EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.16.13

Microsoft Skype Messaging Surveillance Not the Main Issue, Audio Recording (Bugging) and Computer Hijacking Are

Posted in GNU/Linux, Microsoft, Windows at 12:03 pm by Dr. Roy Schestowitz

Nokia phone

Summary: Debates about the dangers of Skype focus on one of the least dangerous aspects of Skype

THE PROBLEM with Skype is not quite what The H focuses on. Microsoft claims to be scanning people’s conversations to mitigate the threat of phishing scams and such, but this doesn’t quite compute unless they only ever test for redirections in HEAD. To say that Skype is tracking people’s conversations would not be shocking because even years ago (before Skype was taken up by Microsoft and the NSA) China was given access to text conversations for censorship purposes (similar to security purposes in the practical sense). This is well documented in news sites, especially in Western news sites that like to berate China over practices that the West too harbours, but always under plausible denial clauses.

For those who have not seen the widely-syndicated and discussed report from Heise (or The H), in English the summary says: “A Microsoft server accesses URLs sent in Skype chat messages, even if they are HTTPS URLs and contain account information. A reader of Heise publications notified Heise Security (link to German website, Google translation). They replicated the observation by sending links via Skype, including one to a private file storage account, and found that these URLs are shortly after accessed from a Microsoft IP address. When confronted, Microsoft claimed that this is part of an effort to detect and filter spam and phishing URLs.”

“The H and heise Security believe that, having consented to Microsoft using all data transmitted over the service pretty much however it likes, all Skype users should assume that this will actually happen and that the company is not going to reveal what exactly it gets up to with this data.”
      –The H
As the article in The H puts it: “Anyone who uses Skype has consented to the company reading everything they write. The H’s associates in Germany at heise Security have now discovered that the Microsoft subsidiary does in fact make use of this privilege in practice. Shortly after sending HTTPS URLs over the instant messaging service, those URLs receive an unannounced visit from Microsoft HQ in Redmond.

“A reader informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. The server indicated a potential replay attack. It turned out that an IP address which traced back to Microsoft had accessed the HTTPS URLs previously transmitted over Skype. Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service.”

Microsoft’s excuses didn’t pass muster (the security excuse for surveillance, where all they can really test for is a redirection). “In summary,” says the author, “The H and heise Security believe that, having consented to Microsoft using all data transmitted over the service pretty much however it likes, all Skype users should assume that this will actually happen and that the company is not going to reveal what exactly it gets up to with this data.”

And from the comments we learn it’s worse than The H originally put it: “We tested it at mooncascade.com. I can confirm there is correlation between URL-s in Skype chats and web server access logs with traces from Redmond. There are both https and http accesses.”

Another commenter says:

So much about the “AES encryption” Skype promisses:

> All Skype-to-Skype voice, video, and instant message conversations
> are encrypted. This protects you from potential eavesdropping by
> malicious users.
>
> (https://support.skype.com/en/faq/FA31/does-skype-use-encryption)

Aparently, this falls into the same category as “McDonalds food is
healty and tastes good”.

This whole debate, unfortunately, misses a key point; not just text conversations are being tracked but voice ones (relayed through US infrastructure) — the bread and butter of Skype — are also being tracked and Skype as a binary ensures not only that Windows is hijackable, as we showed before, but that all platforms are rendered hijackable when Skype is running in the background (Skype has no intention of addressing these issues). The debate should be altered to take account of these much greater threats. By the way, on Windows it doesn’t even take Skype to hijack a computer; Microsoft has just admitted that exploits in the wild exist that help hijack Windows through a built-in program and there is also software that lets people’s Facebook accounts get hijacked through Windows, including on Vista 8 (the operating system which hardly sells, leading Microsoft to lies and inexcusable disinformation).

