Skype's proprietary scrambling technology is purportedly the bane of electronic spies at the NSA and GCHQ, and now in a move sure to spark conspiracy theories, eBay has quietly revealed it could rip out and replace the code at its core. In a regulatory filing this week, the online auction house said it might substitute Skype's …
Just use SIP
and be done with it.....
Oh what tangled webs they weave...
NATO primes cyber defence centre in Estonia
Meanwhile, love in a warmer climate... eBay + IPO = dot.com bubble 2.0?
PLease, if you reengineer the core, at least use something *standard*. SIP seems fine to me, but the support infra structure may need to be larger and more complex. Everyhting is possible tho'. I'd love to be able to call Skype users from my SIP account.
Surely they should just ask the Austrians
"However, such software development may not be successful, may result in loss of [...] customers even if successful..."
You bet that this will cause "loss of customers". At least this one here.
Why don't they go ahead and send the master keys to the NSA headquarters directly?
I don't care what the reason is. If they were stupid enough to buy the company but not the core component of its product, then that is their problem, not mine.
... happy Friday!
backdoors, and (lack of) conspiracy theory
"UK export legislation, which forces any firm supplying encryption technology to show GCHQ the backdoor."
Well, that's what is pissing them all off. Good cryptography DOESN'T HAVE a backdoor. And as far as I know, Skype actually is using proper crypto.
So, just hearing ebay was replacing the core would set off the conspiracy theory alarms for me. But with some more of the story, to me it simply sounds like it's just the Skype founders wanting a taste, and not being happy with what they were getting. I hope these guys come to an agreement, as a libertarian I don't believe gov't should be tapping in on people's private conversations (just based on the volume of taps allowed each year it's OBVIOUSLY being abused!) and I don't want a weakened Skype allowing it to happen with them too.
Care 42 Start Again Sharing Big IDeas
"In apparent revenge, Joltid then threatened to pull Skype's licence, which would have disabled the service for hundreds of millions of users worldwide."
That is surely blatant intimidation and a form of Pretty Poor Petty Blackmail against a SMART Customer Client?
"Any possibility that the workings of the world's most popular VoIP network might be set for re-engineering is therefore likely to at least interest the folks in Maryland and the chaps in Cheltenham." .... Understatement of the Week :-)
"So perhaps the paranoiacs have good reason to suspect the bid to replace Skype's core." ...... You may have to consider that there is a race to replace Skype's cores for then are there many winners and no losers allowed/entertained.
How do you know there isn't *ALREADY* a backdoor in Skype, if you haven't read the Source Code? All this rumour-mongering could be a cover-up. It's not as if the security services don't cover stuff up.
Rule Number One for choosing security software is: Always read the Source Code.
Rule Number Two for choosing security software is: If the vendor won't show you the Source Code, the software is shit.
Oh, and come the next election, I'll vote for whichever party is going to disband GCHQ.
@ A J Stiles
"Oh, and come the next election, I'll vote for whichever party is going to disband GCHQ."
Become a candidate and stick that on your manifesto and I'll move just so I can vote for you.
if there was any chance of a party winning a majority with that on their manifesto then i'm sure the brakes would suddenly become much less reliable on cars owned by certain people
Hey, why dont Skype...........
team up with Etisalata in the UAE, they like playing at spying , lol.
Title Goes Here
Uncrackable skype tech my arse. (NPI)
The real story here is that Ebay paid $2600,000,000.00 for Skype and didn't get all the bits needed to make it work.
If any Ebay shareholders are reading this, I'm doing great deals on Wicker men, delivery to the Annual shareholder meeting can be arranged.
Abolish GCH? Got My Vote!
Maybe I'm wrong but the more I hear about the activities of the secret services & GCHQ & the NSA in the media the more they seem like vast money pits which are nowhere near as good or as useful as we're led to believe. MI5 failed to stop both the Omagh & July 7th bombers, despite having tabs on them. They seem good at stopping non-existent terrorist plots though. Everything they do is hush-hush & subjected to extremely limited scrutiny (we often have to take 'their word for it'). They are almost certainly involved in spying on domestic political activists & opponents of the govenment. Indeed, the existence of such a shadowy group could be seen to undermine the democracy we espouse to live in. I know from reading & seeing stuff in the media that MI5 has an uneasy relations with those in power (e.g. rumours of coups in the 1970s, supposedly recording conversations between John Major & the Irish PM during the peace process, etc.). I understand the need to have someone in the shadows to keep watch, but I do draw the line at the Stasi-level of surveillance that the Interception Modernisation Programme represents. I hardly believe that it would be used solely for crime & anti-terrorism purposes. The suggestion in the Communications Data Bill that each internet subscriber must have a unique ID number almost certainly means the state wants to build a profile of our online habits. Perhaps they want to identify those lone nutters who surf all day in the bedroom visiting race hate and jihadist websites. If this ever came to pass people should probably be a lot more careful about what they view online (not an idle threat- it would be easy to mistake innocent behaviour for suspicious, in my local paper today someone taking photos was warned off by a security guard). In the end I can't see why the NSA, etc. have to have backdoors into our private communications. The less visible we are to the state, the free we are.
"However, such software development may not be successful, may result in loss of functionality or customers even if successful, and will in any event be expensive," ...
eBay programers developing anything that is not "clunky" will be a first. Me thinks it's all smoke and mirrors in eBay's latest stoush with Skype's developers. More of Donahoe's spin, spin, spin!
But it is nice to see someone jerking eBay around, instead of the other way round, for a change, eg:
For anyone who buys anything on eBay, a detailed case study of shill bidding and the abuse of eBay’s proxy bidding system—all exacerbated by eBay’s introduction of “hidden bidders”—plus a detailed general criticism of eBay’s “clunky” auction platform, at
Funny timing on this, shortly after the Russians complain about Skype being too secure the original creators of the crypto suddenly start making it hard for people to use the software.
