Skype Hopes To Stay On The Censor's Good Side In China
from the please-don't-cut-us-off... dept
When eBay first bought Skype, one of the big reasons they stated was Skype's widespread use in China -- where eBay had little presence. This didn't make much sense at the time, because it didn't seem likely that Chinese Skypers would suddenly start buying and selling products on eBay... but, then again, it wasn't our billions that were being spent. The "China" reason for the Skype acquisition has looked worse and worse ever since the deal happened. There have been reports of local governments banning Skype, and at least two Chinese telcos have bought or looked at Skype-blocking filters. As you might imagine, this means that Skype management is bending over backwards to do whatever the Chinese government wants to actually remain usable to the country's 1.3 billion or so residents. So, with that in mind, perhaps it should come as no surprise at all to find out Skype has a text filter in place to censor Skype text chat conversations in China. Where this becomes questionable is that Skype has always touted how its conversations are entirely encrypted -- and thus they shouldn't be able to filter anything. It also could raise questions about what else Skype has been willing to do to keep the Chinese government happy. What's next? Forced government licenses for all Skype users?Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Remind me why the Chinease government is so strict?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Yes, and being insulting would be the best way to explain such a difference? Attack the argument not the person. Show some integrity.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Memory lane
[ link to this | view in chronology ]
RE: Anonymous Coward
[ link to this | view in chronology ]
Who Cares?
[ link to this | view in chronology ]
Re: Who Cares?
[ link to this | view in chronology ]
Re: Re: Who Cares?
[ link to this | view in chronology ]
Re: Who Cares?
[ link to this | view in chronology ]
View B: The citizens of china are either brainwashed into believing the government rhetoric, or are rightfully afraid to public go against the system. China's leaders are hoping to contain any opposing factions and keep them from spreading. The less public knowledge of opposing viewpoints, the less dissatisfaction with their totalitarian control.
Someone pick A, someone pick B, we'll give you each a weapon and let you fight it out gladiator style.
Get your tickets! Geeet your tickets here!
[ link to this | view in chronology ]
Re: Property Donation
[ link to this | view in chronology ]
Chinese Government
[ link to this | view in chronology ]
Re: Chinese Government
[ link to this | view in chronology ]
skype
[ link to this | view in chronology ]
I suspect that this is going to be a natural result of the way some businesses are created. Someone wants to get rich, so they invent/innovate/outcompete/steal to get seen, and sell their new company for profit. Selling to the highest bidder means the company is now in the hands of groups and people who are trying to get rich by any means, so they have to be in every market, and hire a CEO, who also wants to get rich by pumping up stock and cashing out before he runs it into the ground. No one in the process is in it for the long term unless they get a stranglehold on the market or enough momentum to lobby for a monopoly.
On the other hand, there's nothing to say that any one of these groups can't have morals and decide they've made enough money, they want to provide a service and industry to the world. I really think these kinds of people and companies exist. There was the story about the lawnmower company that refused to sell to wallmart because they were in the market for the long term. I think google's in a good spot as well, since the founders seem to have decide that several hundred million each is enough and they're maintatining controlling shares in the company. (I know they're doing the china sellout as well, but I really feel that from their perspective, it would hurt china more to have only their less scrupulous competitors. While standing up for what you believe is good and I encourage it, it does not equate to what helps people the most. More worldly chinese citizens is the first step to change)
[ link to this | view in chronology ]
Re: Worldly Chinese
[ link to this | view in chronology ]
Google does what is necessary
[ link to this | view in chronology ]
Re: Google does what is necessary
Presuming the worst case, that means text-Skyping is done in the clear. Someone from Skype prove me wrong by showing me source code and a signed affadavit from the executive management team offering to resign if they're proved to be lying.
2. IF text chats are actually encrypted from user-point to user-point, that still leaves a huge potential vulnerability (in the modified client) on the Chinese User's workstation.
IOW, Skype could theoretically provide all of its Chinese Users with a modified version of the software (we can't know if the CN version's got spyware in it, since Skype won't release open source). Whit Diffie one pointed out that "the screen can always be photographed", meaning that once your ciphertext is decrypted into plaintext at the other end, it's now fairly easy to capture/intercept by capturing that plaintext.
If it's text (not voice), and it did get encrypted (still don't know if that's true, but if it is...) then the "localized"/Government-approved Chinese Skype Software can be engineered to decrypt, then provide a subliminal channel to CN Govt observers/spies who can review the plaintext... the User has no easy way of knowing this.
To be trustworthy, Skype needs to stop telling us all to "trust us" and finally OPEN its SOURCE code for extensive security reviews. Their argument is that their proprietary security implementation is their value, but it's FREE software: they're not charging for anything associated with the client. Maybe they charge big businesses for server functionalities, but that's not relevant here. Until they release open source, any security associated with Skype by any User is pure wishful thinking.
