Skype’s chief security officer assured that the popular Internet telephony application has robust protection. Kurt Sauer credited this to better organization for developing actual codes. Today, he is requiring more peer review of software ahead of the final release. He said Skype hopes to collaborate with companies such as antivirus vendors to ensure protection of users from attacks against browsers that are launched through links. The company is particularly interested in applications from Symantec and McAfee that enable risk scoring for links.
Although it is possible to use Skype for application-to-application messaging, Sauer said Skype has not yet been used as a way for hackers to remotely control networks of compromised computers or botnets. He believes Skype, with the existing authorization model, has adequate controls to avert autospreading.
For companies fearing Skype could be a security threat by virtue of its ability to bypass corporate firewalls, Sauer said they can refer to the most recent version of the network administrator guide and Skype 3.0, which provide mechanisms for IT administrator to manage their networks as they see fit.