Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Skype Still Stonewalls About Security Holes

Want to make a network security specialist cringe? Tell him Skype is rife on the network. The VoIP software has myriad security holes that bedevil enterprise networks. Skype has refused to admit them -- and now it appears that rather than confronting them directly, it's rolling out a PR campaign to deny their existence.
One of the biggest security complaints about Skype is its stealthiness -- it's tough for network administrators to even know it's being used. And if they don't know it's being used, how can they protect against it?

Skype, in its new PR campaign, is applying some twisted logic to the reason for that stealthiness. Kurt Sauer, Skype's Chief Security Office, told Techworld that "One of the reasons Skype is difficult to find is that the people who provide the carrier services [ISPs and telcos] are in competition with Skype."

He said that if Skype could be found easily, the carriers would block it or degrade it.

Even if that were the case -- and it's not -- making Skype invisible isn't the best way to solve the problem. The real reason it's so stealthy is most likely that if it could be found easily, network security folks would kick it off networks, and Skype would lose users.

In addition, it's well-known that Skype has a variety of security holes on its own. The company patches the software, but if network security folks don't know Skype exists on the network, how can they know to make sure that patches are applied?

  • 1