[VOIPSEC] CSOOnline Machine Shop: Can 9 Million Skype Users Be Wrong?
Robert Moskowitz
rgm at icsalabs.com
Wed Mar 9 10:40:44 CST 2005
At 10:56 AM 3/8/2005, Christian Olsson (Private) wrote:
>Here is an interesting article about Skype security:
>
>Machine Shop: Can 9 Million Skype Users Be Wrong?
>Skype is a great way to communicate. But CSOs should know
>that it also brings auditing and monitoring challenges.
>http://www.csoonline.com/read/030105/machine.html
They do not talk about their security, considering it proprietary. They
claim AES-256, but won't tell you the mode of operation (is it CTR only
thus open to substitution attacks that IPsec fixed back in '95?). None of
the rest of what they do seems to be known.
Of course my information is a month old, they may have finally owned up.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
E: rgm at icsalabs.com
There's no limit to what can be accomplished
if it doesn't matter who gets the credit
More information about the Voipsec
mailing list