Chinese snoop on Skype, but are they alone?
A Canadian researcher has discovered that a Chinese version of eBay's Skype communications software snoops on text chats that contain certain keywords, including "democracy."
The revelation is not only of interest to rights groups that monitor Internet censorship. The discovery also likely intrigues law enforcement and intelligence agencies in other countries, because they have been bothered by the growing use of Skype, which claims 338 million users across the world.
By its very nature, Skype is difficult to wiretap. Skype routes calls and chats between computers over the Internet, avoiding traditional phone networks. And the contents are supposedly encrypted, raising concerns in law enforcement that Skype could let criminals to communicate without fear of eavesdropping.
The FBI has argued for applying US wiretapping law to Internet phone calls. The bureau got a favorable court ruling in 2006, but it's not clear whether it applies to systems like Skype that skip telephone networks.
In the other camp, privacy advocates and security experts are concerned that Skype, while presented by the company as a secure channel of communication, has some kind of "back door" that allows eavesdropping. Whether Skypetapping is already going on in the US and Europe is a matter that the company has equivocated on for years.
"For a couple of years, maybe more, people have had the suspicion ... that Skype pretends to be secure but actually isn't," said Bruce Schneier, the chief security technology officer of BT Group PLC, the British telecom carrier.
"The Chinese eavesdropping on Skype text messages only adds to the PR problems, the image problems, that Skype has among those who care about security," Schneier added.
On Wednesday, Nart Villeneuve at the University of Toronto revealed that a Chinese version of Skype's application is being used for wholesale surveillance of text messages.
The software is distributed by Skype's Chinese partner, Tom Online Inc. Skype has acknowledged since 2006 that this version looks for certain sensitive words in text chats, and blocks those messages from reaching their destination.
What Villeneuve found was that the Tom-Skype program also passes the messages caught by the filter to a cluster of servers on Tom's network. Because of poor security on those servers, he was able to retrieve more than a million stored messages. The filter appears to look for words like "Tibet," "democracy" and "milk powder" — China is in the throes of a food scandal involving tainted milk.
This directly contradicts a blog posting on Skype's Web site, which says that the software discards the filtered messages, and neither displays nor transmits them anywhere.
A Skype spokeswoman was not available for comment Thursday. Skype has earlier given contradictory statements on the eavesdropping issue.
It has told The Associated Press that it "cooperates fully with all lawful requests from relevant authorities." But when asked by CNET's News.com in June whether it could accommodate a wiretapping request, it said it could not, because of the way its system works: Skype calls are encrypted, and only the two computers at each end have the keys to decrypt them.
Yet both Schneier and Simson Garfinkel, an associate of the School of Engineering and Applied Sciences at Harvard University who has studied Skype's security, believe it would actually be trivial for the company to listen in on conversations.
"I can think of five or six different ways to eavesdrop on Skype. It's not that hard if you are the Skype company and want to provide legal access to law enforcement," Garfinkel said.
It's unclear whether Skype has an obligation to help law enforcement under US law. Peter Swire, who served as the Clinton administration's privacy czar for two years and is now a professor of law at Ohio State University, said that while he knows of no US court ruling that has required Skype to comply with wiretapping requests, it's conceivable that the company is voluntarily cooperating with law enforcement.
Skype told News.com that it had not received a subpoena or court order to perform eavesdropping.
Yet German technology site Heise Online reported in July that Austrian officials claimed to be able to listen to Skype conversations. The relative quietness of the law enforcement community on the issue in recent years could be the result of such cooperation.
- 2 Watch the Supermoon live: How to see the brightest Moon of the year tonight
- 3 Hulk Hogan wants to be Donald Trump's running mate in the US Presidential election
Caitlyn Jenner car crash: Driver who died in collision sued by surviving passengers for $18.5m
Watch the Supermoon live: How to see the brightest Moon of the year tonight
Hulk Hogan wants to be Donald Trump's running mate in the US Presidential election
Blood Moon and Supermoon: September to bring brightest – and dimmest – full Moon of the year on same night
Turkey duped the US, and Isis reaps rewards
Climate change: 2015 will be the hottest year on record 'by a mile', experts say
'Women only' train carriages: Jeremy Corbyn unveils radical move to tackle public harassment
Black holes are a passage to another universe, says Stephen Hawking
Iain Duncan Smith 'should resign over disability benefit death figures', says Jeremy Corbyn
Tony Blair attacks Jeremy Corbyn's 'Alice In Wonderland' politics
Theresa May says migrants should be banned from entering the UK unless they have jobs lined up
£28000 - £37000 per annum: Recruitment Genius: This is an opportunity to join ...
£22000 - £29000 per annum: Recruitment Genius: This company's mission is to ma...
£13832 per annum: Recruitment Genius: This 5 star leisure destination on the w...
£20000 - £32000 per annum: Recruitment Genius: A Sales Account Manager is requ...