Skype's president has acknowledged that users in China have had instant messages both blocked and copied to servers owned by TOM Online, Skype's partner in the country.
According to Skype president Tom Silverman, Skype knew when it partnered with TOM that TOM would censor instant-messages containing certain keywords, according to rules set down by the Chinese government. Although Skype provides the underlying software code, TOM is considered to be the majority partner in China.In his blog post, Silverman reminded Skype's customers that the company had no intention of spying on customers that used the official version of Skype outside of China...
As Reuters noted, however, the TOM-Skype version of the Skype software is the only version that can be accessed inside the company.
"It's important to remind everybody that the issues highlighted in yesterday's Information Warfare Monitor / ONI Asia report refer only to communications in which one or more parties are using TOM software to conduct instant messaging," Silverman added. "It does not affect communications where all parties are using standard Skype software. Skype-to-Skype communications are, and always have been, completely secure and private." (maybe not) (more)
Showing posts sorted by relevance for query skype. Sort by date Show all posts
Showing posts sorted by relevance for query skype. Sort by date Show all posts
Saturday, October 4, 2008
Thursday, July 19, 2012
Was Skype reworked by Microsoft to make it easier to wiretap?
Skype supernodes are being centralized by Microsoft, but they deny wiretapping. But there's this patent they have to intercept VoIP phone calls...
Back in May, skype-open-source reported Skype, owned by Microsoft, had replaced user-hosted P2P supernodes with Linux grsec systems hosted by Microsoft. The shock wasn't that Microsoft is hosing Skype on Linux servers, but that centralization makes it possible to wiretap Skype communications. One big advantage of Skype has always been the decentralized and encrypted service was secure from eavesdropping.
Microsoft denies this, but the company applied for a patent on a technology called Legal Intercept to monitor and record Skype calls. Applied for before they purchased Skype, Microsoft specifically mentions intercepting calls on that service in the patent application. Conspiracy theorists now say they understand why Microsoft paid what seemed to be an unusually high price for Skype. (more)
Back in May, skype-open-source reported Skype, owned by Microsoft, had replaced user-hosted P2P supernodes with Linux grsec systems hosted by Microsoft. The shock wasn't that Microsoft is hosing Skype on Linux servers, but that centralization makes it possible to wiretap Skype communications. One big advantage of Skype has always been the decentralized and encrypted service was secure from eavesdropping.
Microsoft denies this, but the company applied for a patent on a technology called Legal Intercept to monitor and record Skype calls. Applied for before they purchased Skype, Microsoft specifically mentions intercepting calls on that service in the patent application. Conspiracy theorists now say they understand why Microsoft paid what seemed to be an unusually high price for Skype. (more)
Friday, March 29, 2013
FutureWatch Update - Skype Tapping
When we last left Skype...
Was Skype reworked by Microsoft to make it easier to wiretap?
Hey kids, we bought and fixed Skype just for you!
In today's episode...
Since its acquisition of Skype in May 2011, Microsoft has added a legitimate monitoring technology to Skype, says Maksim Emm, Executive Director of Peak Systems. Now any user can be switched to a special mode in which encryption keys will be generated on a server rather than the user's phone or computer.
Access to the server allows Skype calls or conversations to be tapped. Microsoft has been providing this technology to security services across the world, including Russia.
Group-IB CEO Ilya Sachkov said that the security services have been able to monitor the conversations and location of Skype users for a couple of years now.
"This is exactly why our staff are not allowed to discuss business on Skype," he said. (more)
Was Skype reworked by Microsoft to make it easier to wiretap?
Hey kids, we bought and fixed Skype just for you!
In today's episode...
Access to the server allows Skype calls or conversations to be tapped. Microsoft has been providing this technology to security services across the world, including Russia.
Group-IB CEO Ilya Sachkov said that the security services have been able to monitor the conversations and location of Skype users for a couple of years now.
"This is exactly why our staff are not allowed to discuss business on Skype," he said. (more)
Wednesday, February 20, 2013
Skype Plebes Petition Redmond Patricians
A coalition of activists, privacy organizations, journalists, and others have called upon Microsoft to be more forthright about when, why, and to whom it discloses information about Skype users and their communications.
In an open letter published on Thursday, the group argues that Redmond's statements about the confidentiality of Skype conversations have been "persistently unclear and confusing," casting the security and privacy of the Skype platform in doubt...
