German Govt. Skype Interception Trojans Revealed

James Hardine writes "Wikileaks has released documents from the German police revealing Skype interception technology. The leaks are currently creating a storm in the German press. The first document is a communication by the Ministry of Justice to the prosecutors office, about the cost splitting for Skype interception. The second document presents the offer made by Digitask, the German company secretly developing Skype interception, and holds information on pricing and license model, high-level technology descriptions and other detail. The document is of global importance because Skype is used by tens or hundreds of millions of people daily to communicate voice calls and Skype (owned by Ebay, Inc) promotes these calls as being encrypted and secure. The technology includes interception boxes, key forwarding trojans and anonymous proxies to hide police communications."

Germany

[CastrTroy]

Germany still seems to have a lot of it's old attitudes lying around. Installing trojans on the computers of it's citizens for the purpose of listening to skype calls is way beyond what I would expect from a country like Germany. Then again, they still can't have video games with Nazis or blood in them. How long before someone packages up a Linux live CD with Skype preinstalled so that you can ensure you're computer isn't compromised when making phone calls?

Re:Germany

[gnasher719]

Germany still seems to have a lot of it's old attitudes lying around. Installing trojans on the computers of it's citizens for the purpose of listening to skype calls is way beyond what I would expect from a country like Germany. Then again, they still can't have video games with Nazis or blood in them. How long before someone packages up a Linux live CD with Skype preinstalled so that you can ensure you're computer isn't compromised when making phone calls? 1. It is legal (if you get permission from a judge etc.) to listen in to phone conversations. 2. With Skype using 256 bit encryption, the police cannot do in practice what it is allowed to do legally. 3. Some company makes software/hardware that enables the police to do what they are allowed to do legally.

It seems to be necessary to install some software on the user's computer to achieve this. As long as this software doesn't do anything but opening up Skype communications, it doesn't do anything that would affect the user's rights. All their Skype communications can only be heard by people who are legally allowed to hear it - even though one of them is the police, which is not the _intended_ recipient.

Re:Germany

[TransEurope]

An to do the same without public announcement is better? Or what "old attitudes" have CIA and NSA? Are they Nazis too? Or worse?

Re:Germany

How long before the gestapo packages up a Linux live CD with Skype preinstalled and distrubutes it as secure?

Fixed

Re:Germany

[CastrTroy]

The police are allowed to tap regular phone lines because they don't have to intrude on your property to do it. Just like they can stake out your house from a van on the road. They aren't allowed to walk into your house and watch you all day. Once they start installing trojans on computers for listening to skype calls, it's not a far stretch from them installing trojans to record every action you do on your computer.

Re:Germany

[trewornan]

Germany still seems to have a lot of it's old attitudes lying around.

Yeah, because other governments would never do something like this - talk about naive. Did anybody here not realise that skype calls were going to be intercepted?

Re:Germany

[Aardpig]

As someone else has pointed out, it is legal in Germany for police to monitor phone calls, when they get appropriate authorization from a judge. Contrast this with the United States, where the administration is trying to award retroactive immunity to itself and telcos for years of illegal phone surveillance.

Re:Germany

[STrinity]

The police are allowed to tap regular phone lines because they don't have to intrude on your property to do it.

No, they're allowed to tap phone lines because they get court orders saying they can. Do you think courts have never issued warrants allowing police to place bugs on a suspect's property?

Re:Germany

[Nullav]

So? It's a trojan, meaning that one has to willingly open it; more bluntly, it means that the police will need to trick people into opening them. Also, with this information out in the open now, anyone with a lick of sense will be even more wary of such rogue email attachments.

tl;dr - No one has to convince you to pick up a tapped phone.

Re:Germany

[Yahma]

My thoughts exactly. While our administration has allowed for unwarranted illegal wiretapping with full cooperation from most of the major telco's, the American public is mostly either unaware of the issue, or seemingly apathetic. The German public, on the otherhand, is almost in an uproar over the revelations that the German gov't can/may listen in on Skype calls LEGALLY.

The difference in public reaction is likely due to the histories of our respective nations. The Germans populace went through a period where a lunatic dictator brought on the downfall of the nation. Today in Germany, school children from age 5 upwards learn about this terrible time in the Nation's history and because of the openness and recognizance of today's germany with respect to its recent history, its population are very very wary of allowing Government too much power over its people. In the US, on the otherhand, the government have been passing laws stripping our privacy using 9/11 as justification. The recent realization that there will be little to no backlash from the American populace as a whole has only encouraged our government to continue with such laws as the "Patriot Act" that slowly strip away our rights and give the Executive Branch ever more power.

