Microsoft mum on whether it can tap Skype phone calls

By , Network World |  Unified Communications, Microsoft, privacy

Microsoft may or may not have the ability to tap Skype phone calls, but the company just won't say, and it's not clear why.

Asked a yes/no question whether it can intercept encrypted calls made over the peer-to-peer voice and video service, the company says it tries to help out with legal eavesdropping as much as it can, but won't say exactly what that means.

BACKGROUND: Microsoft patent may ruin Skype, may make VoIP spy and pry easy for gov't

"Skype co-operates with law enforcement agencies as much as is legally and technically possible," a company spokesperson says in an email response to questions about the capability. It's an answer that begs the question of whether it actually has the ability to tap calls as law enforcement agencies might request under the U.S. Communications Assistance for Law Enforcement Act (CALEA).

Asked why the company won't give a simple answer, the spokesperson responds: "It's the company position. You have our statements. That's all I can say. "

Suspicion that Skype might have means to eavesdrop on calls built in cropped up when Microsoft was issued a patent earlier this year on lawful intercept, aspects of which "relate to silently recording communications." This is done by modifying call requests so the communications path that is set up includes a node with a recording mechanism.

Beyond the issue of a built-in eavesdropping technology, the effectiveness of Skype security is also being questioned. Before Microsoft bought it last year for $8.5 billion, Skype was known for being secure through obscurity. The company would reveal nothing about the encryption it used, and governments demanded that Skype make it possible for them to listen in on the encrypted calls, and that is the current situation.

A report last year says the Egyptian government had the ability to eavesdrop on Skype calls made by dissidents during the uprisings there in 2010. It's not clear whether the government broke Skype's security or whether it had installed malware on Skype endpoint computers to capture calls as they were being played unencrypted on speakers or picked up by microphones.

As a consequence, the Electronic Frontier Foundation says to avoid Skype if security is essential and content is meant to remain private. "At this point we strongly recommend against using Skype," says Peter Eckersley, technical projects director at EFF.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Unified CommunicationsWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question