Microsoft wiretapping Skype conversations?
Microsoft was last year granted a patent for a technology called Legal Intercept, which apparently enables Microsoft to secretly intercept, monitor and record Skype calls. But how was that possible? Skype calls are peer-to-peer (P2P) with the packets traveling across different router hops, and there should then be no way to predict exactly where the packets are going. Jennifer Caukin, Skype’s director of corporate communications answered CNET in 2008: “We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype’s peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request”. Another thing is that Skype uses 256 bit AES encryption, which is very difficult to crack. So simply capturing the packets doesn’t seem like a feasible way to wiretap Skype.
But this is not interesting any more, other than Microsoft’s patent application for Legal Intercept was filed in 2009, which was before Microsoft’s $8.5 billion acquisition of Skype. One of the first changes Microsoft has done to Skype after acquisition was to remove the Google toolbar and to overhaul the network running its Skype voice-over-IP service, replacing peer-to-peer client machines with thousands of Linux boxes that have been hardened against the most common types of hack attacks. That all sounded nice and dandy, people with fast Internet connections wouldn’t become supernodes. Skype’s peer-to-peer architecture is now totally changed and as I understand it, ready for wiretapping.
And for the 256 bit AES encryption. Not a big problem, if you have Skype RSA CA (certificate of authority) private key, which Skype/Microsoft obviously have.
So, forget about security and anonymity in Microsoft-Skype, and have also in mind that FBI is asking major US Internet companies such as Microsoft (who owns Skype), Facebook, Google, and Yahoo, to not oppose a law that will require them to build backdoors for government surveillance. FBI has drafted a proposed law that will make social networking sites, providers of VoIP services, instant messaging and email services to alter their code to ensure that they are ‘wiretap-friendly’. The law is ment as an expansion of CALEA.
Some finale words, I am very much against wiretapping as it can limit freedom of speech, but I of course also see that it can catch criminals. I’m an open person (you can see my rants on this blog and on Twitter, and my photos on Flickr and 500px), I live a very public life and have nothing to fear with wiretapping. I just dislike it.