Hmmm, makes you wonder...
Mines the blue one with matching hat and blank mask.
Port Hopping and Revenue Leakage
It's not really the encryption of Skype traffic that makes it difficult to eavesdrop on; it's the software's excellent "port hopping" technology.
A Skype call will continuously "hop" ports on the telco side, replacing one call with another. The effect being that while you can find and listen to any particular call on Skype, it is very difficult to relocate after it has "hopped".
The NSA "bounty" is also a funny joke. Several companies tied up in the US warraentess wiretapping scandal had sold he NSA Skype eavesdropping tech years before the "bounty".
As I said the encryption really isn't that strong and the Skype's port hopping algorithms were broken years ago. The NSA just want to keep up the ruse that people using Skype are "safe" so they don't have to buy a bunch of new kit.
My admittedly incomplete knowlege of Skype p2p makes me wonder if the real problem for law enforcement is not proprietary technology as such but the nature of p2p networking - and could be true for any kind of p2p telephony, not just Skype!
Although encryption keys take years to break, they can easily be obtained if the parties concerned are willing. Difficult perhaps, with the different jurisdictions, but not impossible.
It should aso be relatively easy to identify skype p2p traffic among all the ordinary web pages and email etc, using modern deep packet inspection devices.
However, p2p connections that do not pass through central switching nodes in any predictable manner as they do with ye olde SS7 PSTN, make it difficult or impossible for law enforcement agencies to access the traffic in the first place!
In order to achieve traffic access it would be necessary for law enforcement to have access to the end points (ie user PCs or whatever) or to have access to internet routers on the path between the end points.
Suspect end users are very unlikely to comply with installation of spy software of course, and what are the chances likely acceptability of governments forcing everyone to accept Big Brother access to their PCs?!
An alternative would be to have access to internet routers in the end to end path - but that would have to include those in other countries!
International cooperation in snooping anyone?
I suppose law enforcement could force router makers like Cisco to allow back doors for law enforcement hacking - but then they would just lose their markets to alternatives such as Huawei
Conclusion: Internet = major law enforcement problem.
It's wide open
The back door is on the Skype server. From there all calls and chats can be monitored.
But who would protect us from then terrorists then.
P.S. ALL encryption is crackable, its just a question of how long it takes. So if you send a message that the revolution starts in 5 days time, and it takes you opponents 6 days to decipher the message, then your form of cryptology is secure.
@ Field Marshal Von Krakenfart
"P.S. ALL encryption is crackable, its just a question of how long it takes" -- not true at all.
Here's a message that has been encrypted using a one-time pad: AAAAA AAAAA AAAAA AAAAA A.
You don't know whether it says "ATTACK THE BRIDGE AT DAWN", "DEFEND THE FORT AT SUNSET", "MY DAUGHTER HAS THE PILES" or something else altogether.
Regarding the NSAs alleged bounty - there is no way on Gods verdant earth that is anything but counter intel. If you have a couple of billion going spare do you :
a) spend it cracking a swiftly updated crypto algorithm; or
b) bribe/blackmail the people that work on it?
To think that the NSA don't have human resources working for Skype is unbelievable. A change in tech is therefore not of great importance to the NSA et al. The shareholders may be jittery tho!
Ofc if you're of the paranoid persuasion you just encrypt your voice chan before throwing it through Skype giving them double the trouble. Yes, it'll be crackable, but my word they'll need some CPU time which takes away resources from other tasks. Presuming you aren't some lone psycho (in which case who the hell are you calling?) you get a bunch of people to make duff calls at the same time using double encrypted calls and you have a lot of noise giving you some nice cover.
Ok, I'm off to phone my mates about blowing some **** up...
I just spent £4 on Skype to a mate abroad.
A far more secure alternative would have been popping over on Ryanair. Would have been half the price, too.
The one with the home-printed boarding card.
AFAIK, skype traffic does not pass though skype servers unless its going out to the PSTN via skype out. The rest of the time they just control logging in.
Probably the best place for law enforcement access is at the broadband DSLAM that terminates your DSL line, or at the gateway router of your ISP.
Just maybe GCHQ already have that..........?
(but I doubt it)
All Ur phone calls R belong to....the guys we bought skype off
I alway thought ebay were just idiots that got lucky...this kinna proves me right.
its like......you know what. there isnt a similie stupid enough to use!
in the whole skale of thing they bought nowt! (except the grief of the NSA and GCHQ)
Ebay versus Skype founders
This is a toughie.... I hate ebay with a passion because it's shit, they rip people off, there's blatant shilling going on uninterrupted, Paypal is shit, etc... etc... etc...
However, I also dislike the Skype founders because they got filthy rich from just writing a VoIP app - it's not as if they came up with the idea of VoIP in the first place. They also annoyed me with Kazaa, and continue to annoy me with Joost.
I dunno who I want to win this fight... I think I wan't neither of them to win.
Can we have a Nelson icon cause I did a "Ha ha" when I read that ebay bought Skype without the best bits.... that $2.6billion looks like it'll go down in history as one of - if not the - worst decisions on the internet.
@A J Stiles
Seems to me your encrypted message says "I've just shut my fingers in the car door".
Scum-sucking Bottom Dwellers
I hope the creepos at the NSA & whoever the pommy pricks are, get nothing
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Hands on Satisfy my scroll: El Reg gets claws on Windows 8.1 spring update
- Video Snowden: You can't trust SPOOKS with your DATA
- 166 days later: Space Station astronauts return to Earth