Tuesday, July 24, 2012
Skype Change Allows Eavesdropping Of Calls
The video calling service Skype recently made a change to how it routes calls. Hackers and bloggers are saying the changes, which push some of the video calling process onto Skype's own computers ("supernodes") instead of onto random machines on the Internet, could help the app spy on users' calls, presumably at the request of a court or government. "Reportedly, Microsoft is re-engineering these supernodes to make it easier for law enforcement to monitor calls," Tim Verry, from the website ExtremeTech, wrote last week. "In this way, the actual voice data would pass through the monitored servers and the call is no longer secure. It is essentially a man-in-the-middle attack, and it is made all the easier because Microsoft -- who owns Skype and knows the keys used for the service's encryption -- is helping." Skype, which grew out of the peer-to-peer downloading network Kazaa and how has 254 million "connected" users per month, has a long reputation for guarding the privacy of its callers. Skype calls usually are routed from one caller to another, rather than through a middleman. Chaim Haas, Skype's spokesman, refused to say if the update actually enabled the company to tap into and record Skype calls. He also would not answer questions about when the update took place or whether wiretapping was a motive.