It is generally assumed that Skype calls cannot be tapped and since the company uses 256 bit encryption Skype calls are twice as secure as many internet credit card transactions. According to this story, Kurt Sauer, Skype’s chief security officer says, there are no "back doors" that could let a government bypass the encryption on a call. At the same time, he said Skype "cooperates fully with all lawful requests from relevant authorities." He would not give particulars on the type of support provided.
So if the government has an IP address of a person on a Skype call and the cooperation of the ISP they are able to record all packets going to that address. They may even be able to do this without proactive ISP cooperation. At this point, since they have Skype’s help, they may be able to unencrypt the call. In theory they could also ask Skype to send duplicate voice packets destined for specific callers to a government agency.
So while many view VoIP as a technology that makes the government’s job more difficult, it may actually make it easier in certain cases. After all, IP makes it easier to record remote call center agent conversations, the same thing can be true of wire tapping.
Since Skype is now owned by eBay I can’t imagine a scenario where they aren’t giving the government the keys to their encryption system. After all CALEA may not apply officially to Skype calls that stay on network but Skype would likely still comply or risk major government problems.
Skype Eavesdropping
The opinions and views expressed in comments, blogs, etc. are those of the authors alone and not necessarily those of TMC, TMCnet, or its editors. TMCnet reserves the right to edit, delete, or otherwise make changes to the content that appears on these pages at its own discretion and as it deems necessary.
| 
3 Comments
| 0 TrackBacks
Categories:
Technorati
Del.icio.us
Slashdot
Digg
twitter- Related Entries to Skype Eavesdropping
- Skype Foiling German Police - Nov 23, 2007
- Ooma Hysteria - Jul 19, 2007
- Ban Skype - Nov 10, 2005
- Skype Soap Opera Update - Oct 15, 2009
- FBI Director Almost a Phishing Victim - Oct 13, 2009
- Rich Tehrani's Favorite Tech Tools - Oct 06, 2009
- Skype Experiments with Ads, Finally - Oct 06, 2009
- Skype's Enterprise Assault - Sep 28, 2009
- AT&T, Google, The FCC and Net Neutrality - Sep 28, 2009
- JoltID Files Injunction Against Skype - Sep 16, 2009
Listed below are links to sites that reference Skype Eavesdropping:
Skype Eavesdropping TrackBack URL : http://blog.tmcnet.com/mt/mt-tb.cgi/23207
You say that Skype could send duplicate packets to the government. I wonder how could it do it? If the end-poins are doing it then the targets will discern the duplication and hence can easily infer that evesdropping is on. An intermediary point can't do it. Since the intermediary points are also Skype clients, they will discern that evesdropping is on. Additionally, the end-points can observe that the packets are not going directly between peer-to-peer (the destination IP address is not the same as that of the far-end) and hence infer that evesdropping is on.
I was thinking the endpoints would do this and I suppose a sophisticated user would be able to figure out this was happening. Of course they would have to know to look for duplicate packets or run a program that detects this is happening.
We cannot trust in a closed-source software and protocol like skype. I think secret agencies have already made skype become an eavesdropping factory. Now, everyone knows that it's cheaper to dial your friend's cell phone using skype than if you dialled by your own cell. So they make people used to VoIP and it'll be easy for the agencies to wiretap everything.
Bulid own networks, own encryptions. Do not let the system get you!