March 2006

I just got back from Japan, where we held a seminar about Skype security features with some developers and customers. One of the things I learned was that we haven’t gotten the word out about the ways that IT administrators can set enterprise-wide policies on Windows computers running Skype. There are a couple of controls that were very important to the IT administrators I spoke with, and those were features to disable API interfaces and to disable file transfers on a particular instance of Skype.

Continue reading "Admin control of Skype features" »

In early March 2006, someone at maxxuss.com posted a way to patch Skype so that 10-way voice conference calling is enabled, regardless of the speed or type of processor installed on the platform. (It’s a rather clever idea; the author should consult jobs.skype.com. But I digress.)

The description I’ve read of the patch would not compromise Skype or alter the program’s functionality. Instead, it would simply report to the Skype application inaccurate information about the type of computer processor on which the program is running. Of course, we have no idea whether the patches that are circulating around make other changes that are as yet undocumented.

We would like to point out that patching the Skype binary (or any software, for that matter) with unknown code is generally considered to be a very dangerous practice. We digitally sign our software (on Windows, this is done with Authenticode signatures) and we strongly encourage users to both verify the digital signature of our software and to not tamper with the program’s integrity.