Even if some insane insomniac de-twiddles the pages upon pages of optimized indirection in this code (which I seriously doubt), all Skype has to do is tweak the protocol or encryption and the researcher is back to square one. It's a losing battle. And that's not even getting into the legality of it it all.
How about instead of trying to fruitlessly crack Skype, we spend the time making something that's both open and better?
Concerning the open and better issue; There definitely are open alternatives. None of them have quite the firewall-defying capabilities of Skype. Nor the user base for that matter. Building any kind of social network is fraught with chicken&egg problems and those first to reach mass have it made. Just check how one of the richest and most powerful technology companies Google is struggling to get a foot in Facebook's market.
There's value in making an open client that works with the existing network (for example, Microsoft recently killed the Skype integration plug-in for Asterix).
Isn't that decision up to the folks who own the rights to the original code?
Personally, I'd be hesitant to get into a project that has more need for lawyers than coders.
We have strength in numbers.
By using ToS, you're limiting enforcement to the people who do the RE, rather than an implementation, surely?
This is the process used to achieve the "IBM PC Compatible" system you're probably using right now (including your Mac). Reading up on the development of the Compatibles is a good way to understand how to do reverse engineering correctly.
You should always emphasize that its the correct way _in the US_. As somebody already mentioned, HN readership is international, and said restrictions on reverse engineering do not apply everywhere. Also the author, judging by his name, doesn't seem to be a US citizen.
"This manual describes the various units of the IBM Personal Computer AT and how they interact. It also has information about the basic input/output system (BIOS) and about programming support.
The information in this publication is for reference, and is intended for hardware and program designers, programmers, engineers, and anyone else who needs to understand the design and operation of the IBM Personal Computer AT."
It includes the source listing of the PC AT BIOS, as well as complete interface pinouts, etc.
The colophon for this manual reads
First Edition (March 1984)
So what is your time line for IBM only publishing this manual after the PC AT was cloned?
The first "100% Compatible" was the Compaq Portable in 1982. It wasn't the first "compatible" to market, but it claimed to be the first that hit the "100%" mark and validated the clone market.
Abstrd, but true according to what you're saying, if you can prove that I copied it. Now, assuming you did download and peruse the source code for Free_skype: fine. Now prove it.
And, IIRC, there are still mixed results regarding the extent to which EULAs are enforcible.
That's a really muddy term. How exactly can you protect a protocol? Trade secret? Patents?
Copyright shouldn't apply if it's a reimplementation.
Of course I have NFI what country the skype-open-source poster is in. FWIW the blog host (blogspot) is obviously in the US, the depositfiles.com file host has DNS registered in Seychelles but seemingly resolves to a US server...
This is as opposed to publishing observations/specifications from looking at such dumps, or from a black-box observation of Skype's behaviour. In this case I believe jcr is 100% correct that what's being distributed isn't protected reverse engineering output, it's a derivative work of the original.
In short: Decompiling or cracking a program and posting it online with notes is not the same as reverse engineering it, although it's a step in that direction.
Can we even believe anything that cookiecaper says? I mean, what's HIS credentials?
(see what I did there? Ad hominem attacks are just that: logical fallacies. Please don't do them.)
No offense intended. :)
None Taken. :)
But to answer your question:
- I have no credentials, and don't want any.
- I am not an expert, and don't want to be one.
- For every bit of the subject matter that I've learned, I can name at
least a half dozen people who know that bit better than I do.
I would suggest not wasting your time trying to authenticate me, the
source, but instead, put your effort into finding outside authentication
of the statements. The source in this case really doesn't matter, but
outside confirmation really does matter.
And things like compression algorithm are patented, and that's very likely skype is using some of it. Reminds me of a project by Intel of providing an implementation of g729 (a voice codec). The source was available, but it was "non commercial usage only" because of the patents mostly.
An interesting project, but doubt we'll see any usable implementation anytime soon IMO. And even if it does, skype will probably alter a bit the protocol to make it fail if it reaches a critical mass.
And Skype can't really easily alter the protocol because of all sort of skype-compatible devices (IP phones and so on).
Skype probably updated their client/protocol since, but still an interesting read.
