Can Skype Wiretap?
Posted on 2nd Aug 2012 @ 12:30 PM
Skype has become a leader in communications technology, with the video chatting service becoming more and more popular every day. And they recently announced that they would be changing the way their video calls are routed. How does that affect you, the consumer?
Well, according to several hackers and bloggers on the internet, the new changes to the routing technology will actually make Skype calls more vulnerable towiretapping, which can come from anywhere, including law enforcement. The major change to the system will be that instead of routing video calls through random computers on the internet, calls will be routed through Skype’s own servers, making them more vulnerable. It is believed that this was done at the request of the government for law enforcement purposes.
Tim Verry, a poster from the website ExtremeTouch, released a statement about the changes online: “Reportedly, Microsoft is re-engineering these super nodes to make it easier for law enforcement to monitor calls by allowing the super nodes to not only make the introduction but to actually route the voice data of the calls as well,”. A super node are is a third party computer that acts as a kind of router for making video calls or transferring other data online.
“In this way, the actual voice data would pass through the monitored servers and the call is no longer secure. It is essentially a man-in-the-middle attack, and it is made all the easier because Microsoft — who owns Skype and knows the keys used for the service’s encryption — is helping.”
Other news outlets, including Forbes and Slate, picked up on the discussion. Forbes says there is “tremendous buzz” in the hacker community on this topic.
The problem? It’s unclear what exactly changed, and a Skype spokesman contacted by CNN for clarification would not release more than a pre-written statement.
Chaim Haas, the spokesman, would not say, for instance, if the update actually enabled the company to tap into and record Skype calls. He also would not answer questions about when the update took place or whether wiretapping was a motive.
“As part of our ongoing commitment to continually improve the Skype user experience, we developed super nodes, which can be located on dedicated servers within secure datacenters,” the statement from Skype says. “This has not changed the underlying nature of Skype’s peer-to-peer architecture, in which super nodes simply allow users to find one another.
“We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.”
Skype, which grew out of the peer-to-peer downloading network Kazaa and how has 254 million “connected” users per month, has a long reputation for guarding the privacy of its callers. Skype calls usually are routed from one caller to another, rather than through a middleman.
“Historically, Skype has been a major barrier to law enforcement agencies,” writes Ryan Gallagher at Slate. “Using strong encryption and complex peer-to-peer network connections, Skype was considered by most to be virtually impossible to intercept.”
For technical reasons, this meant that Skype actually could not comply with an order to wiretap a particular Skype user’s conversations, a spokeswoman told the tech news site CNET in 2008. “We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications,” the spokeswoman said. “In any event, because of Skype’s peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request.”