Skype supernodes are being centralized by Microsoft, but they deny wiretapping. But there's this patent they have to intercept VoIP phone calls...
Back in May, skype-open-source reported Skype, owned by Microsoft, had replaced user-hosted P2P supernodes with Linux grsec systems hosted by Microsoft. The shock wasn't that Microsoft is hosing Skype on Linux servers, but that centralization makes it possible to wiretap Skype communications. One big advantage of Skype has always been the decentralized and encrypted service was secure from eavesdropping.
Microsoft denies this, but the company applied for a patent on a technology called Legal Intercept to monitor and record Skype calls. Applied for before they purchased Skype, Microsoft specifically mentions intercepting calls on that service in the patent application. Conspiracy theorists now say they understand why Microsoft paid what seemed to be an unusually high price for Skype.
Supernodes also have the ability to relay the VoIP traffic if the callers cannot form a P2p connection.Anonymous on skype-open-source.blogspot.ch
After CALEA was extended to online services in 2006, Skype was legally required to implement wiretapping. They didn't, and stated they had no intention of complying with CALEA publicly, but never seemed to have been targeted by the DOJ over their non-compliance.msbarnett on news.ycombinator.com
with RSA CA private key you can generate valid RSA certs-credentials of any user. So its standard MitM-attack.Anonymous on skype-open-source.blogspot.ch
My (unfounded, optimistic) speculation is the skype acquisition was strategic positioning in the mobile market: seamless cutover to skype when your phone has WiFi.jjguy on news.ycombinator.com
Microsoft owns all of Skype...not just the GUI that users install on their device. They also own the code that encrypts and decrypts and the code that routes, copies, and manipulates data.Peter on conceivablytech.com
if Microsoft wanted to learn about technical or trade secrets of competitors communicating through Skype (say, a couple of start-up founders), now they're free to do it.hastur on news.ycombinator.com
Is that any different from using, say, Gmail or Google Apps? Not saying that Google is looking at that data but this is a problem with essentially every web-based communication tool.HarshaThota on news.ycombinator.com
Sounds like we urgently need a secure and opensource VOIP system that we can trust.Yossarian UK on skype-open-source.blogspot.ch
Skype will now go fade into oblivion because if MS does implement this, it's all over.FMHilton on conceivablytech.com
Just thinking out loud, but wouldn't it be possible to build a simple skype-addon that would look at your network traffic and be able to tell if your voice conversations were going through a supernode and not p2p. This way you would get a quick indicator of whether or not you were likely being monitored.s_henry_paulson on news.ycombinator.com
Now read this: