Pirate Party ALMOST Ejected From Festival For Giving Out Free Waffles After Vendors Selling Waffles Complained (Updated)

Skype No Longer Willing To Claim That Its Calls Are Untappable By Law Enforcement

Privacy

from the well-now... dept

Tue, Jul 24th 2012 3:02am — Mike Masnick

For years, we've noted that various governments have sought to be able to wiretap Skype -- and the company has always insisted that its peer-to-peer architecture made it impossible. Last year, however, some hackers suggested that there was now a backdoor in Skype. And now when a reporter for Slate, Ryan Gallagher, is pushing the company on this issue, it refuses to make a clear statement onto the ability to wiretap Skype calls. You can draw your own conclusions.

It is, of course, possible that this is just the tighter-lipped way of Microsoft, now that the software giant owns Skype, but it certainly is raising questions for those who believed that Skype was a safe way to hold conversations away from the ears of increasingly intrusive government surveillance. It seems like there's new incentive for others to work on truly secure voice communications.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: privacy, skype, wiretapping
Companies: microsoft, skype

34 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

F!, 24 Jul 2012 @ 3:09am

Alternatives?
I understand Jitsi in combination with XMPP(Jabber) can do encrypted end-to-end connections, mostly for text but I think voice is available. I think TorChat utilizes the Tor network for increased privacy.

I've heard good things about Asterisk VOIP software, but I don't know much about it...

Been casually keeping an eye out for secure communication tools over the years, that's about the best I can come up with. Any other ideas?
[ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2012 @ 4:26am
  
  Re: Alternatives?
  "I've heard good things about Asterisk VOIP software, but I don't know much about it..."
  
  I can inform you on this point.
  
  First of all, Asterisk is not a VoIP client. Asterisk is a software implementation of a PBX. Put simply, what it does is receive calls (usually VoIP calls, though, with the appropriate hardware, you could also handle calls from the telephone network) and forward them to an appropriate destination.
  
  For example, you could implement an asterisk dialplan (a funny work for "script") where, when callers dial in, they are greeted with a voice prompt that says "Press 1 to go to Tech Support, Press 2 to go to sales..." (you get the picture).
  
  And then, when they, for example, press 1, they are sent to a queue (where they get to listen to loud music and voice prompts that reassure them that "your call is important to us"), until they are eventually picked up by a human. Call proceeds normally from then on. This is just a simple example. The call manipulation possibilities Asterisk offers are virtually endless.
  
  I, personally, have some experience with it, having used it at work to implement a call center for a small operation - a painful experience, mind you, but a rewarding one, since I knew next to nothing in regards to VoIP.
  
  In my experience, I've learned that documentation is scarce, and configuration is somewhat painful. The way some of its features are implemented sometimes seem archaic and not at all flexible, making you have to jump through hoops to do something that should have been simple. But it is light on resources and gets the job done rather well after it is up and running.
  
  Asterisk has a bunch of interesting features for call centers and telephone networks in general, but I doubt end-users would be interested. Unless you want to build a VoIP network of some sort from the ground up to replace Skype's network, Asterisk is not for you. And even if you are, there is probably software out there that is better suited for such things.
  [ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2012 @ 6:00am
  
  Re: Alternatives?
  The whole group is called "softphones" you can search for it.
  
  http://www.voipsupply.com/blog/free-sip-softphone-roundup
  https://en.wikipedia.org/wiki/Soft phone
  
  Just pay attention to the "encryption"
  https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol
  And how the keys are negotiated, if it depends on third parties that can be tapped and bugged, if you have to give the key to someone personally that is the secure option.
  