Re:Germany

[WK2]

So? It's a trojan, meaning that one has to willingly open it; more bluntly, it means that the police will need to trick people into opening them.

Here in the USA, the police will break into your house to install keyloggers and such. Hardware keyloggers, usually. They will only send something through email if they don't know who you are (such as virus writers) and they do it to find out who, and where you are, not to listen to your phone calls. The problem with sending software trojans is that it usually doesn't work, and might get noticed.

Re:Germany

[hkl387]

This is not about Germany's past, this is a global issue of today.

According to a 2007 International Privacy Ranking, there is "weakened protection" in Germany, while the UK and the US are ranked as "endemic surveillance societies".

Yes, we are very concerned about German authorities pushing to weaken our rights, but we also need to understand that Citizen's rights are under attack all around the world these days. Stereotypes are not helpful, we've got to stand up for our rights together.

Re:Germany

[m.ducharme]

I always wondered what that weird looking dongle was hanging out of the USB port....

so what?

They already have the ability to spy on you for normal phone calls. This just does the same thing for skype. In fact it's less bad since they can't do it on a mass scale; they have to come to the house of the person they want to install on or risk no knowing enough about your computer systems. What's the big hype? It's a very clear lesson; if you can't afford to protect your machine physically (and very few of us can afford that against something as powerful as the German Govt.) then you can't be 100% sure of your security.

The key thing is that they need a court to approve monitoring and have due legal process. This is what sets Germany apart from totalitarian societies like Saudi Arabia, China, the USA and Sudan.

Why should we be surprised?

[trelayne]

If Germany can do it, do we really think it hasn't already been done in the states? Skype, is very popular and would be a logical means for governments to monitor conversations---especially when said program touts itself as being encrypted and secure. So the German revelations are likely a national security goof.

Re:Why should we be surprised?

[Kadin2048]

If Germany can do it, do we really think it hasn't already been done in the states?
Skype, is very popular and would be a logical means for governments to monitor
conversations---especially when said program touts itself as being encrypted and
secure. So the German revelations are likely a national security goof. More than that, while the Germans have to install this aftermarket snooping program, it wouldn't surprise me if Ebay provided a convenient backdoor in the code so that the U.S. government can do the same thing without going to all the trouble and expense (both of third-party software, and warrants).

How exactly Skype implements encryption has never been made public. Anyone using it for secure communications is a fool. The only person it's good against is some script kiddie on your LAN or in the coffee shop where you're using a hotspot. The only person calling it "secure" is Skype/Ebay, and since they haven't opened the code up for auditing by disinterested third parties (someone like, say, Bruce Schneier), it's really not guaranteed to be anything more than snake oil.

For all you know, every time you make a call, Skype could be forwarding the key to a central server and then sending them in bulk to the FBI. That's the price of using a closed-source security product where the vendor has an obvious interest in selling you out to the authorities.

da

Da, zis ceetezens arse iz goodentite.

Man-in-the-middle against SSL?

[gnasher719]

Does anyone know how a man-in-the-middle attack against SSL, as mentioned in the article, is supposed to work?

The only possibility that I can see is to modify the browser itself, so that when the user tries to get a secure connection to www. criminals.com, the browser contacts www. police.de instead, gets a valid certificate from the police, while the police's computer then makes a secure connection to www. criminals.com.

Re:Man-in-the-middle against SSL?

[Raven42rac]

mac spoofing, arp poisoning, dns spoofing, and a fake certificate

Re:Man-in-the-middle against SSL?

[maxwell+demon]

To redirect the user from www.criminals.com to www.police.de, they only have to intercept DNS calls (unless the criminals have edited their /etc/hosts or Windows equivalent, but if they get a trojan in, that shouldn't be too hard to change as well). The only thing which might be problematic is to get a valid certificate. But then, they probably can get that by just connecting themselves (which they'll do anyway if they do a man-in-the-middle). AFAIK the certificate only contains the domain name, not the server IP, so since the browser thinks it's connected with www.criminals.com, it will accept the original certificate for the fake server. I'm no SSL expert, though, so I may be missing something here.

Re:Man-in-the-middle against SSL?

