>Actually I think that was the point, as far as anyone knew and from the last >published semi-independent review (some years ago on the crypto list as I >recall) it indeed was end2end secure.
Skype has never claimed it is end to end secure in fact they have hinted many times that they can and do listen to users conversations: "Skype, Skype's local partner, or the operator or company facilitating your communication may provide personal data, communications content and/or traffic data to an appropriate judicial, law enforcement or government authority lawfully requesting such information. Skype will provide reasonable assistance and information to fulfill this request and you hereby consent to such disclosure." - http://www.skype.com/en/legal/privacy/#collectedInformation "After Microsoft in May 2011 acquired Skype, she provided legal technology of Skype audition, says the executive director of Peak Systems Maxim Emm . Now, any subscriber can switch to a special mode in which the encryption keys that were previously generated on the phone or computer, the subscriber will be generated on the server. [..] With access to the server, you can listen to the conversation or read the correspondence. Microsoft provides the opportunity to use this technology, intelligence agencies around the world, including Russia, the expert explains." google translated from Russian http://www.vedomosti.ru/politics/news/10030771/skype_proslushivayut "Skype spokesman did not deny the company's ability to intercept the communication. On the question of whether Skype could listen in on their users' communication, Kurt Sauer, head of the security division of Skype, replied evasively: "We provide a secure means of communication. I will not say if we are listening in or not." - http://en.wikipedia.org/wiki/Skype_security#cite_ref-22 Local German police also appear to use malware to attack skype, so it appears that at some point in the past skype may not have been cooperating with all LE requests. - http://wikileaks.org/wiki/Skype_and_the_Bavarian_trojan_in_the_middle Pretty much as far back at the 1700's communications companies have provided backdoors to state security and intelligence agencies. This was true in the age of telegrams and telex and it is true in the age of voip. As a general rule "any third party in any communication scheme is likely cooperating with all friendly intelligence agencies". _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