The group claims that both Microsoft and Skype have refused to answer questions about what kinds of user data the service retains, whether it discloses such data to governments, and whether Skype conversations can be intercepted. (more)
"more forthright"
"in doubt"
Please.
The original Skype-in-the-wild was viewed as high security privacy tool. Guess who didn't like that. Guess why Skype was "bought" in from the wild and given adult supervision. (Think Spypke.)
Post de facto petitioning is painful to watch. If you want privacy, you need to start much earlier in the game. It begins with self-reliance.
Example: You don't see smart corporations sitting around waiting for 'the government' or some free software to protect their information. No, they take proactive measures like TSCM and IT security. They don't wait and whine later.
The group claims that both Microsoft and Skype have refused to answer questions about what kinds of user data the service retains, whether it discloses such data to governments, and whether Skype conversations can be intercepted. (more)
"more forthright"
"in doubt"
Please.
The original Skype-in-the-wild was viewed as high security privacy tool. Guess who didn't like that. Guess why Skype was "bought" in from the wild and given adult supervision. (Think Spypke.)
Post de facto petitioning is painful to watch. If you want privacy, you need to start much earlier in the game. It begins with self-reliance.
Example: You don't see smart corporations sitting around waiting for 'the government' or some free software to protect their information. No, they take proactive measures like TSCM and IT security. They don't wait and whine later.
Thursday, June 30, 2011
...and then they bought Skype. Your tax dollars at work?
The U.S. Patent and Trademark Office published a Microsoft patent application that reaches back to December 2009 and describes “recording agents” to legally intercept VoIP phone calls. The “Legal Intercept” patent application is one of Microsoft’s more elaborate and detailed patent papers, which is comprehensive enough to make you think twice about the use of VoIP audio and video communications. The document provides Microsoft’s idea about the nature, positioning and feature set of recording agents that silently record the communication between two or more parties.
The patent was filed well before Microsoft’s acquisition of Skype and there is no reason to believe that the patent was filed with Skype as a Microsoft property in mind. [Other than governments worldwide might pay a bundle to be able to eavesdrop on Skype calls.] However, the patent mentions Skype explicitly as an example application for this technology and Microsoft may now have to answer questions in which way this patent applies to its new Skype entity and if the technology will become part of Skype. (more)
Wednesday, January 23, 2013
Audio Steganography - SkyDe, as in Skype Hide
Those awkward silences during phone calls can communicate a lot. Especially if you're sending hidden messages during them.
Computer scientists at the Warsaw University of Technology have come up with a way to secretly send nearly 2000 bits of encrypted data per second during a typical Skype conversation by exploiting the peculiarities of how Skype packages up voice data. They reported their findings this week...
First the researchers noted that even when there's silence in a Skype call, the software is still generating and sending packets of audio data. After analyzing Skype calls, they found that they could reliably identify those silence packets, because they were only about half the size of packets containing voices. SkyDe (for Skype Hide) encrypts your hidden message, grabs a certain portion of outgoing silence packets, and stuffs the encrypted message into them. (more)
Important point: Conventional steganography hides data within photos and pictures. Downside... Your hidden message may languish on servers in multiple places for a long time, where it could eventually be discovered. Sky-De reduces this vulnerability. ~Kevin
Computer scientists at the Warsaw University of Technology have come up with a way to secretly send nearly 2000 bits of encrypted data per second during a typical Skype conversation by exploiting the peculiarities of how Skype packages up voice data. They reported their findings this week...First the researchers noted that even when there's silence in a Skype call, the software is still generating and sending packets of audio data. After analyzing Skype calls, they found that they could reliably identify those silence packets, because they were only about half the size of packets containing voices. SkyDe (for Skype Hide) encrypts your hidden message, grabs a certain portion of outgoing silence packets, and stuffs the encrypted message into them. (more)
Important point: Conventional steganography hides data within photos and pictures. Downside... Your hidden message may languish on servers in multiple places for a long time, where it could eventually be discovered. Sky-De reduces this vulnerability. ~Kevin
Monday, August 3, 2020
Block TikTok, or Microsoft to the Rescue
U.S. Secretary of State, Mike Pompeo, claimed that TikTok sends user data to China, exerting pressure on the video-sharing social networking service. Pompeo brought attention to the fact that if personal information flows across a Chinese server, it will eventually end up in the hands of the Chinese Communist Party which he calls an “Evil Empire”.
