Listening in on Skype Calls

by Dave Michels

It has long since been assumed that Skype was among the safest way to have an illegal conversation. In addition to the fact that Federal wiretapping laws didn’t apply to Skype and other Internet services, Skype’s P2P and SuperNode architecture was presumed to make it very difficult to eavesdrop.

Slate reports that:

Police forces in Germany complained in 2007 that they couldn’t spy on Skype calls and even hired a company to develop covert Trojans to record suspects’ chats. At around the same time, Skype happily went on record saying that it could not conduct wiretaps because of its “peer-to-peer architecture and encryption techniques.”…

In May 2011, Microsoft bought over Skype for $8.5 billion. One month later, in June, Microsoft was granted a patent for “legal intercept” technology designed to be used with VOIP services like Skype to “silently copy communication transmitted via the communication session.” Whether this technology was subsequently integrated into the Skype architecture, it’s impossible to say for sure…

It is perhaps unsurprising that, with 663 million registered users reported last year, Skype has come under pressure to enable interception of calls.

The overarching concern, though, is not the interception requests per se—it’s that Skype isn’t being candid about the status of its relationship with law enforcement.

In “It’s Terrifying and Sickening that Microsoft Can Now Listen In on All My Skype Calls” Forbes reports:

One of the reasons that Skype has grown so swiftly in the last 5 years was the belief by many users that the founders from Luxembourg had taken steps to make the service one of the most locked-down and encrypted services available to communicate with…

Most Skype users are still under the legacy impression that Skype communications are private — more private than even their regular old phone conversations…

If this has changed since the Microsoft acquisition, it hasn’t been overtly communicated to users.

I agree that the issue isn’t so much the wiretapping – that’s inevitable with Skype’s burgeoning number of users and traffic. The issue is if such a change was done without notification to the users. Although, it does seem surprising to see much rancor based solely on a rumor. 

Background: FBI Wants Backdoors in Facebook, Skype and Instant Messaging  (Wired)

The FBI has been lobbying top internet companies like Yahoo and Google to support a proposal that would force them to provide backdoors for government surveillance, according to CNET.

The Bureau has been quietly meeting with representatives of these companies, as well as Microsoft (which owns Hotmail and Skype), Facebook and others to argue for a legislative proposal, drafted by the FBI, that would require social-networking sites and VoIP, instant messaging and e-mail providers to alter their code to make their products wiretap-friendly.

The FBI has previously complained to Congress about the so-called“Going Dark” problem – the difficulty of doing effective wiretap surveillance as more communications have moved from traditional telephone services to internet service companies.

Under the Communications Assistance for Law Enforcement Act, or CALEA, passed in 1994, telecommunications providers are required to make their systems wiretap-friendly. The Federal Communications Commission extended CALEA in 2004 to apply to broadband providers like ISPs and colleges, but web companies are not covered by the law.

CNET reports that in addition to this push from the FBI, the Federal Communications Commission may be looking at reinterpreting CALEA to demand that video and non-telephone-replacement VoIP products such as Skype and Xbox Live be modified to include backdoors that allow FBI surveillance.

The news comes on the heels of another FBI plan that began kicking around in 2010 that would require backdoors in encrypted communication systems. That proposal, which would revisit the encryption wars of the 1990s, has failed to gather administration backing.