yes, the first thing you have to do to actually use skype successfully is allow it to talk to all ips on all ports.
you think this is bad, you should see QIHOO/QIHU's (free) security products, which appear to use some sort of homebrew p2p protocol to update both their signatures and executables in realtime -- when online they are *constantly* chatting (not in the clear) with peers and their c&c servers. by external behavior perhaps it could be turned into the world's largest botnet. (if you want a reverse engineering challenge, you might take a look at it) they claim a very high penetration in the chinese pc market, 95.8% in mar 2013 = 457 Million users… (high monoculture risk there...). see: http://seekingalpha.com/news-article/6591031-qihoo-360-reports-first-quarter-2013-unaudited-financial-results On May 20, 2013, at 9:02 PM, Jeffrey Walton <[email protected]> wrote: > On Mon, May 20, 2013 at 8:55 PM, Jacob Appelbaum <[email protected]> wrote: >> James A. Donald: >>> ... >>> >>> Zombie computers are seldom of high value. >> >> Some malware is designed to keep people communicating, under heavy >> watch; it is not always designed to abuse a system the "traditional" >> manner befitting script kiddie botnets. > In Skype's case, it appears there is no need for the malware to coerce > communications since the service is always on > (http://www.sec.gov/Archives/edgar/data/1498209/000119312510182561/ds1.htm): > "The number of connected users is subject to uncertainties and in some > ways may overstate the number of users actively using our products > during a given period. For example, for a number of our users, once a > user has downloaded our software onto their device, the software will > automatically be logged in to when the device is turned on, even if > the customer takes no steps to affirmatively engage our software > client after initial registration." > > Jeff > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