  This protocol does not require prior shared secrets or rely on a Public key infrastructure (PKI) or on certification authorities, in fact ephemeral Diffie-Hellman keys are generated on each session establishment: this allows the complexity of creating and maintaining a trusted third-party to be bypassed.
  
  https://en.wikipedia.org/wiki/ZRTP
  
  The ways that don't need "trusted third parties" to manage keys are the best bets.
  
  https://en.wikipedia.org/wiki/Comparison_of_VoIP_software
  
  https://en.wikipedia.org/wiki/ IP_Phone
  https://en.wikipedia.org/wiki/List_of_SIP_software
  [ link to this | view in chronology ]
  - Anonymous Coward, 24 Jul 2012 @ 6:06am
    
    Re: Re: Alternatives?
    Introdutory article about privacy and security of softphones.
    http://www.freesoftwaremagazine.com/articles/secure_voip_calling_free_software_right_to _privacy
    
    39 free softphones from 2009.
    http://www.venturevoip.com/news.php?rssid=2188
    
    Yay!
    [ link to this | view in chronology ]
  - Anonymous Coward, 24 Jul 2012 @ 6:10am
    
    Re: Re: Alternatives?
    http://www.gnutelephony.org/index.php/GNU_Telephony
    
    Another link.
    [ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 3:20am

Of COURSE they can be tapped for years! Search "Megaupload" and "Skype" on Google. The USA DOJ lists over 100 Intercepted Skype calls over a three year period as evidence for extradition.
[ link to this | view in chronology ]
- �yvind, 24 Jul 2012 @ 3:23am
  
  Re:
  The FBI reportedly used Skype IMs, not Skype Calls. Or am I mistaken?
  [ link to this | view in chronology ]
  - Anonymous Coward, 24 Jul 2012 @ 10:22am
    
    Re: Re:
    Yes, IMs, not calls.
    [ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 3:21am

Conspiracy
M$ built that backdoor so they could stay in the pockets of government.

\paranoiddelusions
[ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2012 @ 4:37am
  
  Re: Conspiracy
  MS Patented that backdoor.
  
  \NotThatParanoid
  [ link to this | view in chronology ]
  - Anonymous Coward, 24 Jul 2012 @ 9:03pm
    
    Re: Re: Conspiracy
    On the bright side, it makes all other software companies willing to comply with their government to build wiretap functionality have to pay big sum to Microsoft.
    [ link to this | view in chronology ]
- Chargone (profile), 24 Jul 2012 @ 4:46am
  
  Re: Conspiracy
  ... i think your / tag only needs half the words it currently has.
  [ link to this | view in chronology ]
  - arcan, 24 Jul 2012 @ 5:08am
    
    Re: Re: Conspiracy
    1.5 words?
    [ link to this | view in chronology ]
  - Blatant Coward (profile), 24 Jul 2012 @ 4:22pm
    
    Re: Re: Conspiracy
    I think all it needs is /blackhelicoptors.wav
    [ link to this | view in chronology ]
Mesonoxian Eve (profile), 24 Jul 2012 @ 3:28am

This is the same company who gives Linux keys to law enforcement to by pass its own operating system.

But I've said this before: if you believe there's privacy when you're using these programs, Microsoft isn't the one to blame.
[ link to this | view in chronology ]
Ninja (profile), 24 Jul 2012 @ 4:22am

I personally don't do anything unlawful or illegal (in my country at least, I'd be screwed on copyright grounds in the US or so I think). But, come on, if I had to do anything illegal I'd be using open source communication tools with end-to-end encryption. I wonder if the Govts are just naive or if what they want is to really just control the average Joe/Jane. Any criminal with half a brain will take several steps to conceal their activities online.
[ link to this | view in chronology ]
- Machin Shin (profile), 24 Jul 2012 @ 6:13am
  
  Re:
  Well you see, here in the US the government works really hard to have nothing but the best crooks. It does all these stupid things to catch the people making stupid mistakes.
  
  Then it takes these people and tosses them into criminal training (I'm sorry, I mean prison). This way they can all get together and learn from each other.
  
  As an added measure they put a little check in the box next to "felon" in their record to make sure once they are out of school (prison) they are not able to get a real job anymore.
  [ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 4:58am

Skype has no backdoors people.

Now build the Ironic Mustache Twitter Interface to appreciate those words.
http://www.instructables.com/id/Ironic-Mustache-Twitter-Interface/
[ link to this | view in chronology ]
drew (profile), 24 Jul 2012 @ 5:32am

and BAM!
Business opportunity for someone else.
[ link to this | view in chronology ]
Christopher (profile), 24 Jul 2012 @ 6:23am

Government needs to be told that they cannot wiretap people (or scan all people's calls) without a warrant pointing to a specific phone or a specific person.

