German Government Struggles To Tap Encrypted Skype Calls

from the crypto-works dept

The Wikileaks project is starting to bear fruit, with documents leaked to the site beginning to get a lot of attention. The latest example is correspondence between the German government and a vendor (via Slashdot) that apparently makes software for intercepting Skype calls. Interestingly, the interception technology appears to be pretty primitive and rather expensive. The software has to be installed on the Skype client, and the vendor suggests that this can be accomplished by attaching a trojan to an e-mail or physically entering the premises to install the software on the target machine. And, evidently, only Windows 2000 and XP are supported; Vista support is still in the works. The company charges thousands of euros per target computer. This suggests that Skype’s encryption technology is secure against at least the eavesdropping techniques available to the German government. Apparently they haven’t found a way to decode encrypted Skype traffic off the wire, so they’re forced to resort to these fairly cumbersome attacks on Skype clients — attacks that are no more convenient for law enforcement than simply bugging the target’s office. That suggests that the risk of comprehensive government surveillance of online telephony is still a fair ways off. If you encrypt your online activities, they’re probably pretty secure. Of course, it’s entirely possible that other government agencies, such as the NSA, have more sophisticated eavesdropping technology that they haven’t shared with the Germans. My guess is that any government agencies possessing really sophisticated eavesdropping tools are also less likely to have their private documents show up on Wikileaks.

Filed Under: , , , , ,
Companies: skype

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “German Government Struggles To Tap Encrypted Skype Calls”

Subscribe: RSS Leave a comment
12 Comments
Devil's Advocate says:

Paranoia

And if you were an intelligence agent and you *haven’t* cracked anyone’s encryption would you go around saying you have? What exactly would you have to gain? Pushing the opponent even further in the cryptographic arms-race?

Now I’m not saying the NSA doesn’t do things most of us haven’t even imagined – infact I’d be very disappointed if they hadn’t – but not stating they’ve cracked what is considered an extremely effective encryption requiring massive computational resources to maliciously decrypt tells us, in my opinion,

absolutly nothing.

Anonymous Coward says:

Decript my ass. You don’t think that Phil gave the NSA the keys to Z-Phone? You don’t think the NSA is already tapped into Skype? Baaaa, the fact that these guys are still walking around proves this.

The govt. is tapped into communications providers at the source. You think GWB invented listening into phone calls? Ha. The govt. has servers connected to Microsoft Exchange Server, Hotmail, GMail, Yahoo mail and any other type of mail server. At the source. They don’t need to brute force it, they get it from the source. Personally, I think that is a good thing.

Anonymous Coward says:

Re: Re:

for one the goverment only has laws where these black box’s are forced to be installed on the ISP’s systems if they have them in gmail and all the other places you say they have them on then, the companies are willing to do it with out a force of the hand. Since most companies dont really feel like that extra hassle i doubt that gmail and all the other places you listed are not actually tapped in the manner that you say.. but since most email is not encrypted when it comes over your ISP’s line and before it hits your computer its been logged and tracked.

Anonymous Coward says:

NSA has lots of money and personal — true. But the memo claims that Skype is encrypted with RSA and AES which is quite a tough cypher combination. People who laugh about any agency which cannot crack AES have no clue about cryptoanalysis. The presented attack is one of two which don’t involve undiscovered mathematical magic. The second on would be to force Skype to surrender used keys or implement key escrow.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...