[VOIPSEC] Soft Phone Vulnerabilities

Randell Jesup rjesup at wgate.com
Wed Jun 14 22:17:32 CDT 2006 

"Michael Slavitch" <slavitch at gmail.com> writes:
>> Point 3:  Unknown relays in Skype.  Jon Callas rightly points out
>> > that unknown relays in Skype cause a concern regarding sensitive
>> > communications, and I agree with him.
>>
>> I didn't point this out at all. Please credit the proper person.
>
>
>Deep down in the trail there was a mention of relays being a problem.   Your
>point was a CSO policy over NDA information going over Skype, and part of
>the talk was about relaying. I'm not sure who to credit for as it's an
>amalgam of many posts in a very long thread.

Probably me, but it doesn't matter.

>If the end-to-end security model passes the Berson sniff test the only
>remaining 'security' problem is the relay, and that is addressed by using
>preferred peers that are well-known and trusted.  If the conversation is
>hard encrypted the relay is the remaining issue, that issue being that the
>relay knows that a conversation happened at a certain, even if it could not
>capture the content.  Selecting trusted relays solves that problem.

"If the conversation is hard encrypted" - ok, but how do you _know_ that it
is?  Berson reviewing (claimed) source for one version doesn't mean the
released (or updated) software does that.  And that assumes that future
versions don't add network-based controls that turn off (hard) encryption
or have (new) security bugs.

"Trusted relays" - an 'interesting' term when applied to Skype.  Trusted in
this case can at most mean "physically under my control", and to do that
requires significant knowledge of Skype, complex firewall rules, and
there's still no way to guarantee that the Skype system won't route the
call through a second, non-trusted relay.  The reason is that you don't
control the actions of the relay (or the Skype network or software).  You
can't know (per-call) if the Skype software selected a fully-crypto-secure
end-to-end key (as they say it does), or if it selected a "well known NSA
key" as the encryption key.  If Skype decided to (or was forced) to do
intercept, you'd never know (of course).  Similarly, if Skype were hacked
(either the client, the relays, the system as a whole, or by some hacker/
extortionist targeting the Skype corporate site) your calls could be 
silently compromised.

This doesn't say these dangers don't apply to other, more
open/standards-based platforms.  But those dangers are often more easily
recognized, understood, and in some cases solved in an open system.  And
you can't layer something like ZRTP on top of Skype (ok, maybe you can in
theory, but it's really, really, REALLY hard).

To a certain extent it comes down to how much you trust Skype, and how much
you trust their implementation/design and network security.  This applies
to most other secure VoIP solutions - except that with others you can
mostly test that they implement what they say they do.

-- 
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
"The fetters imposed on liberty at home have ever been forged out of the weapons
provided for defence against real, pretended, or imaginary dangers from abroad."
		- James Madison, 4th US president (1751-1836)

More information about the Voipsec mailing list