Brad from the 'Twilight in the Valley of the Nerds' blog emailed me to say he read my Joltid article, including the comments from Julian Cain, a former Kazaa employee, where Julian commented that Niklas Zennstrom and Janus Fris can remotely shut down Skype by remotely revoking the cryptographic keys.
In my article, Cain wrote in the comments section:
I worked on Kazaa at the same time Skype was being developed in the labs at Joltid.Scary indeed. While Skype could be shut down I would think Skype would negotiate before it gets to that level. But perhaps Niklas's "asking price" is too much? The alternative is for Skype to develop something in-house and get around the licensing issue. Well, Brad spoke with Julian Cain and gave some additional insights, including the fact that eBay can't simply replace the Joltid code.
There is a history of this greed so let me lay it out:
Kazaa was built as a client on top of a p2p library named FastTrack.
Joltid which was known as "consumer empowerment" at the time licensed the FastTrack p2p stack to Grokster. Having said that the Kazaa client was made brand-able. The 3 guys that built the original FastTrack library did not use proper Cryptographic code at the time and decided to build their own because Nick and Janus wanted the protocol to be protected so they could build the empire. Now back to Grokster, this same thing happened to them but it was supposedly due to default payment for the FastTrack license. In this case both parties denied what really happened and we do not know the real truth to this day.
Here are some facts:
The FastTrack p2p library has built in code functions to disable encryption, much like revoking a signed key, just using really bad crypto code. The end result is an inoperable p2p library.
Skype wasn't built directly from the FastTrack p2p stack, it is another source tree/ project and uses PKI properly instead of home grown crypto code.
Joost wasn't built from the FastTrack nor Skype source tree, it too is another project.
So what we have here is very simple, Joltid doesn't and never has sold their p2p code to anyone, ever. I tried to make this public to ebay at the time of acquisition but as the first poster said it was a "rushed decision" so nobody cared.
This is a trend with Zennstrom and it is how he wins every time.
Lastly, I personally believe that they can take Skype off the internet remotely as they did to Grokster and since they did it to a very large audience I don't see why this case is any different from the first.
Conclusion: Buyer beware and don't lease software that can be disabled remotely by the vendor. Also, never purchase or lease software that is self encrypted, compressed or obfuscated because it's not intellectual property that is being hidden, it's always something else, and I say this because I can circumvent their "binary protection" code and what I have seen is nothing short of scary.
Yikes! If true, the only alternatives are to fight in court against Joltid and win or settle with Joltid."Ebay, Inc. is not building their own technology to replace SkyLib as it's a technical impossibility without starting over again from GUI to guts."
Even scarier, here's what Cain told Brad: (make sure to read whole article too)
Ebay, Inc. and Joltid, Inc. are keeping a lid on the infraction. Nobody is reporting anything because they do not know the details. In fact, they (Joltid) were here in the USA last week in California, but have since departed.
But to answer your question (about whether Skype could be brought down remotely by Joltid), yes, they have the technical ability to revoke the rights of the SkyLib (a cross-platform library written in C++ that underlies the functionality of Skype on all client platforms) remotely. Joltid CAN inject algorithms into the SkyLib ad-hoc overlay network remotely. What they did with Grokster was not advanced and also didn't use cryptographically secure methods, as they were home rolled. SkyLib does, however, use a proper PKI.
The question you must ask yourself is this: Did Joltid, Inc. hand over their Root Certificates with the acquisition of the Skype Client? No, they did not.
This is a political agenda and not what you might think.
So let me get this straight - Skype was purchased by eBay for roughly $3 billion and then sold to a buying consortium for roughly $2.75 billion. I thought it was crazy when eBay bought Skype for $3 billion and I think it's even crazier for this buying consortium to buy Skype knowing that Joltid could shut Skype down. Who gambles with $2.75 billion with the possibility of that money being wasted? Nobody and I mean NOBODY is that stupid or wasteful with money.
What's that you say, Chuck Norris? You disagree? Oh, I forgot about the $700 billion bailout, $410 billion omnibus spending bill, and the other recent government bailouts. My bad, Chuck - I forgot about Congress. Besides, who am I to disagree with Chuck Norris.