I won't rule it out, but what's being reported so far seems bogus.
Yesterday, Bruce Schneier pointed to this report on Ars Technica about Kobi Alexander, a founder of Comverse but recently a fugitive, purportedly being nabbed as the result of a one minute Skype call he made from Sri Lanka. Since Comverse has been a major customer of NMS for many years, I've naturally been following their problems with stock option issue dates, Kobi Alexander's resignation and so forth. I also follow Bruce Schneier's blog, as he has the best insights on security issues of anyone I know. But this time, I think Bruce pointed to the Ars Technica article without actually reading the paper it cites.
The paper Ars Technica cites, "Tracking Anonymous Peer-to-Peer Calls on the Internet" by Wang, Chen & Jajodia of George Mason University, is very interesting and completely reasonable. But what they are doing is correlating the timing of packet dispatches and arrivals at either end of a Skype connection to determine if two ends - both of which are already being monitored - are indeed talking to each other. They conclude that, if they have access to 90 seconds of packet timing information from each end, they can reliably determine if two Skype clients are talking to one another. I don't see how this could apply to Kobi Alexander placing a "one minute" Skype call from Sri Lanka.
If there is any truth to the report that he was traced due to a phone call, it's more likely the call was Skype to PSTN via SkypeOut, the PSTN leg was tapped (as discussed by Phil Wolfe) and the listeners heard him discussing his current location.
The paper by Wang et al has a very nice set of references (up to date through 2005) to other work on the subject. On other fronts, there was a flurry in the blogosphere in July when a Chinese group announced they had reverse engineered the Skype protocols. Reverse engineering object code is certainly feasible, although we've heard nothing further from the Chinese group since the original announcement six weeks ago.
Skype is becoming significant (eBay claims Skype handles 7% of all international minutes) and it uses proprietary protocols, not subject to widespread inspection by the security community, so it's reasonable to suspect there are flaws and that Skype calls will become (or already are) traceable. But I don't think we'd heard a viable explanation of how to do it, yet.
"...about Kobi Alexander, a founder of Comverse but recently a fugitive, purportedly being nabbed as the result of a one minute Skype call he made from Sri Lanka..."
A little word of advice: Don't put any money on the story.
http://imshin.net/?p=418
Posted by: Imshin | August 25, 2006 at 11:51 AM
From Russia with love... Did Russian Hackers overtake in effect Chinese Hackers in the race to reverse engineer the Skype.exe ? This time it's not a hoax or an unfulfilled promise. Here is the QtSkype4.exe. see www.skype-watch.com or http://webtown.typepad.com/webtown/2006/10/from_russia_wit.html
Posted by: tropicaljantie | jan geirnaert | October 08, 2006 at 10:23 AM