If you're reading this on a desktop or laptop system (rather than a
phone), then you are most likely using an "IBM PC Compatible" even if
you're using an Intel based Apple, and hence, you're using the fruits of
completely legal reverse engineering.
The way to do reverse engineering legally is to have one team reverse
engineer the target and completely document how it works. Once it's
documented, another disconnected team writes a new implementation from
the documentation. This process is how you're using an IBM PC
Compatible today, so yes, reverse engineering for compatibility is
If there is a patented algorithm required, it's not a sure thing. There
are most likely compatible ways around the patent, but there's also the
fact that the patent is only valid in the US. With open source hosted in
some other country, who are you going to sue? The users in the US?
--Nope, users are the ones paying for skype.
You might say, "But we forbid reverse engineering in our license!!!"
Contract clauses forbidding reverse engineering are invalid in many
countries and jurisdictions, and of course, you also have to prove the
other party agreed to the contract/license. With this said, it's very
easy to create a international jurisdictional nightmare to render any
such contract clause tactically impossible to enforce.
The easiest way to think about this is security research. The folks
finding and reporting exploitable flaws in software are obviously
reverse engineering it. Occasionally companies have tried to legally go
after people who have published security research on their products, but
usually this ends very badly for the company. Additionally, doing
security research is protected use in some countries and jurisdictions.
In short, competition is good for markets, and competing by studying and
mimicking the competition is both normal and legal.
For the "rights" advocates out there, there are legal problems with the
three file downloads available:
1.) According to the first file name, the original binaries are being
redistributed which may be (and usually is) against the license terms
and default rights granted by copyrights.
2.) The IDA Pro database (most likely) contains the entire target
binary, so you do have (illegal) redistribution of a copyrighted work.
You can load only parts of a target binary into IDA, but that doesn't
matter since it is still a portion of the original work. As for whether
or not said portion could fall under fair use is debatable (i.e.
lawsuit). In general usage, the entire binary is loaded, since without
it, you're limited to static analysis (i.e. no debugging).
3.) Decompilation, and to a lesser degree disassembly, are equivalent to
"machine translation" in the sense of copyright. Creating a translation
is considered creating a "derivative work" and unless you have been
given rights to create derivative works, then you're in trouble. One of
the comments here on HN claims the "source code" file is the output of
the Hex-Rays Decompiler.
I've never used skype and I've never read their license so I don't know
if they specifically allow redistribution.
I have no love for skype or microsoft, but if this had been done
CORRECTLY by releasing written documentation so an entirely new
implementation could be written, then I'd have no problem with it.
There are right ways and wrong ways to legally create compatible (open
source) software through reverse engineering, and this is a perfect
example of the wrong way.
Just a bit.
Yes, it is a common silly practice that stems from the real madness that are copyright laws. Considering that the documentation passed between the two teams contain all the informations to make the software work correctly, I wonder what makes it different from a source code. I could easily write a code generator that would be fed a "documentation" file and generate the C code that creates the final program. Hell, a C program is a specification on how to generate a given binary code. I wonder how often this really happens behind the doors at these "clean room implementation" teams.
The IDA Pro disassembler and the Hex-Rays decompiler are not only very
expensive tools, but they are very difficult to purchase. Due to
constant problems with piracy, these days they will only sell their
products to three areas; (1) governments/law enforcement, (2) very well
established corporations (typically well known security research
people), (3) very well established university researchers.
Typically, they refuse to sell to individuals, but there is a fourth
class of customers who are individuals; very old customers like me who
have a perfect track record of maintaining possession of their copy of
Every copy of the software is custom compiled and watermarked so it
is traceable to a particular person. Every database created by the
software is also watermarked, so when someone who is not a licensed
customer publishes a database (.idb), the software can be traced and
the account will be terminated (i.e. no further purchases allowed).
When someone does something blatantly stupid like disassembling and
decompiling skype then publicly making all of the files available, it is
fairly certain that they are using a illegal copy of the software. They
do not understand what they're doing. They do not understand the tool
they are using. And they don't have any respect for either the tool or
the work of others. --All of this loudly screams PIRATE!
The pirates either don't know about or don't care about the watermarks
in the databases they create. They don't realize that publishing a
database is discouraged. I've never heard of a case where a database
watermark was successfully forged (i.e. pin the blame on someone else),
but a cracker named "Quine" once successfully removed the watermarking
in IDA back in the late 90's.
