Skype can be intercepted by intelligence agencies: report

Powered by SC Magazine
 

Spooks listening in?

Unverified reports in Russian media claim that conversations over Skype can be eavesdropped by intelligence agencies which can also determine the location of users.

First reported in the Russian-language Vedomosti newspaper last week, the Federal Security Service (FSB) has had the ability to intercept Skype calls for "a couple of years" and often do so without a court warrant.

As a result, some Russian companies are banning staff from using Skype out of concern that their communications are secretly listened to.

Since Skype voice and video calls as well as instant messages are routed directly between users in a peer-to-peer fashion without a central server, and encoded locally according to the 256-bit Advanced Encryption Standard developed by the United States government, it's been assumed that eavesdropping on communications would be impossible in practice.

However, Vedomosti quotes the executive director of payments provider Peak Systems, Maxim Emm, saying that after Microsoft's purchase of Skype, it is now possible to eavesdrop on users easiliy.

According to Emm, call set ups between any user accounts can now be directed to go through a central server that generates the encryption keys that were previously created on users' devices. This allows calls and other communications to be decrypted and intercepted, Emm said.

Emm claims that Microsoft has provided this interception ability to other security services around to the world, to be used for legitimate wiretapping of communications.

Earlier this month, a US computer science graduate student, Jeffrey Knockel, worked out how Skype censors messages between users of its software in China.

Skype has been intercepting and blocking thousands of terms the Chinese regime considers politically sensitive such as Tiananmen, Amnesty International and Ferrari.

Speaking to Bloomberg, Knockel said that as part of a study project he discovered that each time users of Skype's Chinese software go online, an updated blacklist of terms is downloaded.

When an offending term is matched, Knockel said a copy of the message is sent to server operated by Skype's partner TOM in China, along with the account user name and date and time stamps, plus receipt notifications.

However, Knockel said he doesn't know if the information is shared with the Chinese government.

iTnews contacted Skype for comment on the matter, and will update the story if any is received. A Microsoft spokesperson had no comment.

Copyright © iTnews.com.au . All rights reserved.


Skype can be intercepted by intelligence agencies: report
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1021

Vote