LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A trojan for Skype

A trojan for Skype

Posted Sep 3, 2009 11:24 UTC (Thu) by Tet (subscriber, #5433)
Parent article: A trojan for Skype

Since we don't really know what the Skype code does when it isn't infected, it will be difficult to determine if its behavior changes in a malicious way. That should be a little worrisome.

Agreed. That said, a decent SELinux policy can prevent it from doing undesireable things on the local box, even if it's infected. It's hard to stop it sending copies of your calls out over the network, though, because skype needs to send data over the network, and SELinux doesn't have an easy way of working out which are legitimate network connections and which aren't.

(Log in to post comments)

A trojan for Skype

Posted Sep 3, 2009 17:53 UTC (Thu) by droundy (subscriber, #4559) [Link]

Also note that a SELinux policy is unlikely to keep skype from sending audio and video even when you aren't on the network... it's not just your calls that might be compromised, but anything you mention (or do) in the presence of a computer running skype. Of course, network usage is likely to give this away, unless a trojan were to store up data and send it during a call...

A trojan for Skype

Posted Sep 4, 2009 20:42 UTC (Fri) by Tet (subscriber, #5433) [Link]

a SELinux policy is unlikely to keep skype from sending audio and video even when you aren't on the network... it's not just your calls that might be compromised, but anything you mention (or do) in the presence of a computer running skype

That's not really true. A decent policy can prevent a rogue skype process from reading files that it has no business reading, so the only things it should be able to transmit is data it already has (e.g. the audio of your call)

A trojan for Skype

Posted Sep 5, 2009 19:25 UTC (Sat) by oak (subscriber, #2786) [Link]

> so the only things it should be able to transmit is data it already has
(e.g. the audio of your call)

If it's allowed to read the mic for the call, why it couldn't eavesdrop
you always?

A trojan for Skype

Posted Sep 14, 2009 11:11 UTC (Mon) by robbe (guest, #16131) [Link]

> If it's allowed to read the mic for the call, why it couldn't eavesdrop
> you always?

You could probably modify your policy on the fly to allow/deny access to
the microphone device. But I guess soldering a switch to the microphone
cable would be a better UI.

But as an X app it has a lot of means to snarf information, anyway ... or
is X-ACE already sufficiently deployed?

I think the best option today is a VM sandbox. Or a free alternative.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds