Here’s an interesting story that bears some watching… security researcher Sean O’Neill claims to have reverse engineered the proprietary encryption which Skype uses to protect voice, video and IM communications on its network. This work, while impressive, does not mean that Skype’s encryption has been broken, since knowing the details of an encryption algorithm does not allow you to decrypt data unless you can also derive the keys used to encrypt the data. However, there are some reports that the O’Neill’s code has been used to launch spam attacks on Skype users. I am sure that intelligence and law enforcement agencies all over the world are quite interested in how this all turns out, as they have complained in the past that Skype provides criminals, terrorists and other n’er do wells with un-wiretap-able communications. O’Neill plans to provide more information on his work at the Chaos Computer Congress in December.
In the mean time, I plan to continue using Skype without too much worry. Of course, I’ll think twice about using it for coordinating the global tentacles of my evil plan for world domination, but I see no reason to avoid Skype for personal and business communications right now. Stay tuned.