Skype No Longer Willing To Claim That Its Calls Are Untappable By Law Enforcement
from the well-now... dept
For years, we’ve noted that various governments have sought to be able to wiretap Skype — and the company has always insisted that its peer-to-peer architecture made it impossible. Last year, however, some hackers suggested that there was now a backdoor in Skype. And now when a reporter for Slate, Ryan Gallagher, is pushing the company on this issue, it refuses to make a clear statement onto the ability to wiretap Skype calls. You can draw your own conclusions.
It is, of course, possible that this is just the tighter-lipped way of Microsoft, now that the software giant owns Skype, but it certainly is raising questions for those who believed that Skype was a safe way to hold conversations away from the ears of increasingly intrusive government surveillance. It seems like there’s new incentive for others to work on truly secure voice communications.
Filed Under: privacy, skype, wiretapping
Companies: microsoft, skype
Comments on “Skype No Longer Willing To Claim That Its Calls Are Untappable By Law Enforcement”
Alternatives?
I understand Jitsi in combination with XMPP(Jabber) can do encrypted end-to-end connections, mostly for text but I think voice is available. I think TorChat utilizes the Tor network for increased privacy.
I’ve heard good things about Asterisk VOIP software, but I don’t know much about it…
Been casually keeping an eye out for secure communication tools over the years, that’s about the best I can come up with. Any other ideas?
Re: Alternatives?
“I’ve heard good things about Asterisk VOIP software, but I don’t know much about it…”
I can inform you on this point.
First of all, Asterisk is not a VoIP client. Asterisk is a software implementation of a PBX. Put simply, what it does is receive calls (usually VoIP calls, though, with the appropriate hardware, you could also handle calls from the telephone network) and forward them to an appropriate destination.
For example, you could implement an asterisk dialplan (a funny work for “script”) where, when callers dial in, they are greeted with a voice prompt that says “Press 1 to go to Tech Support, Press 2 to go to sales…” (you get the picture).
And then, when they, for example, press 1, they are sent to a queue (where they get to listen to loud music and voice prompts that reassure them that “your call is important to us”), until they are eventually picked up by a human. Call proceeds normally from then on. This is just a simple example. The call manipulation possibilities Asterisk offers are virtually endless.
I, personally, have some experience with it, having used it at work to implement a call center for a small operation – a painful experience, mind you, but a rewarding one, since I knew next to nothing in regards to VoIP.
In my experience, I’ve learned that documentation is scarce, and configuration is somewhat painful. The way some of its features are implemented sometimes seem archaic and not at all flexible, making you have to jump through hoops to do something that should have been simple. But it is light on resources and gets the job done rather well after it is up and running.
Asterisk has a bunch of interesting features for call centers and telephone networks in general, but I doubt end-users would be interested. Unless you want to build a VoIP network of some sort from the ground up to replace Skype’s network, Asterisk is not for you. And even if you are, there is probably software out there that is better suited for such things.
Re: Alternatives?
The whole group is called “softphones” you can search for it.
http://www.voipsupply.com/blog/free-sip-softphone-roundup
https://en.wikipedia.org/wiki/Softphone
Just pay attention to the “encryption”
https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol
And how the keys are negotiated, if it depends on third parties that can be tapped and bugged, if you have to give the key to someone personally that is the secure option.
https://en.wikipedia.org/wiki/ZRTP
The ways that don’t need “trusted third parties” to manage keys are the best bets.
https://en.wikipedia.org/wiki/Comparison_of_VoIP_software
https://en.wikipedia.org/wiki/IP_Phone
https://en.wikipedia.org/wiki/List_of_SIP_software
Re: Re: Alternatives?
Introdutory article about privacy and security of softphones.
http://www.freesoftwaremagazine.com/articles/secure_voip_calling_free_software_right_to_privacy
39 free softphones from 2009.
http://www.venturevoip.com/news.php?rssid=2188
Yay!
Re: Re: Alternatives?
http://www.gnutelephony.org/index.php/GNU_Telephony
Another link.
Of COURSE they can be tapped for years! Search “Megaupload” and “Skype” on Google. The USA DOJ lists over 100 Intercepted Skype calls over a three year period as evidence for extradition.
Re: Re:
The FBI reportedly used Skype IMs, not Skype Calls. Or am I mistaken?
Re: Re: Re:
Yes, IMs, not calls.
Conspiracy
M$ built that backdoor so they could stay in the pockets of government.
paranoiddelusions
Re: Conspiracy
MS Patented that backdoor.
