Skype - a security risk?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Is installing and running Skype from workstations in a corporate network
considered a security risk for the network, servers and workstations?

Of course I mean using Skype binaries downloaded directly from

Thanks for comments on this issue



Re: Skype - a security risk?

Chris Webster wrote:

Quoted text here. Click to load it

I have not heard of any security issues with Skype. I would check out some
of the vulnerability databases out there to see if there are any known
issues. Also, you did not specify what OS you are talking about...


Re: Skype - a security risk?

Good question.

At least nobody knows what skype is doing. They use a protocol, which is
proprietary and kept secret. However, Skype uses a mechanism, which
allows the software to get through any firewall by using the https port.

The guys from skype were the formerly kazaa people. That prog had a bad
reputation by installing spyware on your pc. I dont think they would do
that kind of buisness now, because they want to spread skype and earn
money with in- and outgoing calls to pstn.

At least, my company decided not to install Skype. But we have a very
restrictive policy.

At least, I would feel uncomfortable to use a software and not knowing
what it is doing in a sensitive enviroment.


Re: Skype - a security risk?

hatschi wrote:

Quoted text here. Click to load it

You have good comments but, think about this. With any commercial software
do you really know whats "under the hood"? How many commercial software
vendors use proprietary protocols? Maybe 85%?

Just a thought,
-- Imhotep

Re: Skype - a security risk?

Quoted text here. Click to load it

Yes you are definetly right, but when you are using SIP or any other
protocol a sniffer can decode you can see what is going on. At least an
open source software would be the best decision from that point of view.

The other thing is how much you trust a company or how much knowledge
you have about their security issues. Actually Cisco seems to have a big
problem to get their stuff hardend.

If I have the choice between Skype, or for instance a SIP thing, I would
choose the last one. But that means a lot of work and sometimes a pain
in the ... Skype is a wonderful out of the box experience.


Re: Skype - a security risk?

Quoted text here. Click to load it

The usual dilemma in corporate IT: The security guys want to encrypt
all traffic to protect the company from corporate espionage, but
Management will never agree to that because you wouldn't be able to
check for security leaks anymore...

Juergen Nieveler
Blackout drive + autobahn + 0345 = polizei.

Re: Skype - a security risk?

On Mon, 5 Sep 2005 00:24:16 +0200, "Chris Webster"

Quoted text here. Click to load it

Kind regards,
Gerard Bok

Site Timeline