[gnasher719]

mac spoofing, arp poisoning, dns spoofing, and a fake certificate Yes, I forgot that if they are able to install software on your computer, they might also be able to install a root certificate created by the police, and send you a kind-of-genuine certificate for www.terrorists.com, signed by www.police.de. Or they _might_ be able to convince a certificate authority to give them an actual, valid certificate for www.terrorists.com, which would be a bit worrying.

With a minute of thinking: The first method would be much better, because they don't need to know ahead who I am going to contact.

With another minute of thinking: My computer has for example four Verisign root certificates installed. Does that mean that Verisign (I only take them as an example) could technically install a box with a computer into the phone line 50 meters away from my house, and do a man-in-the-middle attack by creating genuine Verisign certificates for any SSL connection that I make, without breaking into my home or doing anything to my computer at all? And the only trace that I would have would be the curious fact that everyone I contact uses certificates signed by Verisign?

With a further minute of thinking: My computer has about 100 root certificates installed that came with Leopard, and similar things happen for Windows users. I have no idea where these certificates come from; I just have to trust Microsoft and Apple. If the police could convince Microsoft and Apple to put a root certificate owned by the police into their installers, then the police could read anyone's SSL connections without breaking into their homes (but breaking into their connection a bit further down the line)?

Re:Man-in-the-middle against SSL?

Does anyone know how a man-in-the-middle attack against SSL, as mentioned in the article, is supposed to work?

Probably in the same way that governments perform any other interception methods, full cooperation from corporations.

Look at who Narus, the manufacturer of big honkin' communication vacuums that the NSA has installed at ATT and other telco's, partners with:

http://www.narus.com/partners/index.html

VeriSign offers the entire suite of Narus products to its global customer base as managed services or licensed software. This includes capabilities for security, traffic analysis and lawful intercept.

IIRC, Verisign and it's subsidiaries like Network Solutions, employs and is managed by people formerly part of the intelligence community. Given what we know about ATT and the NSA, it's really not at all surprising that the government would have copies of valid certs that would allow transparent monitoring of SSL traffic.

Re:Man-in-the-middle against SSL?

[Rich0]

You are completely correct. When you tell your browser to trust a root certificate - that means exactly what it sounds like it means. Whoever has the signing keys to that root cert can make your browser think that any site is legit for any domain name.

Many companies install their own root certs so that they can sign their own intranet ssl certs (rather than pay for a ton of them for every little web-based app they install). That gives those same companies the ability to man-in-the-middle any web connection from one of their browers.

Nothing new here - if somebody can get you to install stuff on your computer they can generally do whatever they want with it if they are unscrupulous.

It's NOT the german gov,...

[TransEurope]

it's the bavarian government, a federal state of germany.

http://www.heise.de/newsticker/suche/ergebnis?rm=result;q=skype;url=/newsticker/meldung/102375/;words=Skype
http://www.heise.de/newsticker/suche/ergebnis?rm=result;q=skype;url=/newsticker/meldung/102485/;words=Skype

Re:It's NOT the german gov,...

[KDR_11k]

For Americans, just think of Texas with lederhosen instead of cowboy garb.

How does this affect admissibility?

Germany has/had some wonderful privacy legislation, but in the last year or so they're heading in the other direction...

What's interesting here is the collection of evidence by installing spyware: if forensic analysis of a disk means absolutely nothing may be installed/changed/touched on the disk, how are they allowed to install their own software? does this invalidate any evidence they collect for use in a court, or are civil law courts a bit more flexible with such things?

Secondly, the problem here doesn't appear to be with Skype at all. As with any encryption, it doesn't matter how safely you transfer your data, you still have to read/write/speak/listen to it unencrypted. No program can pull that off without requiring you to write your messages or speak encrypted.

Skype is not securely encrypted.

[WK2]

Skype is not securely encrypted. The only client is closed source, and the protocol is not open, nor peer-reviewed. The developers themselves have said that security analysts would probably quickly find holes if they opened the source.

It is less likely that thieves and spies, etc, will be able to eavesdrop on your Skype conversations than with a plain old phone. But don't treat it as secure communications.

http://en.wikipedia.org/wiki/Skype

Re:Skype is not securely encrypted.

[PGillingwater]

I would have to take issue with your statement.