No offense intended, but please don't anyone tell me that, just because one clever guy (TB) was paid and then nondisclosed by Skype and then allowed to look at some architectural diagrams and/or a few small parts of the code specific to crypto key mgmt, it's now considered OK for everyone to feel safe and secure using. Homey don't play dat. AFAIK, he didn't see all of the source code, only certain aspects of the cryptographic architecture; he never saw the detailed implementation and; he's only one guy, albeit a clueful one, but not an army of unbiased geeks.
That's my $0.02, as a professional security architect and cryptographer.
PS: Google's motto is not "do no harm". One of their ten or so operating principles is "Don't be Evil" but I think we can all agree now: that ship has sailed. Shortly after they IPO'ed and started raking in Billions of dollars in fictional money that is itself part of a global Dirty Money network used by wealthy kleptocrats to hide Trillions of dollars in money stolen from Poor people around the world (Billions of whom, living in abject squalor in developing countries in Africa and Asia, will never use a computer, much less make a telephone call), they joined the ranks of the Corporate Goons, and whatever line of BS their PR company is now handing you about what groovy folks they are is just another load of hooey.
[ link to this | view in chronology ]
Re: Google does what is necessary
Presuming the worst case, that means text-Skyping is done in the clear. Someone from Skype prove me wrong by showing me source code and a signed affadavit from the executive management team offering to resign if they're proved to be lying.
2. IF text chats are actually encrypted from user-point to user-point, that still leaves a huge potential vulnerability (in the modified client) on the Chinese User's workstation.
IOW, Skype could theoretically provide all of its Chinese Users with a modified version of the software (we can't know if the CN version's got spyware in it, since Skype won't release open source). Whit Diffie one pointed out that "the screen can always be photographed", meaning that once your ciphertext is decrypted into plaintext at the other end, it's now fairly easy to capture/intercept by capturing that plaintext.
If it's text (not voice), and it did get encrypted (still don't know if that's true, but if it is...) then the "localized"/Government-approved Chinese Skype Software can be engineered to decrypt, then provide a subliminal channel to CN Govt observers/spies who can review the plaintext... the User has no easy way of knowing this.
To be trustworthy, Skype needs to stop telling us all to "trust us" and finally OPEN its SOURCE code for extensive security reviews. Their argument is that their proprietary security implementation is their value, but it's FREE software: they're not charging for anything associated with the client. Maybe they charge big businesses for server functionalities, but that's not relevant here. Until they release open source, any security associated with Skype by any User is pure wishful thinking.
No offense intended, but please don't anyone tell me that, just because one clever guy (TB) was paid and then nondisclosed by Skype and then allowed to look at some architectural diagrams and/or a few small parts of the code specific to crypto key mgmt, it's now considered OK for everyone to feel safe and secure using. Homey don't play dat. AFAIK, he didn't see all of the source code, only certain aspects of the cryptographic architecture; he never saw the detailed implementation and; he's only one guy, albeit a clueful one, but not an army of unbiased geeks.
That's my $0.02, as a professional security architect and cryptographer.
PS: Google's motto is not "do no harm". One of their ten or so operating principles is "Don't be Evil" but I think we can all agree now: that ship has sailed. Shortly after they IPO'ed and started raking in Billions of dollars in fictional money that is itself part of a global Dirty Money network used by wealthy kleptocrats to hide Trillions of dollars in money stolen from Poor people around the world (Billions of whom, living in abject squalor in developing countries in Africa and Asia, will never use a computer, much less make a telephone call), they joined the ranks of the Corporate Goons, and whatever line of BS their PR company is now handing you about what groovy folks they are is just another load of hooey.
[ link to this | view in chronology ]
technicality
[ link to this | view in chronology ]
Re: technicality
[ link to this | view in chronology ]
What's encrypted?
[ link to this | view in chronology ]
Re: What's encrypted?
[ link to this | view in chronology ]
http://en.wikipedia.org/wiki/Communist_Party_of_Nepal_(Maoist)
as for the story? Yahoo handed over someone for emailing "sensitive" information today (remember when our government asked comcast for IP addresses of file sharers, and they gave them the finger?)
If you don't think this is vital to our own freedom, consider how our corporate leaders greeted the president of china on _OUR OWN TURF_. Bill Gates and others all BOWED to the president of china. If someone comes to YOUR home they should follow your rules _NOT_ vice versa!
[ link to this | view in chronology ]
WIsh
[ link to this | view in chronology ]
In theory couldn't these filters simply be implemented at the client? Yes, I know it is more likely to think that there is an intermediary snooping and filtering the conversations but it is not required for simple filtering. The forbidden words/phrases can be associated with the chinese skype client and filter them before encryption when sending text and can be filtered after decryption when receiving text.
[ link to this | view in chronology ]