TikTok has denied U.S. allegations but a report by cyber experts at ProtonMail says otherwise. The report is more a warning as it states – “Beware, the social media giant not only collects troves of personal data on you, but also cooperates with the CCP, extending China’s surveillance and censorship reach beyond its borders.” more
In other news...
Microsoft said Sunday it will continue talks to buy short-form video app, TikTok after its chief executive spoke with President Trump, following a weekend of uncertainty clouding the future of the Chinese-owned app. more
Connect the Dots...
When Microsoft bought Skype, Wired Magazine noted, "The Skype client itself is written almost as if it were a piece of malware, using complex obfuscation and anti-reverse engineering techniques, and it would be disquieting for Microsoft to release something that behaved in such a shady way; at the very least, the client would surely have to be rewritten to avoid the obfuscation and outright hostility to
managed networks that Skype currently has... Ultimately, it's hard to see how the Skype purchase is worthwhile from a
technology or user-access perspective. The technology isn't good enough
and the users aren't lucrative enough or plentiful enough to justify
it. more
Microsoft already had Windows Live Messenger. Did it really need Skype? Skype you might recall was a predominately Estonian-based encrypted platform. It was giving governments fits worldwide. Then, in 2011, Microsoft bought it. Guess what happened.
TikTok, it appears, is also giving government fits. Who ya gonna call?
Thursday, October 2, 2008
Spying on Chinese Skype
Among China’s community of dissidents and activists, there’s a commonly held belief that, while e-mail and regular phone conversations may be subject to surveillance, Skype is safe from such interference.
Not so, according to a new report, which has uncovered a far-reaching web of surveillance of text messages sent through Tom-Skype, a Chinese joint venture between Ebay, which owns Skype, and Tom Online, the Chinese Internet subsidiary of Tom Group, a Hong Kong-based company controlled by billionaire Li Ka-Shing...
The full report is available here. Key findings are summarized...
–Full text chat messages of Tom-Skype users are regularly scanned for sensitive keywords. If the keywords are found, the messages are uploaded and stored on Tom-Skype’s servers in China.
–The text messages and other records containing personal information are stored on publicly accessible Web servers along with the encryption key that allows the data to be decrypted.
–Keyword scanning looks for terms relating to sensitive topics such as Taiwanese independence, banned religious sect Falun Gong, and opposition to the Communist Party.
–The surveillance may not be solely keyword-driven, as a number of stored messages contained only common words. The report suggests that “that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.”
–The report focuses on text messages, but it says that information on voice calls is also being stored. Logs dating from August 2007 contain records of the IP addresses and usernames of all participants in voice calls (including the username and/or phone number of the recipient). (more)
Not so, according to a new report, which has uncovered a far-reaching web of surveillance of text messages sent through Tom-Skype, a Chinese joint venture between Ebay, which owns Skype, and Tom Online, the Chinese Internet subsidiary of Tom Group, a Hong Kong-based company controlled by billionaire Li Ka-Shing...
The full report is available here. Key findings are summarized...
–Full text chat messages of Tom-Skype users are regularly scanned for sensitive keywords. If the keywords are found, the messages are uploaded and stored on Tom-Skype’s servers in China.
–The text messages and other records containing personal information are stored on publicly accessible Web servers along with the encryption key that allows the data to be decrypted.
–Keyword scanning looks for terms relating to sensitive topics such as Taiwanese independence, banned religious sect Falun Gong, and opposition to the Communist Party.
–The surveillance may not be solely keyword-driven, as a number of stored messages contained only common words. The report suggests that “that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.”
–The report focuses on text messages, but it says that information on voice calls is also being stored. Logs dating from August 2007 contain records of the IP addresses and usernames of all participants in voice calls (including the username and/or phone number of the recipient). (more)
Wednesday, January 28, 2009
Skype vs. Eavesdropping
Mike Chapple handles a Skype question...
Q: Can an attacker gain important and private information from my phone through a peer-to-peer network?
A: Peer-to-peer telephone services such as Skype offer a way to save significant money on telephone services. By leveraging peer-to-peer networks to route calls around the world, every call becomes a local one. Peer-to-peer services allow telephone calls to be routed through the privately owned equipment of one or more unknown individuals. This raises a number of confidentiality, integrity and availability concerns, and little information is available about what, if any, security controls these services have put in place to protect your telephone calls.
