At 10:24 -0500 26.01.2008, Perry E. Metzger wrote:
Wikileaks has released documents from the German police revealing
Skype interception technology. The leaks are currently creating a
storm in the German press[...]
I've skimmed some of the coverage and I can't help but think that
this is being hyped in large part because Skype is mentioned.
What's being described seems to require running DigiTask's code on an
endpoint. If you're installed on the machine anyway, rather than
grabbing packets on the wire, all you'd need to do is get the data --
eg by inserting yourself into standard OS audio and HID APIs --
before Skype's code processes it. Such an approach would never have
to deal with encrypted bits, and really has nothing to do with Skype
at all.
NB also that unless they've implemented specific countermeasures in
the mean time, Skype remains vulnerable to traffic analysis, cf.
http://arstechnica.com/news.ars/post/20060824-7582.html.
s.
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]