“A much rarer event, however, is one of Redmond’s own unloading publicly on the faults of not only Windows, but Microsoft’s company culture.”
      –Gizmodo
The Free Software Foundation has long been campaigning against Skype, even before Microsoft took over. GNU/Linux with SKype binaries is just about as compromisable as other platforms. The weakest link counts. It is worth noting that even a Windows developer admits that Windows is inferior to Linux, stirring up further debate. As Gizmodo put it: “Right now, somewhere on the internet, there is a flame war occurring between devotees of Linux and Windows. It’s just the nature of passionate software evangelism. A much rarer event, however, is one of Redmond’s own unloading publicly on the faults of not only Windows, but Microsoft’s company culture.”

At Microsoft, backdoors are not a bug; sometimes they are a feature. Since nobody among the users can inspect the code or thoroughly interpret the binaries, it’s hard to remove the backdoors, let alone prove their existence.

“You assist an evil system most effectively by obeying its orders and decrees. An evil system never deserves such allegiance. Allegiance to it means partaking of the evil. A good person will resist an evil system with his or her whole soul.”Mahatma Gandhi

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. SUEPO Has Just Warned That Patent Quality at the EPO is About to Get Even Worse

    The staff union of the EPO (SUEPO) speaks of increasing "production" pressure, which is certain to result in low-quality European Patents



  2. The EPO No Longer Measures Quality of Patents; Instead It Publishes Fake Statistics

    The decline in patent quality at the EPO is a long-known issue and suppression of information about it merely enabled several more years of questionable patent grants, thereby putting at risk the perceived value of EPO services



  3. Speaking of “Social Democracy” While Suffering Extreme Democratic Deficiency

    The EPO represents an even broader assault on democracy in Europe (implicating ILO, Team UPC, national delegates, and national governments), but Benoît Battistelli is unique in the sense that he's disguising it or lying to himself about it



  4. Management by Intimidation Has Caused Deaths at the European Patent Office (EPO)

    An accurate diagnosis of the conditions created at the European Patent Office (EPO) by Benoît Battistelli and his cronies, who have essentially hijacked the Organisation -- not just the Office -- then attacked every 'enemy', either real or perceived



  5. The Difference Between Alain Pompidou and Benoît Battistelli as EPO President

    The different approaches adopted by Pompidou and Battistelli; one pursued amicable mediation and training, whereas the other resorted to vindicative witch-hunts, kangaroo courts, and a culture of terror which resulted in many suicides



  6. The Darker Past of the Next President of the EPO - Part IV: Links Between CGD (Former Employer of António Campinos) and the INPI

    More information about connections between CGD and the Portuguese Intellectual Property Office (INPI)



  7. Links 21/10/2017: Purism Against ME, Pop!_OS Ready

    Links for the day



  8. US Patents Appeal Board Attacked by the Patent 'Industry', Defended by Federal Courts, and Dodged by Patent Trolls

    PTAB, the branch or the 'court' responsible for eliminating bad patents, is coming under attacks from those who rely on poor patent quality and receives praises from everyone else, as usual



  9. In the United States, the Patent 'Industry' is a Dying Breed and China Adopts This Destructive Force

    The decaying patent microcosm, or the pipeline of low-quality patents and frivolous lawsuits these entail, loses its grip on the US; China, much to the astonishment of people who actually create things, is attempting to attract that ruinous microcosm (which preys on real, producing companies)



  10. Microsoft and Nokia's Patent Trolls by Proxy: First Conversant, Now Provenance Asset Group Holdings LLC

    Microsoft's shell game with patents (passing Android-hostile patents to trolls) carries on and publishers funded by these trolls offer the details, albeit vaguely and with obvious spin



  11. Anonymous Professionals Speak of Benoît Battistelli's Destruction of the EPO, But Why Does the Media Turn a Blind Eye?