While this is an interesting technology, I would not recommend that it be used for any private communications. (more)
Additional considerations...
• Skype says their communications is encrypted.
• Some say Skype encryption can be bypassed.
Q: Can an attacker gain important and private information from my phone through a peer-to-peer network?
A: Peer-to-peer telephone services such as Skype offer a way to save significant money on telephone services. By leveraging peer-to-peer networks to route calls around the world, every call becomes a local one. Peer-to-peer services allow telephone calls to be routed through the privately owned equipment of one or more unknown individuals. This raises a number of confidentiality, integrity and availability concerns, and little information is available about what, if any, security controls these services have put in place to protect your telephone calls.
While this is an interesting technology, I would not recommend that it be used for any private communications. (more)
Additional considerations...
• Skype says their communications is encrypted.
• Some say Skype encryption can be bypassed.
Wednesday, March 2, 2011
India’s government has reiterated to BlackBerry manufacturer Research in Motion, and other companies providing encryption in their products, that they will have to be open to internal security and intelligence services if they wish to continue operating in the region.
Under this premise, Google and Skype could also be forced to shut down in the country if it cannot provide keys to its services...
To explain the difficulty of allowing a government to access Skype’s communications, one of the worlds leading intelligence organizations, the US National Security Agency, is still offering ‘billions’ for a solution to their eavesdropping needs on the peer-to-peer voice network. (more)
FutureWatch "...corporate parent eBay, having had to write down $1.4bn already following its $2.6bn purchase of Skype back in the bubble-2.0 days of 2005, might see an opportunity here. A billion or two from the NSA for a backdoor into Skype might make the acquisition seem like a sensible idea." (more)
Under this premise, Google and Skype could also be forced to shut down in the country if it cannot provide keys to its services...
To explain the difficulty of allowing a government to access Skype’s communications, one of the worlds leading intelligence organizations, the US National Security Agency, is still offering ‘billions’ for a solution to their eavesdropping needs on the peer-to-peer voice network. (more)
Monday, July 28, 2008
Eavesdropping on Skype, "...not a problem..."
There’s growing speculation coming out of Europe that there’s a backdoor in Skype that allows remote eavesdropping of telephone conversations.
A report in the reputable Heise Online says the issue was discussed at a meeting with ISPs last month where high-ranking officials at the Austrian interior ministry claims “it is not a problem for them to listen in on Skype conversations.”
The report said a number of others at the meeting confirmed that claim. (more)
The public believes Skype phone calls are encrypted; eavesdropping is not possible. This may yet be true. But, what if there is a back door? Why would a government official admit it? The bigger story here may be this is a serious intelligence leak, or an intelligence red herring. Stay tuned.
In the meantime, a little history...
Oct 15, 2003 - (See FutureWatch heading)
June 9, 2008 - Expect negative 'feedback' from FBI
A report in the reputable Heise Online says the issue was discussed at a meeting with ISPs last month where high-ranking officials at the Austrian interior ministry claims “it is not a problem for them to listen in on Skype conversations.”
The report said a number of others at the meeting confirmed that claim. (more)
The public believes Skype phone calls are encrypted; eavesdropping is not possible. This may yet be true. But, what if there is a back door? Why would a government official admit it? The bigger story here may be this is a serious intelligence leak, or an intelligence red herring. Stay tuned.
In the meantime, a little history...
Oct 15, 2003 - (See FutureWatch heading)
June 9, 2008 - Expect negative 'feedback' from FBI
Wednesday, August 29, 2007
Eavesdropping on VoIP Calls—Part 2
In Part 1 of this opus, I (hopefully) painted a scary picture of how easy it is to eavesdrop on VoIP traffic. So what can you to protect your own VoIP traffic? Let's take a look at some of your options.
-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.
-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)
-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.
-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)
Monday, June 9, 2008
Expect negative 'feedback' from FBI
Skype, the eBay-owned company, says it is unable to comply with court-authorized wiretap requests. "...because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request," said Jennifer Caukin, Skype's director of corporate communications. (more)
Wednesday, July 25, 2012
Hey kids, we bought and fixed Skype just for you!
Skype has denied reports that recent changes to its architecture would make calls and messages easier to monitor by law enforcement.
