A Backdoor in Skype for Mac OS X

Most generous interpretation: this could easily be an old, deprecated API in an enormous, complicated codebase on an engineering team with high turnover.

The backdoor aside, but using Skype seems to be a real pain recently. It used to be something that offered unmatched quality and service, but with time passing it is lagging behind. Skype on Mac OS X now starts like in 10 seconds and even the shutdown takes 10-15 seconds (on SSD). Video calls are fine, but the fans are quickly 100%. It&#x27;s funny but the (long unmaintened) Linux skype seems to be better at video calls.<p>This news only proves that the Skype codebase must be an unmanageable mess. I can undetsrand that. But also it seems that MS is moving to the web version of skype, in the meantime not taking care too much about the native clients.

Calling this a backdoor is an extreme measure. I wasn&#x27;t able to see any working example, nor any responsible disclosure which seems bad.<p>Also, if somebody has the ability to run arbitrary code on your machine, I would think that it&#x27;s game over at that point - backdoor or not. This is not a remote exploitable backdoor it seems.

Looks more like an ancient and unmaintained API. This is AV security-firm-hype at its best.

I&#x27;ve heard rumors that the Skype codebase is a giant mass of unmaintainable code &quot;approaching a singularity&quot; and for this reason alone you wouldn&#x27;t expect it to be terribly secure. At one time I wondered if I was too paranoid for adding another user account for the sole purpose of running Skype, but I no longer wonder.<p>That and the fact that OS X security is not fantastic to begin with, and I don&#x27;t want anything weird showing up in screen sharing with job interviews (say, in search history).

I thought it was already well-known and assumed Skype has backdoor(s) in their software.

Super unlikely this is an intentional backdoor. OS X privesc vulns definitely aren&#x27;t nearly rare enough to come by to justify backdooring software like Skype for local privesc.

This wouldn&#x27;t be the first time Microsoft has worked with the NSA<p><a href="https:&#x2F;&#x2F;www.theguardian.com&#x2F;world&#x2F;2013&#x2F;jul&#x2F;11&#x2F;microsoft-nsa-collaboration-user-data" rel="nofollow">https:&#x2F;&#x2F;www.theguardian.com&#x2F;world&#x2F;2013&#x2F;jul&#x2F;11&#x2F;microsoft-nsa-...</a>

What wonders me is absence of urgent update after such news...

I&#x27;m surprised to this company on the front page of HN.

Good. All things should have backdoors. &#x2F;s

calling this a backdoor is pretty disingenous