The latest beta version of Skype has been well received by enthusiasts, but one important new feature has so far been ignored -- the program is now much harder to block.
The development signals another round in the small but fierce war between Skype's designers, and the growing band of security companies that sell products to block the software on corporate networks.
According to iPoque, a German company that ranks as one of only a tiny number that claim to stop Skype using traffic analysis, the beta of version 2.5 had been overhauled in important ways by its designers to make detection more difficult.
Company CEO, Klaus Mochalski, confirmed that the anti-Skype filter used on the company's PRX Traffic Manager PRX-250 would have to be revised to take account of the changes, which had only come to light with the beta's release this week.
"Skype has changed the connection setup procedure enough to circumvent our current filter implementation. We are currently working on a solution," he said.
"The only thing we already know is that not only the protocol has changed, but it is also more difficult to identify." His company would be producing a work-around for customers as soon as possible.
The market for Skype filtering products is motivated by a number of concerns. Some worry about the program's ability to set up encrypted tunnels allowing VOIP calls, file transfers and instant messaging sessions, all of which are undetectable without filtering. Others have pointed to its tendency to hog bandwidth in unpredictable ways, even when not in use.
As with any software, it suffers from its own security vulnerabilities too.
Two months ago, researchers Philippe Biondi and Fabrice Desclaux published a document for the Black Hat conference which outlined the highly complex and devious nature of the software.
Among a number of worries highlighted was the difficulty of probing the software in the event it became prey to subversion by a Trojan or other malware.
With dry understatement, the pair conclude that Skype use on a network made a proper network security policy "hard to enforce."