Slashdot Mirror
Russian FSB Can Reportedly Tap Skype Calls
An anonymous reader writes "Previous reports of a Microsoft provided backdoor to Skype has been unconfirmed. However, there are now reports that Russian federal security service FSB is able to tap call and locate users. 'FSB and the Internal Affairs Ministry (MVD) have been capable to wiretap and locate Skype users for some years already, reported Vedomosti on Thursday [Google translation of Russian original]. The newspaper is citing experts on information security. "Special services have been capable for several years not only to wiretap but also to locate a Skype user. That's why, for instance, employees of our company are forbidden to discuss business-related topics on Skype," General Director of Group-IB, Ilya Sachkov, says to Vedomosti. "After Microsoft acquired Skype in May 2011, it updated the software with technology allowing legitimate wiretapping," says Maksim Emm, Director of Peak Systems.'"
The Skype P2P protocol has always been an issue to worry about. It's hard to break/understand, and I've seen research papers that just scratched the surface of the protocol.
I never doubted that really smart minds (like Russians) would eventually crack it and exploit it. This would never happen with an open-source protocol.
And therein we learn the lesson about closed source software and proprietary methods. If folk had adopted something based on SIP, XMPP, IAX or any other open and documented protocol, we'd be able to communicate using a tried and tested security mechanism.
For something like communications, if you're totally and absolutely reliant upon a third party then you also need to have total and absolute trust in that third party or you should consider all your communications using them to be public.
Closed source software with obscure network protocol, now owned by a corporation whose main concern isn't the users' best interest, turns out to be not so nice after all. News at 10...
The best way to do use Skype for anything more important than saying hello to your grandmother for free on the internet is not to use Skype. Everybody with half a brain has known that for many years.Duh...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Oh yeah, because Russia today is so much more desirable and has completely stopped all its spying activities.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Soviet Union was disbanded in the 90's
And????
Russia still remains. The KGB is now the FSB. Russia is more open, but it's still not the USA.
And speaking of the USA, you do realize that Project Echelon and similar efforts have been busily tapping into communications in the Land of the Free for longer than there was a Skype?
Would save a lot of trouble.
Watch this Heartland Institute video
You speak of the US as if they wouldn't do exactly the same thing (and almost certainly are). This is why there should be an open implementation that supports proper security.
Why would someone with something to hide use Skype?
Seriously - if you've got something to hide, use something to which you have the source and can control the encryption used.
Special services have been capable for several years not only to wiretap but also to locate a Skype user.
Special services have been capable for several years not only to wiretap but also to locate cellular phone and landline users.
Everything I write is lies, read between the lines.
Because everyone else uses skype.
People who dont get this are the same people who dont understand why facebook is more popular than Diaspora.
The denial is strong in this one.
Why the hell would I want a Skype account?
Because otherwise people won't talk to you. That's nice at first (very nice!) but after a while it leads to you not getting paid any more, which is very much not nice. The issue? People who communicate are better at making contacts and better at winning business. Over the longer term, this is a very important effect.
But at least there's one thing. If the FSB listen into my skype conversations, the joke will be on them. In particular, those meetings are so incredibly boring that they'll lose the will to live! (It's bad enough for me, and I'm supposed to be interested in what's going on in them.)
"Little does he know, but there is no 'I' in 'Idiot'!"
If one uses Jitsi and one uses Skype, why should they settle on the insecure option?
They'll choose Skype because that's the one that the person who isn't a tech expert already has working. Unless you're really keen on doing more free tech support...
"Little does he know, but there is no 'I' in 'Idiot'!"
That the whole point of microsoft centralizing the skype servers after they bought it was to allow gov't taps.
You say "decode" as though it is trivial.
You should read up a bit on encryption.
Nobody can possibly be this ignorant. Are you a paid government troll by any chance?
Project echelon has been widely reported on by a number of mainstream news sources. Do you think CBS news qualifies as a bastion of "tinfoil hattery"?
http://www.cbsnews.com/8301-18560_162-164651.html
The Church committee hearings in the late 1970s revealed extensive details about the multi-decade long MK Ultra program, including a trove of 20,000 related documents. Do Congressional hearings not count as "official reports"? It was also revealed that thousands of other documents related to the program had been destroyed.
Are you so brainwashed on the government Kool Aid that you can't even exercise your critical thinking skills and make a cursory examination of widely available and mostly undisputed evidence?
If you're so naive as to believe the absurdities published in official government reports, go stick your nose up a bureaucrat's ass. I'm sure it will smell like a rose garden to you.
aka "The Path to Idiocracy". It's true, though, and it should be an object lesson that technically sound software needs to be trivially easy to install and configure as well if it's to do much societal good.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
"And speaking of the USA, you do realize that Project Echelon and similar efforts have been busily tapping into communications in the Land of the Free for longer than there was a Skype?"
I browse on +1 so AC's need not respond, I won't see it.
Its not idiocracy, it just seems that way because youre technically minded.
Just the other day I was trying to answer several questions about hacking, viruses, computer security, etc for a family member, and I realized (for the millionth time) just how hard it is to convey the framework that a non-techie would need in order to begin understanding a lot of this stuff.
And in order for everyone to decide to use a more secure option, everyone needs to realize that the current option is really really bad and what the better option is. Getting that information out to a wide userbase there takes a TON of work.