According to this: http://www.ossir.org/windows/supports/2005/2005-11-07/EADS-CCR_Fabrice_Skype.pdf

Skype seems to use AES for the VOIP payload, and RC4 for signaling packets.

Naturally, although AES is an excellent algorithm, it will fail if the implementation is weak, especially in the key handling.

I agree that the code is largely obfuscated, and without open source, it would be a nightmare to expect to rely on its security.

However, there was an "independent" review of Skype, which I understand was able to review the source code.

See: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf for what appears to be the definitie analysis (as of 2005.)

Maybe things have changed since then? I would be surprised if the German government and its subcontractors have seriously been able to compromise Skype through man-in-the-middle attacks, but would not be surprised if a single end-point were compromised.

Re:Skype is not securely encrypted.

[WK2]

It's nice that Skype is at least smart enough not to use DES, or ROT-13. AES is good encryption.

Naturally, although AES is an excellent algorithm, it will fail if the implementation is weak, especially in the key handling. I agree that the code is largely obfuscated, and without open source, it would be a nightmare to expect to rely on its security.

I couldn't agree with you more.

However, there was an "independent" review of Skype, which I understand was able to review the source code.

You put "independent" in quotes. After reading the pdf you linked to, I could see why. From the pdf:

You may imagine my delight when, in April 2005, Skype contacted me and invited me to compete for the job of performing an independent evaluation of Skype information security

Skype thinks they are hiring an independent evaluator? I wonder how many independent evaluators they had to go through before they found one who was confident in Skype's security, so that they could display how secure they are.

So to summarize, we have:

+ Skype uses a good, open, proven (no exploits yet) cryptographic algorithm
+ No security flaws have been found in Skype
+ Some guy who works for Skype testifies that Skype is good, solid code (it's worth something)
- The implementation is closed-source. Skype even goes so far as to obfuscate their code
- No independent evaluations have been done on Skype's source code
- Skype does not know what an independent evaluation is

I would recommend against using Skype if security is an issue.

Re:Skype is not securely encrypted.

[PGillingwater]

Yes, I did quote "independent", because of the conditions under which the inspection was made.

However, before everyone rushes to judgment -- the guy who did the evaluation appears to have impressive credentials for assessing the effectiveness of implementation of encryption algorithms.

Check out his page: http://www.anagram.com/berson/

In my opinion, as a crypto dilettante, this guy Tom Berson is the real deal.

Of course, Skype showed him selected parts of the code, which may or may not be in the final product. I think the more rational among us who are interested in secure communications will generally sacrifice convenience (which Skype clearly offers) for security, and use another product which may be peer reviewed. It's also interesting to follow the money -- perhaps we could look into why eBay paid US$2.6 billion for Skype, then two years later wrote off US$1.43 billion -- one wonders if there is some US government interest served by a large USA corporation having control over the closed-source Skype code.

Having said that, I am still a heavy Skype user, and will continue to use it, as it is sufficient for my needs.

Re:Skype is not securely encrypted.

[0ptix]

Using AES alone is definitely no guarantee of having established a secure communication channel. An at least equally important question is how key's are established and distributed. You did not mention any public key cryptography. AES is a symmetric key algorithm so how do two clients who've never talked with each other set up there first secure connection? Further AES is an encryption algorithm so it proves secrecy, but not automatically provide authentication. Especially with a known protocol this can lead to surprising attacks. Thus the mode of operation in which AES is employed is also quite important. Even how IV's are chosen are important.

Skype might have solved some or even all of these problems. But the point is that simply stating that AES (and RC4) are used (even perfect implementations there-of) does not guarantee any kind of security at all. these things are far more subtle then that.

besides the moment an attacker (in this case the bavarian police) gets access to and end point (i.e. the actual machine which skype is running on) the whole thing is just B.S. anyway. i mean NO system in the world is secure under such an adversarial model... not unless you have some crypto chip installed with secret keys on it or something like that. (think TCPM).

The classic /. question.....

[budword]

Yeah, but does it run on Linux ? Anyone know if said software will end up on your linux box ?

Re:The classic /. question.....

[maxwell+demon]

According to http://www.esrockt.com/bayerntrojaner-hoert-skype-gespraeche-ab/ (German language), it only works on Windows.

"how are they allowed to install their own..."

[TransEurope]

"....software?"