The "correct" method to publicly share the research work done in IDA is
to dump the database to an IDC script (an internal language), then
provide the IDC script and the target binary. Customers know this, or at
least they should. With that said, friends do toss databases back and
forth on occasion, but that's a matter of trust between friends where
both of them are customers. Some people in the InfoSec and AntiVirus
crowds exchange databases, even across competing corporate lines since
they're all working together towards the same goal and they've known
each other for years.
This copy of IDA was probably pirated for the same reason Photoshop is usually pirated: because it's expensive. But you don't know it was pirated.
Also: by editing your comments to account for the responses, you make the thread incoherent. I'd appreciate it if you wouldn't do that, or, at least, if you must do it, to do so in corrections at the end of your comment. It's fine to be wrong. I'm wrong all the time.
Even so, Hex-Rays does sell to individuals. It's not even necessary to ask Ilfak: if copies are being sold to individuals, then they sell to individuals. And those copies are being sold. Here's a picture of my CD, purchased this year, as an individual: http://dl.dropbox.com/u/3177211/idaomg.png
You really think this is because they want to safeguard the public or something?
Thank you for the insight into your field. Now I'm sorely tempted to try my hand at decompilation.
My point is that it is not possible to know for sure if the user of a pirated software is indeed a pirate, as there are reasons of privacy to use these editions of the IDA (as well as the most common one of just not paying for it in the first place.)
As to the question of whether Bushmanov has used a pirated edition of IDA for his work, it's interesting to note that the distributed .idb files are in two different formats - as far as I can tell versions 5.2 and 5.5, but the license key is the same for both: A2-86E4-B9BB-D3. It's not one I recognise from any of the common pirated versions but I suppose only Ilfak could tell for sure.
|*| Skype 4142 Decompression v1.002 by Sean O'Neil.
|*| Copyright (c) 2004-2009 by VEST Corporation.
|*| All rights reserved. Strictly Confidential!
|*| Date: 29.10.2009
some info about this corporation and Sean O'Neil: http://en.wikipedia.org/wiki/VEST
the official web page points to beach resort?!?
edit2: same guy: http://cryptolib.com/ciphers/skype/
Has someone more information about that?
Even OOo/LO .doc support is based on 1-2 FTE revEngs (which btw is dumped mfc/w32 memory on a FAT, but read Sun/IBM anyway).
The team will write a public spec, print it out on paper, and another team Down and Under will scan it and create new code (think RSA patent export). The skype protocol has long been reverse engineered and is available to several parties.
I can understand that exploration/implementation division as a preemptive "don't sue us" move, but do US copyright really provide that such strong protection that someone who has looked at a decompilation can't be writing an independent implementation? It seems to me the writing an implementation with a different structure or in another language ought to be different enough for copyright reasons.
Not if you are booting via EFI, for example if you are booting Mac OS X on an Apple.
So you'd Skype's co-operation to do this? They are able to prevent reverse engineering by not writing the documents?
Suppose you and I work for the same company. I bust open Skype through decompilation, reading memory, the network, whatever trick I want. With that, I write documentation for how Skype's protocols work.
You read my documentation, and implement it in a new program. Since we haven't talked, and you've never seen a line of Skype's code, you haven't infringed on any copyrights.
It is important to note, though, that this does not necessarily protect us against a patent suit.
it would be nice to see linphone be able to talk to skype people...
the time would have been much better spent working on the GNU VOIP client, not only would improvements have been usable without legal issues, they would be there in an (ostensibly, perhaps) understandable format - working code.
That is actually how Skype works in N900, but the implementation there is obviously proprietary.
besides, i was under the impression that audio/video chats went through skype servers? (i've never actually checked though)
1. I would love it if MSFT, as the new owner, gave up on the cat-and-mouse of security through obscurity and obfuscation and settled on a published and peer-reviewed protocol. I am sick of the memory footprint and cpu spikes in having to run skype clients because 70% of its resources are dedicated to hiding what is really going on. I would love a nice, clean, light version
2. we can well assume that if this is happening in the public domain then it was probably done a few years ago behind closed doors at the NSA et al
Um, how does this make any sense?