Discussions
  1. SSD seems slow
  2. Can Linux kill a motherboard?
  3. Stop grabbing my keyboard :(
  4. X.Org Women Outreach Program Only Turns Up Two Applicants So Far
  5. Glamor now enabled in Debian radeonsi
  6. New stress testing utility for GPU's
  7. New Group Calls For Boycotting Systemd
  8. It's Now Possible To Play Netflix Natively On Linux Without Wine Plug-Ins