Friam
Login  Register

Re: [EXTERNAL] Urgent: skype vulnerability?

Posted by Brent Auble on Sep 07, 2013; 2:50am
URL: http://friam.383.s1.nabble.com/Urgent-skype-vulnerability-tp7583763p7583767.html

Actually, it's probably not a vulnerability, it's a feature...  (and did it before Microsoft bought them so we can't even blame M$).

Skype was originally set up to do peer to peer communication without going through any sort of centralized Skype-owned servers.  I believe it still does that some of the time, but much of it now goes through Microsoft's servers (potentially to comply with wiretapping laws and increase security generally).  Basically, Skype distributes processing among various computers that have Skype up and running, which ends up sucking up bandwidth.  Here's a not-very-helpful explanation from the Skype web page: https://support.skype.com/en/faq/FA10983/what-are-p2p-communications

Because of that, I only open up Skype when I'm calling someone or expecting a call.

Brent

From: Nick Thompson <[hidden email]>
To: 'The Friday Morning Applied Complexity Coffee Group' <[hidden email]>
Sent: Friday, September 6, 2013 10:04 PM
Subject: Re: [FRIAM] [EXTERNAL] Urgent: skype vulnerability?

Thanks, Raymond,
 
There is nobody else within an eight of a mile and the wifi barely reaches across the house. 
 
The stuff on my computer is standard office stuff.  The only unusual program I have is the music program finale. 
 
Does uninstalling Skype really get rid of it.  It had become a really pushy program and it fought of uninstallation for a bit. 
 
When I get back to Santa Fe, I think I am going to wipe the hard disk and start again.  Try to limp along until then.
 
Nick
 
Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
http://home.earthlink.net/~nickthompson/naturaldesigns/
 
From: Friam [mailto:[hidden email]] On Behalf Of Parks, Raymond
Sent: Friday, September 06, 2013 7:30 PM
To: The Friday Morning Applied Complexity Coffee Group
Subject: Re: [FRIAM] [EXTERNAL] Urgent: skype vulnerability?
 
I did a quick search through my data and there haven't been any major Skype vulns in a while.  There's a local privilege escalation from this last spring and URL snooping, but neither should result in massive Skype usage.  The Dark Comet Remote Access Tool (RAT) uses the Skype port and protocol to "phone home", so you might have a pest problem.  Even worse, a vulnerability was published last fall for getting in to the Dark Comet RAT via it's use of Skype - so if you have Dark Comet, someone could be breaking it to get into your computer.
 
I'd do an off-line, boot from CD/DVD, virus scan with your anti-virus of choice.
 
The Jet Pack provides a wireless access point - could someone be piggybacking on that?  What's your WiFi security?
 
Ray Parks
Consilient Heuristician/IDART Program Manager
V: 505-844-4024  M: 505-238-9359  P: 505-951-6084
SIPR: [hidden email] (send NIPR reminder)
JWICS: [hidden email] (send NIPR reminder)
 
 
 
On Sep 6, 2013, at 5:03 PM, Nick Thompson wrote:


Hi, everybody,
 
I have a Verizon jet pack for my internet here in Massachusetts and every once in a while huge charges have appeared on my usage, apparent downloads of a gigabyte scale of magnitude.  I complained to Verizon and they did an analysis of my record and tell me that these are VOIP usages.  Their suspicion is that some teenager in my house is using the box to make phone calls over skype.   But there is no teenager in my house and no other house within an eighth of a mile.  Is it possible that some Trojan is using skype to communicate.  Why?  What would be the benefit to the hacker.  Using my computer for what?  In any case, I have murdered skype.  Is there any other abuse of the voip protocol that could be going on in my computer?  Can I disable voip altogether on my machine?   My service costs ten dollars a gig, so this is not a small matter for me.  Anybody have any thoughts? 
 
Nick
 
Nicholas S. Thompson
Emeritus Professor of Psychology and Biology
Clark University
 

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
 

============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com


============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
Free forum by Nabble Edit this page