Only days after it emerged that 'stealth' techniques had been introduced into the beta version of Skype 2.5 have these techniques - designed to make Skype harder to block - been cracked.
Last week, P2P security specialist iPoque reported that the recently-announced beta of Skype 2.5 had changed its call setup in order to bypass the growing band of packet-filtering systems aiming to stop the software running on company networks.
The company has now been able to reverse-engineer the work of Skype’s designers, but only by radically overhauling its detection procedure.
According to CEO Klaus Mochalski, Skype 2.5’s call setup no longer conformed to a small number of predictable patterns, which could be identified and filtered at packet level. The company’s PRX Traffic Manager now used a heuristic model as the basis of its filtering.
The reengineering of Skype is not merely a refresh, as the program has been randomised to make established pattern-matching techniques useless.
From running the Skype client and watching it attempt to set up connections many thousands of times, it had been possible to find a tell-tale pattern of packet lengths, timings and small-scale packet consistencies that betrayed its presence.
"The hand-shaking at packet level has changed quite a bit," he confirmed.
Once the call connection is established, of course, Skype’s encryption makes it impossible to block from other packet traffic, hence the need to stop it before this point.
"They (Skype) talk about new features but never about new stealth features."
Mochalski suggested that Skype could one day become impossible to detect if the program integrated more advanced encryption into its make-up. Skype then would have to manage and distribute encryption keys. That probably is some way off.
This story first appeared on Techworld.com