Skype, a worldwide Internet-based voice and video calling service Microsoft acquired last year for $8.5 billion, said Tuesday the changes to its peer-to-peer infrastructure were done to improve the quality of service.
What it did was move "supernodes" into datacenters, Skype said. Supernodes act as directories that find the right recipient for calls. In the past, a user's computer that was capable of acting as a directory was upgraded from a node to a supernode. A node is the generic term for computers on a network. (more)
What it did was move "supernodes" into datacenters, Skype said. Supernodes act as directories that find the right recipient for calls. In the past, a user's computer that was capable of acting as a directory was upgraded from a node to a supernode. A node is the generic term for computers on a network. (more)
Tuesday, December 23, 2014
Skype for Android App - Eavesdropping - Feature or Flaw
The Skype for Android app reportedly features a flaw that allows other users to eavesdrop without any real effort.
As discovered by a Reddit user Ponkers (via Android Police), the security bug in Android app can "can force the Android version of Skype to answer, allowing you to eavesdrop."
As Ponkers explains, first it requires two devices signed into Skype account Android phone (device 1) and desktop (device 2). Now, if the user calls the target Android device (device 3) with the Android phone (device 1) and then disconnects from Internet while the target Android phone (device 3) has answered, it results in a call back from the target Android phone (device 3) to the user on desktop (device 2), and an automatic connection without the owner of the device necessarily knowing. (more)
As discovered by a Reddit user Ponkers (via Android Police), the security bug in Android app can "can force the Android version of Skype to answer, allowing you to eavesdrop."
 |
| The old fashioned way. |
Friday, February 12, 2016
Skype Scalper
A new piece of malware making the rounds intercepts Skype communications and takes custom backdoor software a step forward, according the researchers with Palo Alto Networks, who discovered it. Dubbed T9000, the malware contains a host of cybercriminal bells and whistles.
"Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach," say researchers Josh Grunzweig and Jen Miller-Osborn. "In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications, and specifically target Skype users." more
"Most custom backdoors used by advanced attackers have limited functionality. They evade detection by keeping their code simple and flying under the radar. But during a recent investigation we found a backdoor that takes a very different approach," say researchers Josh Grunzweig and Jen Miller-Osborn. "In addition to the basic functionality all backdoors provide, T9000 allows the attacker to capture encrypted data, take screenshots of specific applications, and specifically target Skype users." more
Sunday, February 15, 2009
Psssst! Wanna make a few billion dollars?
London - An industry source disclosed that America's supersecret National Security Agency (NSA) is offering "billions" to any firm which can offer reliable eavesdropping on Skype IM and voice traffic.
The spybiz exec, who preferred to remain anonymous, confirmed that Skype continues to be a major problem for government listening agencies, spooks and police. This was already thought to be the case, following requests from German authorities for special intercept/bugging powers to help them deal with Skype-loving malefactors. Britain's GCHQ has also stated that it has severe problems intercepting VoIP and internet communication in general. (more)
The spybiz exec, who preferred to remain anonymous, confirmed that Skype continues to be a major problem for government listening agencies, spooks and police. This was already thought to be the case, following requests from German authorities for special intercept/bugging powers to help them deal with Skype-loving malefactors. Britain's GCHQ has also stated that it has severe problems intercepting VoIP and internet communication in general. (more)
Wednesday, February 25, 2009
World Spy News Round-up
Italian authorities have closed all legal action against McLaren for its part in a spy scandal with Ferrari, McLaren said Monday. (more)
Kazakstan's former defense minister Wednesday accused the country's intelligence services of conducting an illegal wiretapping campaign against him and other members of parliament... (more)
The Finnish government may silence corporate whistleblowers by supporting a proposal backed by Nokia Oyj that would ease rules on monitoring workers’ emails... (more)
EU's judicial cooperation agency Eurojust will take the lead in finding ways to help police and prosecutors across Europe to wiretap computer-to-computer phone conversations enabled by programs such as Skype... (more)
UPDATE - Eurojust retracted previous statements saying it was taking the lead in helping national authorities to wiretap Skype conversations, saying they were issued "prematurely" and were "incorrect"... Skype, a Danish-Swedish business developed by Estonian programmers that was sold to E-Bay in 2005 and has over 350 million customers worldwide, is said to be un-spyable by intelligence services. (more)
