Was Skype reworked by Microsoft to make it easier to wiretap?

By , ITworld |  Cloud Computing, Microsoft, Skype

Skype supernodes are being centralized by Microsoft, but they deny wiretapping. But there's this patent they have to intercept VoIP phone calls...

Back in May, skype-open-source reported Skype, owned by Microsoft, had replaced user-hosted P2P supernodes with Linux grsec systems hosted by Microsoft. The shock wasn't that Microsoft is hosing Skype on Linux servers, but that centralization makes it possible to wiretap Skype communications. One big advantage of Skype has always been the decentralized and encrypted service was secure from eavesdropping.

Microsoft denies this, but the company applied for a patent on a technology called Legal Intercept to monitor and record Skype calls. Applied for before they purchased Skype, Microsoft specifically mentions intercepting calls on that service in the patent application. Conspiracy theorists now say they understand why Microsoft paid what seemed to be an unusually high price for Skype.

Technical details

Supernodes also have the ability to relay the VoIP traffic if the callers cannot form a P2p connection.
Anonymous on skype-open-source.blogspot.ch

After CALEA was extended to online services in 2006, Skype was legally required to implement wiretapping. They didn't, and stated they had no intention of complying with CALEA publicly, but never seemed to have been targeted by the DOJ over their non-compliance.
msbarnett on news.ycombinator.com

with RSA CA private key you can generate valid RSA certs-credentials of any user. So its standard MitM-attack.
Anonymous on skype-open-source.blogspot.ch

Microsoft

My (unfounded, optimistic) speculation is the skype acquisition was strategic positioning in the mobile market: seamless cutover to skype when your phone has WiFi.
jjguy on news.ycombinator.com

Microsoft owns all of Skype...not just the GUI that users install on their device. They also own the code that encrypts and decrypts and the code that routes, copies, and manipulates data.
Peter on conceivablytech.com

if Microsoft wanted to learn about technical or trade secrets of competitors communicating through Skype (say, a couple of start-up founders), now they're free to do it.
hastur on news.ycombinator.com

Is that any different from using, say, Gmail or Google Apps? Not saying that Google is looking at that data but this is a problem with essentially every web-based communication tool.
HarshaThota on news.ycombinator.com

Next steps

Sounds like we urgently need a secure and opensource VOIP system that we can trust.
Yossarian UK on skype-open-source.blogspot.ch

Skype will now go fade into oblivion because if MS does implement this, it's all over.
FMHilton on conceivablytech.com

Just thinking out loud, but wouldn't it be possible to build a simple skype-addon that would look at your network traffic and be able to tell if your voice conversations were going through a supernode and not p2p. This way you would get a quick indicator of whether or not you were likely being monitored.
s_henry_paulson on news.ycombinator.com

For the latest IT news, analysis and how-tos, follow ITworld on Twitter, Facebook, and Google+.

Now read this:
Developer declares 'I am done with the Freemium Business Model'
Khan Academy offers JavaScript as their first computer language
Study says Facebook profile can predict job performance

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Cloud ComputingWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

Ask a Question
randomness