On 25/05/13 17:26 PM, Ethan Heilman wrote:
Also adding to the evidence there was this story in which minutes were
leaked from an Austrian counter terrorism meeting that stated that skype
has a backdoor that helps the Austrian government listen to communications:
"At a meeting with representatives of ISPs and the Austrian regulator on
lawful interception of IP based services held on 25th June, high-ranking
officials at the Austrian interior ministry revealed that it is not a
problem for them to listen in on Skype conversations.
What happened was rather different to what Heise led readers to believe,
if it's the meeting I'm thinking it was. I wasn't at that meeting but I
got a first-hand briefing a few days later (I was in Austria at the time).
From memory: at that time there had been a rash of complaints from the
police about not being able to listen to skype, in many countries.
Pressure was on.
At that meeting, the noise was from one agency (police?), grumbling
about not being able to read skype. The austrian intelligence agency
had already gained the ability to do the intercepts, and they had said
it was easy enough, and here's the method. The other agencies then said
"aha! we need to get us some of that."
The method was rather more boring: it was an attack kit which infected
the victim's PC and copied the encrypted content out (see URLs below).
It was also discussed how this had come about. Austrian intelligence
agency got it from the German intelligence agency, who got it from the
Brits. So basically the intelligence agencies had been sharing the
technology, with one particular agency having taken the lead on success.
After that, 2009 or so, the agencies went quiet, press reports died
down. Which gives us some clue as to whether the police were grumbling
for their own benefit or for the benefit of others...
In short, it appears that 2008 was the year that the attack kit spread
across European agencies.
And, there wasn't (apparently) a backdoor available at that time to
them. But they could get by.
Here are some posts I wrote at the time which sort of back it up. For
some reason I never reported on that meeting, probably because the real
facts were reported elsewhere.
http://financialcryptography.com/mt/archives/001000.html
http://financialcryptography.com/mt/archives/001105.html
http://financialcryptography.com/mt/archives/001152.html
iang
This has been confirmed to heise online by a number of the parties
present at the meeting. Skype declined to give a detailed response to
specific enquiries from heise online as to whether Skype contains a back
door and whether specific clients allowing access to a system or a
specific key for decrypting data streams exist. "
http://www.h-online.com/security/news/item/Speculation-over-back-door-in-Skype-736607.html
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