One or the other. "Eschelon" or whatever they are now calling it needs to be killed, it's just a way to harass people who dare to speak out against government policies.
[ link to this | view in chronology ]
Greevar (profile), 24 Jul 2012 @ 7:43am

There's only one way to have secure communication.
I need a quantum entanglement communicator. There's no way to tap that, since there is no transmission medium to tap into.
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 7:49am

Ok, so what's a good open source alternative to Skype that works on Windows, Mac, and Linux, supports encryption, and is roughly no more difficult than Skype to install, set up an account on, and use?
[ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2012 @ 12:23pm
  
  Re:
  ZRTP capable for Lin, Mac and Win.
  
  https://en.wikipedia.org/wiki/Jitsi
  https://en.wikipedia.org/wiki/Linphone
  
  Please note that capable doesn't mean it will always use that, in a world of many protocols people tend to make things to work with the most number of other protocols which can be a problem if you want to track the security of the communications because you can't see easily which protocol is being used.
  
  Now if you come to the darkside you can have even more choices. Linux rule the secure softphone market.
  [ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 7:56am

I heard about a project called GNU Free Call that was announced around the time Microsoft purchased Skype. It was supposed to be a Skype replacement, but I haven't heard any news about it since the announcement last year.

Is GNU Free Call still in development, or did the project die off?
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 8:31am

GNU/PGP voice?
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 8:52am

Of COURSE they can be tapped for years! Search "Megaupload" and "Skype" on Google. The USA DOJ lists over 100 Intercepted Skype calls over a three year period as evidence for extradition.
[ link to this | view in chronology ]
Violated (profile), 24 Jul 2012 @ 9:05am

Skype calls recorded
The FBI certainly tapped the Skype calls of the Mega employees when they say as much in the Mega indictment. What they do not say was if this Skype invasion was done under a court order or not.
[ link to this | view in chronology ]
Rekrul, 24 Jul 2012 @ 10:43am

The words "Microsoft" and "safe" don't belong in the same sentence.
[ link to this | view in chronology ]
AzureSky (profile), 24 Jul 2012 @ 11:59am

mumble/murmur is a free opensource equivlant to Ventrilo or TeamSpeak, its encrypted end to end, and it works on pretty much any OS you want.

http://mumble.sourceforge.net/

it also is easy to adjust on a per client basis for bandwidth, even people on dialup can use it without issues :)
[ link to this | view in chronology ]
- Anonymous Coward, 24 Jul 2012 @ 12:41pm
  
  Re:
  Is Mumble encrypted?
  
  Your whole communication to and from the server is always encrypted. This encryption is mandatory and cannot be disabled. The so-called control channel, which transports your chat messages and other non-time critical information, is encrypted with TLS using 256 bit AES-SHA. The voice channel carrying speech and positional audio is encrypted with OCB-AES 128 bit. You and the server authenticate to each other using digital certificates like they are used for secured connections in Web-browsers.
  
  http://mumble.sourceforge.net/FAQ#Is_Mumble_encrypted.3F
  
  The TLS part is what makes it vulnerable to snooping.
  https://en.wikipedia.org/wiki/Transport_Layer_Security
  [ link to this | view in chronology ]
Really Really Really?, 24 Jul 2012 @ 7:37pm

Skype has been bought off n sold out
Skype now puts ads in the calls, if you review the servers it connects to it literally connects to over 10+ IP addresses just at log in not to mention how many more it connects to when you place a call... If your so worried about people listening to you or privacy don't use VoIP....

OoVoO & Mumble FTW
[ link to this | view in chronology ]
Anonymous Coward, 24 Jul 2012 @ 8:11pm

Did anybody seriously think otherwise?
[ link to this | view in chronology ]
molly, 18 Sep 2012 @ 5:15am

nice info, thanx!) but as for me, i prefer to use this skype calls recorder http://www.imcapture.com/IMCapture_for_Skype/, i heard a lot of positive opinions about it!)
[ link to this | view in chronology ]
http://buyserviceonline.blogspot.com, 16 Feb 2013 @ 2:40am

http://buyserviceonline.blogspot.com
best skype alternatives to make free landphone and mobile call worldwide cheap
http://buyserviceonline.blogspot.com/2013/02/best-skype-alternatives-to-make-free.html
[ link to this | view in chronology ]