Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Partners with Signal to Bring End-To-End Encryption to Skype (bleepingcomputer.com)

Posted by msmash on from the catching-up dept.

Microsoft and Open Whisper Systems (makers of the Signal app) surprised many on Thursday when they said they are partnering to bring support for end-to-end (E2E) encrypted conversations to Skype. From a report: The new feature, called Skype Private Conversations has been rolled out for initial tests with Skype Insider builds. Private Conversations will encrypt Skype audio calls and text messages. Images, audio or video files sent via Skype's text messaging feature will also be encrypted. Microsoft will be using the Signal open-source protocol to encrypt these communications. This is the same end-to-end encryption protocol used by Facebook for WhatsApp and Facebook Messenger, and by Google for the Allo app.

13 of 64 comments (clear)

  1. The only question by Anonymous Coward · · Score: 4, Insightful

    is not if there's a backdoor, but rather, how many backdoors will be present and for whose purposes

  2. Hard to believe by jez9999 · · Score: 4, Insightful

    At a time when so many governments on Earth are scrambling for a way to surveil all communications how likely is it really that Microsoft would being true end-to-end encryption to something like Skype? I bet there's a backdoor.

    --
    == Jez ==
    Do you miss Firefox? Try Pale Moon.
    1. Re: Hard to believe by rtb61 · · Score: 2

      Technically, a government of the people by the people and of the people, should have all the power. So yes the government should be all powerful but the government should be of the people. What needs to happens is higher up the food chain you go, the less privacy you should be entitled to. At the top, zero privacy, if you want a private life, leave. What is happening is corruption, a government of the elite by the elite and for the elite and protecting their privacy, the evidence of their crimes, whilst invading our privacy to control us, not for the benefit of society, that is the lie but for their own benefit, to exploit us.

      The government should have power but the people should control the government, so in reality the people have the power. I definitely approve the top down invasion of privacy model. Want privacy, do not take on any kind of public role.

      --
      Chaos - everything, everywhere, everywhen
  3. Yeah, right by dnaumov · · Score: 5, Insightful

    First they DELIBERATELY weaken the Skype architecture to make it easier for various 3-letter agencies to eavesdrop on Skype calls and now we are supposed to trust they have their users best interest on their mind? Yeah, right. Without access to the source code, why would anyone sane consider the implementation to NOT be broken-by-design?

    1. Re:Yeah, right by mark-t · · Score: 4, Informative

      Companies that want their teleconferences protected from everyone else, don't give a shit about the US government snooping on them.

      Anyone with even just a vague understanding of how computers work will realize that these two concepts are inherently contradictory. If the US government can eavesdrop, then so can anyone else, with the right know how. Encryption techniques exist, however, where no amount of know-how will actually make it any easier to decrypt... and these are the so-called unbreakable encryptions that law enforcement bitches about every so often, suggesting that they are thwarting law enforcement, and painting companies that utilize such techniques as deliberately working against them.

      The thing that these people fail to realize is that those unbreakable encryptions are also thwarting untold numbers of would-be criminals that would be all too happy to snoop on people's personal and private data if they could... and use it to their advantage, and probably cause measurable harm to innocent parties.

      Even *IF* the government could supposedly be trusted to not actually abuse such backdoors, there's no possible way to keep the bad guys from getting their hands on them, and doing incalculable levels of harm.

      --
      File under 'M' for 'Manic ranting'
  4. Indeed that is a surprise by Oswald+McWeany · · Score: 4, Funny

    Microsoft and Open Whisper Systems (makers of the Signal app) surprised many on Thursday when they said they are partnering to bring support for end-to-end (E2E) encrypted conversations to Skype.

    That is a surprise. I had no idea Skype still existed.

    --
    "That's the way to do it" - Punch
    1. Re:Indeed that is a surprise by Anonymous Coward · · Score: 2, Informative

      Oh yeah, it exists, but it isn'ta relevant. In typical Microsoft fashion, once they got their grubby hands on it, it got so bloated it constantly crashed. I uninstalled it on all my computers and smart-phones and switched to Telegram, which has had encryption the whole time.

      captcha: vibrator

  5. It's all about the key management by bigtomrodney · · Score: 4, Interesting

    You can have the strongest end-to-end encryption you want...it doesn't mean much if you don't know how your private and session keys are handled. It's all down to trusting the vendor that you're supposedly hiding your messages from with "end-to-end" encryption.

    --
    I never get used to these constant resurrections
  6. Actually the important info is who and when by sasparillascott · · Score: 3, Insightful

    The important thing for the surveillers is keeping a running log of who you talk to and when you talk to them and that is still preserved and not encrypted. Having the actual messages is nice, but not nearly as important as knowing who you talk to and when. This is also why Facebook, of all people, allows it on their programs.

  7. Re:Toy by viperidaenz · · Score: 2

    You should pay for Skype for Business then
    Then everyone in your organisation can have a ~50% success rate joining an online skype meeting! and when they do manage it connect, screen sharing will randomly drop out for some people, requiring them to re-join for it to work for the next 30 seconds before failing again.

  8. I don't think so by HermMunster · · Score: 2

    Microsoft has a history of cooperation with the feds. They implemented a centralized server away from p2p in order to at least give the feds access to monitor the Skype network. Signal is true end to end encryption. Efforts to merge the two will simply give the government access to the encrypted communication. Skype is a proprietary piece of software and thus cannot be audited. I've no idea whether Signal has been compromised but I'm leaning in that direction otherwise why else would they be working with a company known to violate their user's privacy and security.

    --
    You can lead a man with reason but you can't make him think.
  9. So if it is based on Signal .. by Alain+Williams · · Score: 3, Interesting

    which is an open source protocol will we be able to build 100% open source software that interoperates with other Skype users ? I somehow can't see that happening - I would like to be proven wrong.

    1. Re:So if it is based on Signal .. by JustNiz · · Score: 2

      I doubt it. This is Microsoft we're talking about. Its inevitable that they will find some way to "embrace and extend" the protocol to keep it non-standard, or to at least keep open clients off their network. Especially Linux ones.