The popular VOIP Skype has a backdoor for bugging
h/t Steve at Information Processing
A German online tech source reports that Skype has a hidden backdoor on its encryption protocol enabling third party bugging of conversations.
Info was leaked by Austrian police. Backdoor is presumably there at the request of European regulators, if not, Skype could be in serious trouble with the EU.
Backdoor is presumably shared with the US authorities, specially since they are now US owned...
Skype is very popular internationally as a quasi-free Voice-Over-Internet-Phone application.
Skype was founded in Estonia as a startup, one of the early signs of the Baltic states looking to really bloom after shaking free of the Soviet Union. They were bought out be eBay.
Skype has been very popular with Icelanders, especially those abroad, and I got the impression significant investment in Skype was made early on by Icelandic investors, making some people quite a bit of money.
I hope the NSA enjoys deciphering Icelandic street slang of lonely teenagers calling family and SOs from abroad.
- Log in to post comments
Proprietary software is always a backdoor risk(OSS is as well, for that matter, though the backdoors have to be subtler); but Skype is very nearly in a league of its own by the standards of allegedly legitimate software.
Some security researchers put together a look at the Skype binary and learned that the whole thing is a rat's nest of tricks, obfuscation, and antidebugging measures. With the possible exception of DRM systems(which, while hostile to the user, are considered to be legitimate because they are hostile in service of the right people), legitimate software is very rarely that cagey. Skype's network habits are similarly disconcerting, and its habit of dumping user's BIOS strings also made people nervous.
At least the whole thing is now under ebay's notoriously weak privacy policy. Definitely one to dump as soon as one possibly can.