No Skype traffic released to cops or spooks, insists Microsoft Microsoft's Skype subsidiary didn't hand over any user content to law enforcement, according to the software giant's first ever report on how it deals with official requests for data. As previously reported), Microsoft's transparency report revealed that Redmond received 75,378 requests from law enforcement agencies worldwide …
Yes the security services can magically plug into skype, the point to point service...
Lots of ways in which you theoretically get access. Reroute traffic from a Skype super node, backdoor the code so you can jack into a session in progress at source or target (transit is harder because traffic can switch routes), use Skype as a launch platform to import all sorts of other "features" on demand (helped by the fact that lots of people leave Skype running)...
Another case of " Don't piss down my back and tell me it's raining."
The likes of the CIA and MI5 are not Law Enforcement agencies. I wonder what the numbers of inquiries relating to security services are and how many of those were refused? Not many I'll bet!
When someone bigger and tougher than you has easy access to your back door I suppose you just have to bend over and be their bitch!
"We have turned over no customer data to law enforcement.
<sotto voice>... because all data, once it hits our service, is no longer customer data; it belongs to us.</sotto voice>"
I in no way assert this is the case with Skype and Microsoft - I just observe that these are the sorts of semantic games Big Corporations play. This could just as easily apply to Apple, Google, or anybody else.
* To run a bank and burglar it
* To start a war on a pretext
* To organize terrorism aimed against "Axis of evil" states
But don't you dare to use Skype to
* Organise a protest against the banker-robbers
* Organise a protest against ethnic cleansing and Apartheid by a certain state
Skype is essentially as secure as using a HF ham radio and talking to someone in Rome while sitting in London. I am sure they can only operate in Russia because the Russians have the master key to ALL traffic. And the same is with all other nation states, of course.
If you dear shills want to disprove my claims, then please ask your paymasters in Redmond to publish a Whitepaper on how Skype crypotology actually works. So far all we know is that they use some obfuscated crap that is modified DES. We don't really know how they distribute keys, how they properly authenticate and most important, how Lawful Interception actually works.
If you, dear shills, tell me that "the technique of lawful interception is secret", then we simply have to assume you leak the key to "everybody who potentially needs to know". As you are a commercial entity, I have to assume you simply XOR the session key with a constant and then slowly insert that into the bitstream. The only real security being the specification how the session key is leaked. In other words, a determined hacker will get access, too.
"The software giant explained that its practice is to require a valid subpoena or equivalent document before releasing non-content data and a court order or warrant before turning over content"
I thought Skype used end-to-end encryption?
"All Skype-to-Skype voice, video, and instant message conversations are encrypted. This protects you from potential eavesdropping by malicious users."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
