In Blackhat Europe 2006 Philippe BIONDI presented his work on Skype.
Skype is famous for the level of obscurity taken to protect the code and
protocol from prying eyes.
This outstanding work unveils Skype's inner workings, reverse
engineering the application and the network protocol and provides code
samples.
The author poses and later answers three questions:
1. Is Skype a backdoor?
2. Can one detect and block Skype traffic?
3. Is Skype safe enough for Business use?
Several security related issues are brought to light:
* Several heap overflows were found during the research.
* Skype can be DoSed by a single packet
* Skype can be abused as anything from a port scanner to a botnet
and covert channels in P2P
For the rest of this excellent work get the full paper at:
-06-biondi-up.pdf
