Skype-Blocking Whack-a-Mole Continues

from the that-pesky-competition dept

Blocking disguised data from disruptive applications is a little like trying to hold back a river with a pine cone, and trying to block Skype is certainly the new black. Whether you’re a repressive government looking to protect the interests of your state-run phone company, a University or company worried about security holes or bandwidth use, or you’re a government annoyed that you’re not getting the appropriate kickbacks, there’s a growing number of hardware vendors now building gear specifically aimed at blocking Skype for you. The people that build these solutions had already stated that Skype was hard to detect and block, and apparently these companies are having even more trouble detecting the latest version released just a few weeks ago. The continuing game of cat and mouse is familiar to those watching ISPs trying to contain BitTorrent traffic. The easiest way for corporations or colleges to control Skype is to ban the executable from running on the desktop. For countries however this will be a neverending game of whack-a-mole. VoIP is simply data, and data can always be disguised – something Skype engineers seem to be getting better at with each incarnation.


Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Skype-Blocking Whack-a-Mole Continues”

Subscribe: RSS Leave a comment
14 Comments
The Swiss Cheese Monster says:

Banning the Executable?

Maybe on school owned comptuers that would work, but what about ones that the students bring to school with them? That might be more difficult.

I suppose if each college created an application that had to be running for any student to gain network access, an application that would stop any offending applications or services from running on student computers – that might do the trick. But what about the old trick of renaming an executable to bypass run restrictions?

I haven’t tried doing that in a long time, I wonder if many of today’s applications would still run if you rename the exe file that starts it?

Lincoln (user link) says:

Re: Banning the Executable?

I would expect the applications to still work. If you try renaming applications that the main exe depends on, then things could get a little wacky.

Applications could also be blocked by md5 hash, nullifying the renaming trick. This would still be playing whack-a-mole, since program updates will change the hash.

Anonymous Coward says:

Re: Re: Banning the Executable

Calculating MD5 hashes for every application someone runs is time-consuming and unnecessary – you can also force an EXE to open up in notepad, add some random letter to the end of it and save it, and run your “new” program that will fail the MD5 check.

Just have the program shut down any process with the name “skype” or whatever every couple seconds.

Anonymous Coward says:

another one word: latency.

Ok, I’ll explain it a little further: make your router inserting small random delays between packets. They’ll be unnoticeable for web surfers, but experience of those who use traffic-consuming applications from Skype to YouTube will be less than pleasant.

Most (if not all) those ad-hoc programs that hunt down specific applications are rather easy to fool / stop.
If it’s traffic that hurts, you’ll need to target it, not the applications that can be run all the different ways, some of which can be just out of your control.

Or, if you’re so concerned, make it impossible to run *any* new apps, including those come as ActiveX controls, browser plugins, etc, etc. And disable all the USB ports. And the Remote Desktop. And … oh, my 😉

Brad (user link) says:

the problem with skype is that it takes over pcs

We found that SKype would rapidly take over any pc with a fixed ip, and use it to connect up other skype users who were behind routers. It did routwe the packets thru us, but it would have 500 connections going at once. The only way to stop it was to kill skype and start it over, and then after a day or so it would start doing it again.

|333173|3|_||3 says:

Hopeless

Blocking the Exe is hopeless, since the renaming trick does work for several games, including ones which have a large number of seperate processes running. THe md5 hash can be easily changed by adding a few bytes tot he end of the file, and it would even be possible to do this without taking up any extra disk space if you knew how large your sectors were.

john richards says:

companies already block skype with opensource soft

there is a widely used skype and P2P blocking solution in opensource.
check this link http://www.lynanda.com/products/software-for-corporations/traffic-filtering
I’ve heard that this solution is what companies use to forbid skype within their network. China is suspected to use this or a derivative
I think that providing that kind of censorship technology is in total contradiction with the opensource philosophy. Some people suspect Skype to be at the origin of this blocking initiative, for political reasons.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...