Microsoft was recently granted a patent for a technology called Legal Intercept, which apparently enables Microsoft to secretly intercept, monitor and record Skype calls. I'm skeptical. Many Skype calls are peer-to-peer (P2P) with the packets traveling across different router hops. There's no way to predict exactly where the packets are going.
Of course, if you know the target user's ISP, a government entity could put a packet capture device at the ISP where all the user's traffic goes first. However, Skype uses 256 bit AES encryption, which is very difficult to crack. So simply capturing the packets doesn't seem like a feasible way to wiretap Skype. Unless Microsoft's patent involves remotely turning off the encryption within the Skype client, I just don't see how this would work. Of course, this would be classified as a "back door", which Skype users won't be happy about.
According to Computer World, Microsoft's patent application for Legal Intercept was filed in 2009, which is before Microsoft's $8.5 billion acquisition of Skype. The patent was apparently granted last week. The abstract description of the patent doesn't really explain how exactly Microsoft intercepts peer-to-peer Skype traffic, but perhaps this patent only covers when Skype calls touch the PSTN? Here's what the abstract says:
Aspects of the subject matter described herein relate to silently recording communications. In aspects, data associated with a request to establish a communication is modified to cause the communication to be established via a path that includes a recording agent. Modification may include, for example, adding, changing, and/or deleting data within the data. The data as modified is then passed to a protocol entity that uses the data to establish a communication session. Because of the way in which the data has been modified, the protocol entity selects a path that includes the recording agent. The recording agent is then able to silently record the communication.
Later in the patent application it mentions Skype and reads:
As mentioned previously, traditional techniques for silently recording telephone communication may not work correctly with VoIP and other network-based communication technology. As used hereafter, the term VoIP is used to refer to standard VoIP as well as any other form of packet-based communication that may be used to transmit audio over a wireless and/or wired network. For example, VoIP may include audio messages transmitted via gaming systems, instant messaging protocols that transmit audio, Skype and Skype-like applications, meeting software, video conferencing software, and the like.
So the patent application points to the unique challenges of recording VoIP conversations, but doesn't explain how Microsoft solves these challenges. Also, in reading the entire patent, it isn't Skype specific, but mentions any VoIP offering. Perhaps this patent only involves capturing VoIP when it touches the PSTN, which is much easier to wiretap than P2P Skype calls with 256-bit AES encryption. But there are already patents and techniques going back decades for wiretapping calls that touch the PSTN. I just don't get it. The patent application mentions diagrams and images, which would have been helpful, but they wouldn't load for me. If anyone else has any insights, post a comment.