    Everyone in the circles of EPO staff and EPO stakeholders knows that dysfunction has become the norm; European media, however, remains suspiciously silent about what otherwise would be a major European scandal (bigger than FIFA or Dieselgate)



  12. The Darker Past of the Next President of the EPO - Part III: More Details About Caixa Geral de Depósitos, Former Employer of Campinos

    The side of Campinos which he prefers to conceal, or rather his association with a rather notorious Portuguese bank



  13. UPC Looks Like More of a Distant Dream (or Nightmare) as Germany Adds Another Two Months' Delay

    The likelihood that the UPC will be altogether scuttled is growing as delays keep piling up and more complaints are being filed by public interest groups (as opposed to Team UPC, which hoped to shove the UPCA down everyone's throats behind closed doors)



  14. Patent Trolls Roundup: BlackBerry, Dominion Harbor, IPNav, IP Bridge

    A quick review of recent news regarding patent trolls or entities which resemble (and sometimes feed) these



  15. Battistelli's Destruction of the EPO is Bad for Everyone, Even Patent Attorneys

    The collapse of the European patent system, owing primarily to Battistelli's totalitarian style and deemphasis on patent quality, means that "the war is lost," as one professional puts it



  16. Links 19/10/2017: Mesa 17.2.3, New Ubuntu Release, Samsung Flirts With GNU/Linux Desktops

    Links for the day



  17. Some of the USPTO's Most Ridiculous Patents Are Scrutinised by “Above the Law” While Dennis Crouch Attempts to Tarnish Alice

    Controversies over patent scope and level of novelty required for a patent; as usual, public interest groups try to restrict patent scope, whereas those who make money out of abundance of patents attempt to remove every barrier



  18. Microsoft's Software Patents Aggression in Court (Corel Again)

    Microsoft's tendency to not only abuse the competition but also to destroy it with patent lawsuits as seen in Corel's case



  19. The Spanish Supreme Court Rejects the EPO's “Problem and Solution Approach” While Quality of European Patents Nosedives

    European Patents (EPs) aren't what they used to be and their credibility is being further eroded and even detected as such



  20. Europe is Being Robbed by Team Battistelli and the UPC/PPH Would Make Things Worse

    The European Patent Office (EPO) has put litigation at the forefront, having implicitly decided to no longer bother with proper patent examination and instead issue lots of patents for judges and lawyers to argue about (at great expense to the public)



  21. Team UPC Continues to Promote Illusion of UPC Progress Where There's None

    The core members of Team UPC in the UK spread obvious falsehoods in the media, probably in an effort to attract 'business' (consultation regarding something that does not exist)



  22. António Campinos: A True EPO Reformer or More of the Same?

    More unfortunate reminders that Campinos and Battistelli don't quite diverge on the big issues, they're just more than two decades apart in age (but the same nationality)



  23. Juve Has Confirmed That António Campinos is French

    The relationship between Campinos and Battistelli has a nationality aspect to it, not even taking into account the interpersonal connection which goes a long way back



  24. The Darker Past of the Next President of the EPO - Part II: António Campinos at Banco Caixa Geral de Depósitos

    A look at the largely-hidden banking career of the next President of the EPO and the career of the person who competed with him for this position



  25. SUEPO to the Media, Regarding Campinos: “No Comment, It’s Too Dangerous”

    António Campinos, who is Benoît Battistelli's chosen successor at the EPO, as covered by German media earlier this month



  26. Staff Union of the EPO (SUEPO) Willing to Work With Campinos But Foresees Difficulties

    New message from SUEPO regarding Battistelli's successor of choice (Campinos)



  27. Links 18/10/2017: GTK+ 3.92, Microsoft Bug Doors Leaked

    Links for the day



  28. The Darker Past of the Next President of the EPO - Part I: Introduction

    Some new details about Mr. Campinos, who is Battistelli’s successor at the EPO



  29. Confessions of EPO Insiders Reveal That European Patents (EPs) Have Lost Their Legitimacy/Value Due to Battistelli's Policies

    A much-discussed topic at the EPO is now the ever-declining quality of granted patents, which make or break patent offices because quality justifies high costs (searches, applications, renewals and so on)



  30. Patent Firms From the United States Try Hard to Push the Unitary Patent (UPC), Which Would Foment Litigation Wars in Europe

    The UPC push seems to be coming from firms which not only fail to represent public interests but are not even European


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts