I was inspecting Skype terms and condition http://www.skype.com/en/legal/tou/#15 " [...]We will process your personal information, the traffic data and the content of your communication(s) in accordance with our Privacy Policy:http://www.skype.com/go/privacy.";
http://www.skype.com/en/legal/privacy/ 1. WHAT INFORMATION DOES SKYPE COLLECT AND USE? ..... Content of instant messaging communications, voicemails, and video messages Nikos On Sun, May 19, 2013 at 10:41 PM, Jacob Appelbaum <[email protected]> wrote: > Krassimir Tzvetanov: >> To the best of my knowledge in Russia (no, I'm not Russian nor have lived >> there so I'm not 100% sure) you need to submit a copy of the private key if >> you are operating a website providing encryption on their territory to >> allow for legal intercept. >> >> They also have other provisions about wiretapping and monitoring which >> would mean that Skype really has not options if they want to _legally_ >> operate there... It's just the way the local legislation is rather than a >> function of how Skype is. They are just following the law. Now if somebody >> does not like the law there are other ways to approach this but >> breaking/violating it is usually one that is not effective. >> >> I think this discussion is focusing too much into the technical details and >> forgets a simple detail - doing some of those things to increase privacy >> may itself be _illegal_ in certain jurisdictions which make this even more >> fun. >> >> It's not impossible but it is usually very difficult to provide technical >> solutions to political/politics problems. That's of course just my >> experience :) >> >> Cheers, >> Krassimir > > Hi, > > I'm late to the party on this list but I've been worried about these > kinds of backdoors in Skype for quite some time. My worry partially > comes from the common rumors, of which there are many, though it is > largely the existential proof, the economic, the political and the > social contextual issues that raise the largest concerns in my mind. > > As we've seen with Cisco, we know how some of these so-called lawful > interception systems are implemented: > > http://www.cisco.com/web/about/security/intelligence/LI-3GPP.html > > This patent by Microsoft may be of interest to those looking into Skype, > automated interception and probably many other kinds of interception - > note that this is not just a matter of recording, it in fact *tampers* > with the data: > > "Aspects of the subject matter described herein relate to silently > recording communications. In aspects, data associated with a request to > establish a communication is modified to cause the communication to be > established via a path that includes a recording agent. Modification may > include, for example, adding, changing, and/or deleting data within the > data. The data as modified is then passed to a protocol entity that uses > the data to establish a communication session. Because of the way in > which the data has been modified, the protocol entity selects a path > that includes the recording agent. The recording agent is then able to > silently record the communication." > > > http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.html&r=1&f=G&l=50&d=PG01&p=1&S1=20110153809&OS=20110153809&RS=20110153809 > > Note that this is from 2009 and the Skype purchase was not finalized > until 2011. > > Perhaps the authors (Ghanem; George; (Redmond, WA) ; Bizga; Lawrence > Felix; (Monroe, WA) ; Khanchandani; Niraj K.; (Redmond, WA)) of that > patent are open to discussing how they might improve on their patent for > a peer to peer system as deployed today? :) > > Skype is clearly inspecting the entire message and right now, we have an > existential proof that they extract at least HTTP and HTTPS urls and > process them in some fashion. I suspect that it would be a useful idea > to insert many different kinds of protocols to see the depth of the > rabbit hole probing, so to speak. > > http://user@password:www.example.com/secret-area > magnet://[hash] > ftp://ftp.example.com > https://user@password:www.example.com/secret-area > telnet//user@password:telnet.example.com > > I would also suggest that we might try a few hacks to determine where > the parsing, inspection and extraction of interesting data is or isn't > taking place. As an example - run Skype in a virtual machine, type a > message - delay the message sending to the network, freeze the virtual > machine and flip a single bit in the url already in the outbound message > queue. This isn't trivial to do with Skype by any means but it most > certainly isn't impossible for someone with the inclination. > > We know that Skype clients sync up the social graph of a given user; > they call this a buddy list. This suggests that information in the > directory of clients and the linked list for relationships is stored on > their servers - is it encrypted in a way that may not be recovered by > anyone other than the user? Skype dynamically routes calls to devices, > does this imply that the location of the user is disclosed to the > network or stored in some kind of time series data structure? Chat > message history is in sync across clients, how is this data stored? > Messages may be queued for a given user - how are these messages > encrypted, authenticated and retained to ensure integrity during the > queuing? We also know that Skype is able to call out with the feature > SkypeOut - so we know that someone has to comply with CALEA - even if it > isn't Microsoft, the calls/sms hit a VoIP gateway or the SS7 network > somewhere. Who peers with them? Have any telecom switch operators > attempted to trace these calls and openly published the metadata that is > normally not available to end user telephone systems? This is among many > other "features" that deserve a discussion and by no means an exhaustive > list. > > We see that there is a great deal of pressure around the world to allow > for interception: > > > http://www.rudebaguette.com/2013/03/12/skype-may-face-criminal-charges-if-it-doesnt-let-french-police-listen-in-on-skype-calls/ > > We also see that there are variants of Skype that *do* inspect text that > is on censorship lists: > > > http://www.businessweek.com/articles/2013-03-08/skypes-been-hijacked-in-china-and-microsoft-is-o-dot-k-dot-with-it > > http://cs.unm.edu/~jeffk/tom-skype/ > > The above of course says nothing of the Tom Skype fiasco that included > untold numbers of unecrypted chat messages being logged on open > web-servers as exposed by Citizen Lab as well as others. > > We see that location privacy is clearly not a priority and if it is, > they've failed at the goal: > > > http://community.skype.com/t5/Security-Privacy-Trust-and/Easy-way-to-lookup-IP-address-of-a-skype-username/td-p/689903 > > > http://bits.blogs.nytimes.com/2011/11/29/skype-can-expose-your-location-researchers-say/ > > To distinguish how this failure happens, I propose a simple experiment. > It should be possible to give a Skype client a public IP and then > transparently route all traffic it over Tor - if the Skype client > reports on its IP to the network, it will give the public IP bound to > the interface, if it does it through some network activity or if the > network service discovers the IP, the Tor exit node IP will be > disclosed. I suspect there are a few other variants and different > internal Skype systems likely have access to different IP addressing > information. > > Chat syncing supposedly happens between clients that are online, though > one wonders how this connection is internally authenticated, as well as > if anyone may simply remotely pull the chat logs from a given client: > > > http://community.skype.com/t5/Windows-desktop-client/Chat-History-on-Multiple-Computers-Retaining-one-deleting-other/td-p/159190 > > > http://community.skype.com/t5/Security-Privacy-Trust-and/Is-chat-history-stored-on-Skype-servers/td-p/472379 > > Note that Skype claims that they do store this for ~30 days: > > http://www.skype.com/en/legal/privacy/#12 > > Really though, I don't know how clear cut their backdoor needs to be > disclaimed than the following text from the above link: > > "Skype will retain your information for as long as is necessary to: (1) > fulfill any of the Purposes (as defined in article 2 of this Privacy > Policy) or (2) comply with applicable legislation, regulatory requests > and relevant orders from competent courts. > > "Retention of Instant Messages, Voicemail Messages, and Video Messages > (Skype internet communications software application only) > > "Your instant messaging (IM), voicemail, and video message content > (collectively “messages”) may be stored by Skype (a) to convey and > synchronize your messages and (b) to enable you to retrieve the messages > and history where possible. Depending on the message type, messages are > generally stored by Skype for a maximum of between 30 and 90 days unless > otherwise permitted or required by law. This storage facilitates > delivery of messages when a user is offline and to help sync messages > between user devices. For IM, if you have linked your Skype and > Microsoft accounts, you may have the option to choose to store your full > IM history for a longer period. In that case, your IMs may be stored in > your Outlook.com Messaging folder until you manually delete them. For > Video messages, you may also choose to store messages for an extended > period if the sender is a Premium Member. > > "Skype will take appropriate technical and security measures to protect > your information. By using this product, you consent to the storage of > your IM, voicemail, and video message communications as described above. > > Yowza! > > There are specific properties that many desire from a communication > system. It seems that we have seen reports of some of these things > working in a way that suggests most of it is done in the simplest manner > possible: without strong cryptography, if any cryptography, and without > strong technical privacy of any sort. Often technically illiterate > journalists, especially Microsoft apologists, will suggest that Skype is > encrypted - this is of course hand waving bordering on masturbation - of > course there is encryption of sorts. The questions are about what data > is stored, who has access to that data and how that data is protected - > these issues are absolutely not disclosed in any meaningful sense - not > the least of which is with the source code of an end user client that we > are welcome to analyze openly. > > I might add that some tactical hacking shops have a collection of 0day > for Skype that is used to break into "suspects" computers for insertion > of malware. My guess is that this is so common that it is commercially > supported by backdoors. This likely includes Remote Control System's > Hacking Team tools, a.k.a. DaVinci and FinFisher, which we know uses > Skype's API directly: > > https://twitter.com/botherder/status/334775398904758273 > > I should also add that I had the chance to meet one of the founders of > Skype last week. I encourage people to reach out to the founders and to > directly and politely, ask about interception capabilities, legal > requirements as well as architectural designs; most of this is > pre-Microsoft, of course. Still we'll begin to understand the historical > context for the current behaviors, we may even find historical behaviors > that match present behaviors. > > I would also suggest looking at the court dockets and cases filed in > Luxembourg. I suspect that the number of lawful orders is not zero and > that the number of times data has been returned is also not zero. > > So to summarize, we have strong evidence or admission from Skype and/or > Microsoft for the following: > > Skype logs chat, buddy list, audio, video, email address and more. > Data is stored/disclosed to third parties in various circumstances. > Data is unencrypted and data-mined by machines. > Data is used by Skype/Microsoft for various reasons. > Skype API is used by malware used by thug pigs in dictatorships. > Skype API is used by malware used by Honest Cops in the Free World. > Skype's binary is obfuscated to prevent analysis by reverse engineers. > SkypeOut touches networks that must be CALEA compliant. > > I wouldn't use this for activism anywhere in the world. I can't imagine > that it would be reasonable for victims of domestic violence, amongst > other likely users, to use it either. > > Perhaps Microsoft will fix all of these things? And if they're not > interested in fixing it, perhaps they might comment on it and line by > line confirm, deny or explain these issues? > > The Microsoft Law Enforcement Requests Report seems to suggest that > they're open to hearing from the wider community: > > > http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency > > I've cc'ed the email mention on their transparency report - I did this > previously and never received a substantial reply; perhaps this time? > > All the best, > Jacob > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