Two more top deputies resigned from Colombia's domestic spy agency on Tuesday as prosecutors investigate allegations of improper eavesdropping on journalists, Supreme Court judges and opposition members... (more) Colombia has had issues in the past with wiretapping. In May 2007, the head of police intelligence and Colombia's police chief were forced to resign after an illegal interception of calls of political figures, government members, and, you guessed it, journalists... (more) Colombia's President Alvaro Uribe says he was unaware of the telephone bugging activities reportedly practised by the DAS domestic intelligence service... (more)
An Estonian court convicted a former top security official of treason Wednesday for passing on classified information to a foreign power in the Baltic country's biggest espionage scandal since the Cold War. (more)
The U.S. Drug Enforcement Administration failed to adequately protect a glamorous female spy when she was captured in Colombia in 1995, a Miami judge says. The former DEA informant, identified in court documents only as The Princess, is suing the agency for $33 million... (more)
Kazakstan's former defense minister Wednesday accused the country's intelligence services of conducting an illegal wiretapping campaign against him and other members of parliament... (more)
The Finnish government may silence corporate whistleblowers by supporting a proposal backed by Nokia Oyj that would ease rules on monitoring workers’ emails... (more)
EU's judicial cooperation agency Eurojust will take the lead in finding ways to help police and prosecutors across Europe to wiretap computer-to-computer phone conversations enabled by programs such as Skype... (more)
UPDATE - Eurojust retracted previous statements saying it was taking the lead in helping national authorities to wiretap Skype conversations, saying they were issued "prematurely" and were "incorrect"... Skype, a Danish-Swedish business developed by Estonian programmers that was sold to E-Bay in 2005 and has over 350 million customers worldwide, is said to be un-spyable by intelligence services. (more)
Two more top deputies resigned from Colombia's domestic spy agency on Tuesday as prosecutors investigate allegations of improper eavesdropping on journalists, Supreme Court judges and opposition members... (more) Colombia has had issues in the past with wiretapping. In May 2007, the head of police intelligence and Colombia's police chief were forced to resign after an illegal interception of calls of political figures, government members, and, you guessed it, journalists... (more) Colombia's President Alvaro Uribe says he was unaware of the telephone bugging activities reportedly practised by the DAS domestic intelligence service... (more)
An Estonian court convicted a former top security official of treason Wednesday for passing on classified information to a foreign power in the Baltic country's biggest espionage scandal since the Cold War. (more)
The U.S. Drug Enforcement Administration failed to adequately protect a glamorous female spy when she was captured in Colombia in 1995, a Miami judge says. The former DEA informant, identified in court documents only as The Princess, is suing the agency for $33 million... (more)
Friday, February 20, 2009
Skype in the Crosshairs
Suspicious phone conversations on Skype could be targeted for tapping as part of a pan-European crackdown on what law authorities believe is a massive technical loophole in current wiretapping laws, allowing criminals to communicate without fear of being overheard by the police.
The European investigation could also help U.S. law enforcement authorities gain access to Internet calls. The National Security Agency (NSA) is understood to believe that suspected terrorists use Skype to circumvent detection.
While the police can get a court order to tap a suspect's land line and mobile phone, it is currently impossible to get a similar order for Internet calls on both sides of the Atlantic. (more)
The European investigation could also help U.S. law enforcement authorities gain access to Internet calls. The National Security Agency (NSA) is understood to believe that suspected terrorists use Skype to circumvent detection.
While the police can get a court order to tap a suspect's land line and mobile phone, it is currently impossible to get a similar order for Internet calls on both sides of the Atlantic. (more)
Tuesday, October 25, 2011
Chat and...ZAP. Your address book is stolen!
If you use Skype on an iPhone or iPod touch, Phil Purviance can steal your device's address book simply by sending you a chat message.
In a video posted over the weekend, the security researcher makes the attack look like child's play. Type some JavaScript commands into the user name of a Skype account, use it to send a chat message to someone using the latest version of Skype on an iPhone or iPod touch, and load a small program onto a webserver. Within minutes, you'll have a fully-searchable copy of the victim's address book. (more)
In a video posted over the weekend, the security researcher makes the attack look like child's play. Type some JavaScript commands into the user name of a Skype account, use it to send a chat message to someone using the latest version of Skype on an iPhone or iPod touch, and load a small program onto a webserver. Within minutes, you'll have a fully-searchable copy of the victim's address book. (more)
Subscribe to:
Posts (Atom)