[GLLUG] Impressed with skype

Michael George george at idealso.com
Tue Sep 18 10:42:27 EDT 2007 

I don't like skype because they use proprietary software AND they use a
proprietary protocol (and for all I know they use a proprietary codec). 
The VoIP world doesn't need that kind of lock-in.

I think it would be better for them to offer SIP or IAX2 service so that
*when* I get sick of making all my calls in front of a computer I can opt
to use a VoIP hardphone ("Hey, McFly, people don't like to sit in one
place talking on the phone!"), or I can put a VoIP phone system in place.

With Skype, there is skype and the skype soft phone.  As far as I know,
that's the end of the options.  That's not progress, that's crap.

My inlaws used Skype when they were in Austria this past summer.  I hated
talking to them through that.  It sounded like they were talking through a
can!  Maybe a real handset would have helped, but who would know?  You
can't try it.

If you want to do VoIP, then get a service like Teliax or Telesip or
something and do it right with real standards so you have the freedom to
choose your end of the system.

But that's just my opinion.  I can assure you it's *right*, but it's still
"just my opinion"... ;-)

On Tue, September 18, 2007 9:59 am, Brent Barker wrote:
> Ah, I remember reading that /. article. I read through the comments
> and discovered that the article was saying that skype reads the
> /etc/passwd file, and that was the problem. Another person mentioned
> that
>
> "The most common reason these applications and others read /etc/passwd
> is that they call getpwuid() to obtain a struct that contains the
> user's home directory. Now the application knows where to find its
> configuration files."
>
> Additionally, if your distro uses shadow passwords (I know Gentoo and
> Debian do), you are not vulnerable to password-stealing.
>
> A more extensive answer is provided here:
>
> Seems like people don't understand unix at all, when they post to
> security lists...
> Just checking your own identity in unix requires a call to getpwnam,
> getpwent or their equivalent, which means that a function call in
> glibc has to read the password file. Practically every unix program
> does that... It reads in the whole file in memory and looks for you,
> unless you're using the db source, yp, nis+ or an external module:
> nss_ldap, nss_mysql, nss_pgsql. It's doing that to find YOU out...
> That's normal, system-wide behaviour, and not sinister at all(that's
> also why there's a nscd daemon to cache those results, to prevent your
> machine from grinding to a halt if you have 200k+ entries in that
> file.
>
> Now unless the legacy api gets redesigned to NOT do a line by line
> scan, anyone using strace/ltrace/dtrace/tusc needs to filter out these
> internal "housekeeping" calls, which are perfectly normal, needing to
> find out if _you_ can open up your own log file...
>
> The /etc/passwd /etc/group files are public files precisely because
> they are referred to in this manner. That's why shadow passwords are
> so necessary."
>
> Hope that helps. I'm not worried about Skype on Linux any more than I
> am about other closed source applications (though I don't have it
> installed, so it's more a theoretical issue for me).
>
> Cheers,
> Brent
>
> On 9/17/07, L Inbody <linbody at gmail.com> wrote:
>> I seriously doubt if it will show up on any of these, but here is a
>> pretty
>> good blog that lists out all of the anti-rootkit options we have on
>> linux.
>>
>> http://linuxhelp.blogspot.com/2006/12/various-ways-of-detecting-rootkits-in.html
>>
>> Unfortunately I am in CA in a hotel with really slow broadband so when
>> the
>> mp3 downloads I'll take a listen tomorrow.
>>
>>
>>
>> On 9/17/07, Karl Schuttler <rexykik at gmail.com> wrote:
>> > I got this information from Pauldotcom security weekly, episode 82.
>> > http://hydrogen.oshean.org/pauldotcom-SW-episode82.mp3
>> for the show. I
>> > believe their source material is
>> >
>> http://yro.slashdot.org/article.pl?sid=07/08/26/1312256
>> >
>> > I suppose it's not exactly a rootkit in that it probably doesn't root
>> > your system, but it shows that they are up to shady shit that they
>> > don't need to be messing around with.
>> >
>> > I highly suggest taking a listen to the show; it is rather informative
>> > and entertaining.
>> >
>> >
>> >
>> > On 9/17/07, Brent Barker < b.w.barker at smokejive.net> wrote:
>> > > Could you explain more or provide a link? I'd like to know more
>> about
>> that.
>> > >
>> > > On 9/17/07, Karl Schuttler <rexykik at gmail.com > wrote:
>> > > > Skype is evil. Pretty much a rootkit, even on linux.
>> > > >
>> > > > On 9/17/07, Eduardo Cesconetto <eduardo at cesconetto.com> wrote:
>> > > > > I like Skype too, but I was told that is evil..
>> > > > >
>> > > > > On Sep 17, 2007, at 3:11 PM, Steven Sayers wrote:
>> > > > >
>> > > > > > I just used skype to call my mom. This is really useful. My
>> cell
>> in
>> > > > > > the
>> > > > > > basement sucks.
>> > > > > > _______________________________________________
>> > > > > > linux-user mailing list
>> > > > > > linux-user at egr.msu.edu
>> > > > > >
>> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>> > > > >
>> > > > > _______________________________________________
>> > > > > linux-user mailing list
>> > > > > linux-user at egr.msu.edu
>> > > > >
>> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>> > > > >
>> > > > _______________________________________________
>> > > > linux-user mailing list
>> > > > linux-user at egr.msu.edu
>> > > >
>> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>> > > >
>> > >
>> > _______________________________________________
>> > linux-user mailing list
>> > linux-user at egr.msu.edu
>> > http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>> >
>>
>>
>>
>> --
>> Running Linux? Are you completely out of your mind.  That thing is a
>> rip-off.  It comes with no viruses, no Trojans, no malware , etc .......
>> _______________________________________________
>> linux-user mailing list
>> linux-user at egr.msu.edu
>> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>>
>>
> _______________________________________________
> linux-user mailing list
> linux-user at egr.msu.edu
> http://mailman.egr.msu.edu/mailman/listinfo/linux-user
>


-Michael George
 Ideal Solution, LLC

More information about the linux-user mailing list