Slashdot Mirror

← Back to Stories (view on slashdot.org)

Skype Messages Monitored In China

Posted by CmdrTaco on from the privacy-in-stereo dept.

Pickens writes "Human-rights activists have discovered a huge surveillance system in China that monitors and archives Internet text conversations sent by customers of Tom-Skype, a joint venture between a Chinese wireless operator and eBay. Researchers say the system monitors a list of politically charged words that includes words related to the religious group Falun Gong, Taiwan independence, the Chinese Communist Party and also words like democracy, earthquake and milk powder. The encrypted list of words inside the Tom-Skype software blocks the transmission of these words and records personal information about the customers who send the messages. Researchers say their discovery contradicts a public statement made by Skype executives in 2006 that 'full end-to-end security is preserved and there is no compromise of people's privacy.' The Chinese government is not alone in its Internet surveillance efforts. In 2005, The New York Times reported that the National Security Agency was monitoring large volumes of telephone and Internet communications flowing into and out of the United States as part of an eavesdropping program that President Bush approved after the Sept. 11 attacks. 'This is the worst nightmares of the conspiracy theorists around surveillance coming true,' says Ronald J. Deibert, an associate professor of political science at the University of Toronto. 'It's "X-Files" without the aliens.'"

6 of 223 comments (clear)

  1. Shocked, I am by adpsimpson · · Score: 5, Funny

    Writing through a scribe over Skype from mainland China, I can confidently say that messages about Falun Gong are not being

    --
    Is crushing a suspect's child's testicles illegal?
    John Yoo: "No, [if] the President thinks he needs to do that."
  2. I'm writing from China right now by Digitus1337 · · Score: 5, Funny

    I use Skype to communicate with friends in the US, and to discuss politics. I am appalled to read of this invasion of privacy.

    Hold on, someone is at the door...

    CHINA IS A GREAT NATION THAT WOULD NEVER INVADE MY PRIVACY. THIS ARTICLE IS UNFOUNDED AND BIASED.

  3. Not the worst nightmare at all by CSMatt · · Score: 5, Insightful

    'This is the worst nightmares of the conspiracy theorists around surveillance coming true,'

    No. The worst nightmare would be when this comes true and no one cares.

  4. Re:Not the same by megamerican · · Score: 5, Insightful

    That's only if you trust the government's claims. They have a pretty bad track record. Just do some research on COINTELPRO or Mockingbird. Or realize that the FBI was openly recruiting people to spy on protest groups in Minnesota before the RNC.

    Also remember that the patriot act has been used 1000's of times against people who have done nothing terror related. Elliot Spitzer was caught because of the patriot act. It has mostly been used to get drug dealers and shut down strip joints.

    --
    If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
  5. Re:In end-to-end security... by Simon+(S2) · · Score: 5, Insightful

    This is not about real paranoid people. The real paranoid people (like me) never trusted skype (encrypted, closed source binary blob).
    This news is for the non-tinfoil-hat people. Now they too know, like us paranoid people, that their conversations are tracked, recorded, monitored and archived. For real. And now they know, if they read and understand the news, that what skype sad to us all ('full end-to-end security is preserved and there is no compromise of people's privacy.') was a lie. Skype (eBay) lied, maybe one time, maybe on other, more important things too, and maybe they will do it again.

    --
    I just don't trust anything that bleeds for five days and doesn't die.
  6. Re:In end-to-end security... by mpapet · · Score: 5, Informative

    Except, even IF you could comb through the code, it doesn't mean that at some higher level your security isn't compromised.

    I run a VOIP server and it's ridiculously easy to monitor everything going through it despite a TLS initiated client-server session.

    - Text/sms/etc? In the database.
    - Voice? Easy to keep a listener on the call. Very easy.

    In both cases, there's encryption over the "public wire" but the server's got access to ALL of it. In the U.S., I imagine it's as simple as the NSA visits your CEO and gets full cooperation. CEO tells CTO to cooperate fully with the NSA. All of your communications are now monitored. That is, if the current monitoring at AT&T isn't enough somehow.

    The "simple" answer is to decentralize VOIP. How you find and trust VOIP peers is where that ideas falls apart.

    Another idea is to encrypt/decrypt the data on the client. Your sms would be good to go.. Encrypting the audio portion of the UDP packets would be very problematic. But it would work.

    Running your own communications server is good too. A dumb old P3 with 1GB of ram will run VOIP and mail just fine. In that scenario, you own/control all the parts.

    --
    http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html