Good question. The best answer is, the bavarian minister has exactly no idea of software and how it works. He shares his unknowledge with his federal counterpart Wolfgang Schäuble, the guy responsible for the so called "Federal Trojan" (Bundestrojaner).

http://en.wikipedia.org/wiki/Wolfgang_Sch%C3%A4uble

I for one

[MrCopilot]

am glad i live in a country where these abuses of privacy are outlawed by the constitution and the government would never even think to monitor our voice and data transmissions.

That is why I am proud to be an American. They what, Oh damn.

What about China?

[Toddlerbob]

As pointed out in a comment above, if Germany does it, why not the USA? (Especially with all the secrecy and propensity to spy on citizens that the USA feds have these days)

I'm wondering now about China. I remember that Skype was, for a short time, on slippery footing for continued operations in the People's Republic. Then, for some reason, there was no longer a problem. I can't help but suspect that Skype may have opened up its code to China in order to continue operating there. The Chinese government lives and breathes by spying on its people (and anybody else living in its territory, of course).

On the other hand, maybe they didn't open their code, but the Chinese government figured out how to tap into communications, anyway. In the current article, the Germans have shown one way that it's possible.

Skype on linux is a bad idea

[Werrismys]

It's closed, proprietary crap after all.

Maybe, but...

[TransEurope]

...they were never hired by the CIA/NSA. They were all hired by the German Government to found the Bundesnachrichtendienst (Germany's Federal Secret Service) and the MAD (Military Counter Intelligence Service) in 1956 ;-)

Re:The American people are sheep

[jollyreaper]

an the public Schiesse. Maybe next they'll show us how to proofread. :(

Naive people.....

[jmorris42]

> talk about naive. Did anybody here not realise that skype calls were going to be intercepted?

That is exactly why all the uproar. Too many stupid people looked at the magic encryption pixie dust eBay was splashing around Skype and thought it was safe. A closed implemntation of crypto by a closed corporation subject to the laws of most countries by virtue of being a multi-national. If the crypto didn't have bugs[1] a court order from any jurisdiction eBay does business in would be all that is needed to open calls to police ears.

If you want security it has to come from public crypto protocols implemented by open software running on open platforms. And even then, after you install openBSD, and carefully encrypt all of the partitions (even swap), you better make damned sure you keep physical control lest somebody install a keylogger and recover the passphrases.. and 'they' almost certainly can even manage it in laptops or handhelds!

[1] A really big IF, requiring a 'willing suspension of disbelief' if ever anything did to buy.

Fascism

[J'raxis]

Anyone who thinks fascism in Germany ended with the fall of Nazism is severely mistaken.

Your privacy, Your liberty, Your freedom

[iendedi]

1. It is legal (if you get permission from a judge etc.) to listen in to phone conversations. 2. With Skype using 256 bit encryption, the police cannot do in practice what it is allowed to do legally. 3. Some company makes software/hardware that enables the police to do what they are allowed to do legally.

It seems to be necessary to install some software on the user's computer to achieve this. As long as this software doesn't do anything but opening up Skype communications, it doesn't do anything that would affect the user's rights. All their Skype communications can only be heard by people who are legally allowed to hear it - even though one of them is the police, which is not the _intended_ recipient.

In the US, today, the government can legally decide that you might be a terrorist (you know, like you support Ron Paul, for instance, who is very terrifying to them). Once so implicated, they can legally break down the door to your house, pull you from your bed, take you to a detention center, refuse to give you a phone call, hold you for as long as they like, torture you and so forth. If they decide to release you, they are not legally obligated to in any way compensate you for your life that they just demolished.

I point this out to illustrate, essentially, that legality does not necessarily have anything whatsoever to do with acceptability. It is our responsibility to stop this madness. I do not believe that governments have the right to invade our lives in these ways. I do not believe the government has the right to install a virus on my computer for the purpose of taking my skype keys. We all know that the various governments around the world are infiltrated by all manner of nasty organizations. If the government has a virus in my computer, then is it safe for me to transfer funds using online banking on my computer? How do I know that there aren't members of some criminal syndicate that are working for the government that have access to that virus?

No. If someone breaks my door down, I don't care if it is a policeman, a soldier, a thief or a vampire, I have the right and obligation to defend my family and my space with deadly force. If someone breaks into my computer, I have the right and obligation to eliminate that threat and to help others do the same. We all need to take these transgressions on our personal space, lives and property much more seriously. When will we fight back? When they want to put an implant in our brains to read and control our thoughts?

When is it enough, people??