Is There A Google Generation? >>
<< Can Google Solve The Domain Tasting Problem?
 tdicon 

Share/E-mail This Story

Email This

This feature is only available to registered users. Register or sign in to use it.



(Mis)Uses of Technology

by Timothy Lee

Mon, Jan 28th 2008 11:24am


Filed Under:
encryption, germany, skype, trojans, voip, wiretapping

Companies:
skype



German Government Struggles To Tap Encrypted Skype Calls

from the crypto-works dept

The Wikileaks project is starting to bear fruit, with documents leaked to the site beginning to get a lot of attention. The latest example is correspondence between the German government and a vendor (via Slashdot) that apparently makes software for intercepting Skype calls. Interestingly, the interception technology appears to be pretty primitive and rather expensive. The software has to be installed on the Skype client, and the vendor suggests that this can be accomplished by attaching a trojan to an e-mail or physically entering the premises to install the software on the target machine. And, evidently, only Windows 2000 and XP are supported; Vista support is still in the works. The company charges thousands of euros per target computer. This suggests that Skype's encryption technology is secure against at least the eavesdropping techniques available to the German government. Apparently they haven't found a way to decode encrypted Skype traffic off the wire, so they're forced to resort to these fairly cumbersome attacks on Skype clients -- attacks that are no more convenient for law enforcement than simply bugging the target's office. That suggests that the risk of comprehensive government surveillance of online telephony is still a fair ways off. If you encrypt your online activities, they're probably pretty secure. Of course, it's entirely possible that other government agencies, such as the NSA, have more sophisticated eavesdropping technology that they haven't shared with the Germans. My guess is that any government agencies possessing really sophisticated eavesdropping tools are also less likely to have their private documents show up on Wikileaks.
12 Comments | Leave a Comment

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    James (profile), 28 Jan 2008 @ 12:55pm

    NSA

    If you can imagine it, the NSA can do it. Period.

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, 28 Jan 2008 @ 12:59pm

    You seem t be making rather a lot of assumptions without thinking very much ; if you were a security agency and you cracked an encryption but you didn't want anyone to know that you'd cracked it what would you do ?.

    reply to this | link to this | view in thread ]

  3. identicon
    More Dread, 28 Jan 2008 @ 1:34pm

    False sense of security

    IF I were an intelligence agent and I cracked your encryption, I wouldn't tell anyone so that I can continue to data mine all of the encryption to continue to get as much valuable information out of a supposedly secured transmission(s) as possible.

    reply to this | link to this | view in thread ]

  4. identicon
    Devil's Advocate, 28 Jan 2008 @ 2:05pm

    Paranoia

    And if you were an intelligence agent and you *haven't* cracked anyone's encryption would you go around saying you have? What exactly would you have to gain? Pushing the opponent even further in the cryptographic arms-race?

    Now I'm not saying the NSA doesn't do things most of us haven't even imagined - infact I'd be very disappointed if they hadn't - but not stating they've cracked what is considered an extremely effective encryption requiring massive computational resources to maliciously decrypt tells us, in my opinion,

    absolutly nothing.

    reply to this | link to this | view in thread ]

  5. identicon
    Anonymous Coward, 28 Jan 2008 @ 2:37pm

    Decript my ass. You don't think that Phil gave the NSA the keys to Z-Phone? You don't think the NSA is already tapped into Skype? Baaaa, the fact that these guys are still walking around proves this.

    The govt. is tapped into communications providers at the source. You think GWB invented listening into phone calls? Ha. The govt. has servers connected to Microsoft Exchange Server, Hotmail, GMail, Yahoo mail and any other type of mail server. At the source. They don't need to brute force it, they get it from the source. Personally, I think that is a good thing.

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, 28 Jan 2008 @ 11:51pm

    Re:

    for one the goverment only has laws where these black box's are forced to be installed on the ISP's systems if they have them in gmail and all the other places you say they have them on then, the companies are willing to do it with out a force of the hand. Since most companies dont really feel like that extra hassle i doubt that gmail and all the other places you listed are not actually tapped in the manner that you say.. but since most email is not encrypted when it comes over your ISP's line and before it hits your computer its been logged and tracked.

    reply to this | link to this | view in thread ]

  7. identicon
    Anonymous Coward, 29 Jan 2008 @ 10:46am

    NSA has lots of money and personal -- true. But the memo claims that Skype is encrypted with RSA and AES which is quite a tough cypher combination. People who laugh about any agency which cannot crack AES have no clue about cryptoanalysis. The presented attack is one of two which don't involve undiscovered mathematical magic. The second on would be to force Skype to surrender used keys or implement key escrow.

    reply to this | link to this | view in thread ]

  8. identicon
    Anonymous Coward, 29 Jan 2008 @ 10:47am

    You are naive if you think that these "black boxes" are not installed in all forms of communication already.

    reply to this | link to this | view in thread ]

  9. identicon
    AndThePointIS, 29 Jan 2008 @ 8:20pm

    We don't have a clue.

    reply to this | link to this | view in thread ]

  10. identicon
    Anonymous Coward, 30 Jan 2008 @ 2:28pm

    "Paranoia is, when everything starts making sense!"
    isn't it Mr Black-Boxes-are-everywhere?

    reply to this | link to this | view in thread ]

  11. identicon
    amanda, 11 Mar 2008 @ 6:03am

    langauage Arts

    I want to just say HI.

    reply to this | link to this | view in thread ]

  12. identicon
    live free or die, 5 Aug 2008 @ 10:06am

    pfff

    hahaha so funny

    they want you to think that it is secure so you drop your guard.

    on wikipedia it says governments have killed 260 m in the last 100 years ( democide )

    the real terrorists are government and those behind government. 911 was an inside job, proof from documentary 911 mysteries for free on google video

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Is There A Google Generation? >>
<< Can Google Solve The Domain Tasting Problem?
 tdicon 
Follow Techdirt
Special Affiliate Offer
Anonymous number for texting and calling from Hushed. $25 lifetime membership, use code TECHDIRT25
Report this ad  |  Hide Techdirt ads
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories

Saturday

12:00 This Week In Techdirt History: April 15th - 21st (5)

Friday

19:39 Democratic National Committee's Lawsuit Against Russians, Wikileaks And Various Trump Associates Full Of Legally Nutty Arguments (79)
15:33 Michael Cohen Drops Ridiculous Lawsuit Against Buzzfeed After Buzzfeed Sought Stormy Daniels' Details (5)
13:30 How Twitter Suspended The Account Of One Of Our Commenters... For Offending Himself? (75)
11:55 FOSTA/SESTA Passed Thanks To Facebook's Vocal Support; New Article Suggests Facebook Is Violating FOSTA/SESTA (9)
10:43 Glass-Tongued Copyright Troll Thinks Google, Popehat, and Boing Boing Are Engaged In 'Black Hat Seo' (28)
10:38 Daily Deal: The MCSA SQL Server Certification Training Bundle (0)
09:37 Sex Workers Set Up Their Own Social Network In Response To FOSTA/SESTA; And Now It's Been Shut Down Due To FOSTA/SESTA (35)
06:21 Texas Revenge Porn Laws Loses Battle With First Amendment (20)
03:23 Bad Decisions: Google Screws Over Tools Evading Internet Censorship Regimes (25)
More arrow
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.