Microsoft Sends Open Source Skype Developers DMCA Takedown (And It’s Not Their First)

Microsoft has sent series of takedown notices to a team of independent developers working to reverse engineer the company’s video chat service Skype, though it appears that the company’s proprietary source code was never leaked.

“Skype can confirm that a DMCA request was sent, and that Skype takes necessary steps to prevent and block those hacking Skype’s copyrighted files for illicit purposes,” said Adrian Asher, director of product security for Skype.

“In this case the DMCA notice was issued in relation to a modified version of a Skype binary, hosted on Github. Skype takes its users’ safety and security seriously and we work tirelessly to ensure each individual has the best possible experience.”

But the developers working on the open source project, which is hosted on GitHub, say they never had access to the Skype source code. According to Ilya Petrov, one of the developers, the project had made available a version of the publicly-available Skype binary which had been modified to assist with reverse engineering the protocol.

“We do not have any interest in distributing stolen or leaked sources,” he told Tech.li in an email message. “[The only] code we have is based on reverse-engineering of [the Skype] binary done by us and other people.”

The open source Skype project’s source code is unavailable following the takedown, but Petrov said that their efforts would continue.

In the most recent takedown request, a Microsoft representative asked the developers take action to remove the unauthorized copy of the client, noting “a good faith belief that none of the materials or activities listed above have been authorized by Microsoft, its agents, or the law.”

Microsoft has sent takedown notices to the same developers on several previous occasions. The Digital Millennium Copyright Act, under which the request was sent, allows only very narrow exceptions for the purposes of reverse engineering.

Skype, which was purchased by Microsoft last year, has also caught flak this week for an address security flaw that has apparently been known — but not addressed — since 2010.

Image: Skype, Microsoft
Jon Christian: Jon Christian is a Boston-based reporter and blogger, particularly interested in the intersection of technology, civil rights and culture. At Tech.li, his beat encompasses Google, cloud and ultra-portable computing, haptic/cyberpunk/brain-in-a-tank news, and other cool stuff in the tech world. Tip him off at: Jon.Christian@Tech.li.