NotThatParanoid
Re: Re: Conspiracy
On the bright side, it makes all other software companies willing to comply with their government to build wiretap functionality have to pay big sum to Microsoft.
Re: Conspiracy
… i think your / tag only needs half the words it currently has.
Re: Re: Conspiracy
1.5 words?
Re: Re: Conspiracy
I think all it needs is /blackhelicoptors.wav
This is the same company who gives Linux keys to law enforcement to by pass its own operating system.
But I’ve said this before: if you believe there’s privacy when you’re using these programs, Microsoft isn’t the one to blame.
I personally don’t do anything unlawful or illegal (in my country at least, I’d be screwed on copyright grounds in the US or so I think). But, come on, if I had to do anything illegal I’d be using open source communication tools with end-to-end encryption. I wonder if the Govts are just naive or if what they want is to really just control the average Joe/Jane. Any criminal with half a brain will take several steps to conceal their activities online.
Re: Re:
Well you see, here in the US the government works really hard to have nothing but the best crooks. It does all these stupid things to catch the people making stupid mistakes.
Then it takes these people and tosses them into criminal training (I’m sorry, I mean prison). This way they can all get together and learn from each other.
As an added measure they put a little check in the box next to “felon” in their record to make sure once they are out of school (prison) they are not able to get a real job anymore.
Skype has no backdoors people.
Now build the Ironic Mustache Twitter Interface to appreciate those words.
http://www.instructables.com/id/Ironic-Mustache-Twitter-Interface/
and BAM!
Business opportunity for someone else.
Government needs to be told that they cannot wiretap people (or scan all people’s calls) without a warrant pointing to a specific phone or a specific person.
One or the other. “Eschelon” or whatever they are now calling it needs to be killed, it’s just a way to harass people who dare to speak out against government policies.
There's only one way to have secure communication.
I need a quantum entanglement communicator. There’s no way to tap that, since there is no transmission medium to tap into.
Ok, so what’s a good open source alternative to Skype that works on Windows, Mac, and Linux, supports encryption, and is roughly no more difficult than Skype to install, set up an account on, and use?
Re: Re:
ZRTP capable for Lin, Mac and Win.
https://en.wikipedia.org/wiki/Jitsi
https://en.wikipedia.org/wiki/Linphone
Please note that capable doesn’t mean it will always use that, in a world of many protocols people tend to make things to work with the most number of other protocols which can be a problem if you want to track the security of the communications because you can’t see easily which protocol is being used.
Now if you come to the darkside you can have even more choices. Linux rule the secure softphone market.
I heard about a project called GNU Free Call that was announced around the time Microsoft purchased Skype. It was supposed to be a Skype replacement, but I haven’t heard any news about it since the announcement last year.
Is GNU Free Call still in development, or did the project die off?
GNU/PGP voice?
Of COURSE they can be tapped for years! Search “Megaupload” and “Skype” on Google. The USA DOJ lists over 100 Intercepted Skype calls over a three year period as evidence for extradition.
Skype calls recorded
The FBI certainly tapped the Skype calls of the Mega employees when they say as much in the Mega indictment. What they do not say was if this Skype invasion was done under a court order or not.
The words “Microsoft” and “safe” don’t belong in the same sentence.
mumble/murmur is a free opensource equivlant to Ventrilo or TeamSpeak, its encrypted end to end, and it works on pretty much any OS you want.
http://mumble.sourceforge.net/
it also is easy to adjust on a per client basis for bandwidth, even people on dialup can use it without issues 🙂
Re: Re:
http://mumble.sourceforge.net/FAQ#Is_Mumble_encrypted.3F
The TLS part is what makes it vulnerable to snooping.
https://en.wikipedia.org/wiki/Transport_Layer_Security
Skype has been bought off n sold out
Skype now puts ads in the calls, if you review the servers it connects to it literally connects to over 10+ IP addresses just at log in not to mention how many more it connects to when you place a call… If your so worried about people listening to you or privacy don’t use VoIP….
OoVoO & Mumble FTW
Did anybody seriously think otherwise?
nice info, thanx!) but as for me, i prefer to use this skype calls recorder http://www.imcapture.com/IMCapture_for_Skype/, i heard a lot of positive opinions about it!)
http://buyserviceonline.blogspot.com
best skype alternatives to make free landphone and mobile call worldwide cheap
http://buyserviceonline.blogspot.com/2013/02/best-skype-alternatives-to-make-free.html