EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

05.16.13

Microsoft Skype Messaging Surveillance Not the Main Issue, Audio Recording (Bugging) and Computer Hijacking Are

Posted in GNU/Linux, Microsoft, Windows at 12:03 pm by Dr. Roy Schestowitz

Nokia phone

Summary: Debates about the dangers of Skype focus on one of the least dangerous aspects of Skype

THE PROBLEM with Skype is not quite what The H focuses on. Microsoft claims to be scanning people’s conversations to mitigate the threat of phishing scams and such, but this doesn’t quite compute unless they only ever test for redirections in HEAD. To say that Skype is tracking people’s conversations would not be shocking because even years ago (before Skype was taken up by Microsoft and the NSA) China was given access to text conversations for censorship purposes (similar to security purposes in the practical sense). This is well documented in news sites, especially in Western news sites that like to berate China over practices that the West too harbours, but always under plausible denial clauses.

For those who have not seen the widely-syndicated and discussed report from Heise (or The H), in English the summary says: “A Microsoft server accesses URLs sent in Skype chat messages, even if they are HTTPS URLs and contain account information. A reader of Heise publications notified Heise Security (link to German website, Google translation). They replicated the observation by sending links via Skype, including one to a private file storage account, and found that these URLs are shortly after accessed from a Microsoft IP address. When confronted, Microsoft claimed that this is part of an effort to detect and filter spam and phishing URLs.”

“The H and heise Security believe that, having consented to Microsoft using all data transmitted over the service pretty much however it likes, all Skype users should assume that this will actually happen and that the company is not going to reveal what exactly it gets up to with this data.”
      –The H
As the article in The H puts it: “Anyone who uses Skype has consented to the company reading everything they write. The H’s associates in Germany at heise Security have now discovered that the Microsoft subsidiary does in fact make use of this privilege in practice. Shortly after sending HTTPS URLs over the instant messaging service, those URLs receive an unannounced visit from Microsoft HQ in Redmond.

“A reader informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. The server indicated a potential replay attack. It turned out that an IP address which traced back to Microsoft had accessed the HTTPS URLs previously transmitted over Skype. Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service.”

Microsoft’s excuses didn’t pass muster (the security excuse for surveillance, where all they can really test for is a redirection). “In summary,” says the author, “The H and heise Security believe that, having consented to Microsoft using all data transmitted over the service pretty much however it likes, all Skype users should assume that this will actually happen and that the company is not going to reveal what exactly it gets up to with this data.”

And from the comments we learn it’s worse than The H originally put it: “We tested it at mooncascade.com. I can confirm there is correlation between URL-s in Skype chats and web server access logs with traces from Redmond. There are both https and http accesses.”

Another commenter says:

So much about the “AES encryption” Skype promisses:

> All Skype-to-Skype voice, video, and instant message conversations
> are encrypted. This protects you from potential eavesdropping by
> malicious users.
>
> (https://support.skype.com/en/faq/FA31/does-skype-use-encryption)

Aparently, this falls into the same category as “McDonalds food is
healty and tastes good”.

This whole debate, unfortunately, misses a key point; not just text conversations are being tracked but voice ones (relayed through US infrastructure) — the bread and butter of Skype — are also being tracked and Skype as a binary ensures not only that Windows is hijackable, as we showed before, but that all platforms are rendered hijackable when Skype is running in the background (Skype has no intention of addressing these issues). The debate should be altered to take account of these much greater threats. By the way, on Windows it doesn’t even take Skype to hijack a computer; Microsoft has just admitted that exploits in the wild exist that help hijack Windows through a built-in program and there is also software that lets people’s Facebook accounts get hijacked through Windows, including on Vista 8 (the operating system which hardly sells, leading Microsoft to lies and inexcusable disinformation).

“A much rarer event, however, is one of Redmond’s own unloading publicly on the faults of not only Windows, but Microsoft’s company culture.”
      –Gizmodo
The Free Software Foundation has long been campaigning against Skype, even before Microsoft took over. GNU/Linux with SKype binaries is just about as compromisable as other platforms. The weakest link counts. It is worth noting that even a Windows developer admits that Windows is inferior to Linux, stirring up further debate. As Gizmodo put it: “Right now, somewhere on the internet, there is a flame war occurring between devotees of Linux and Windows. It’s just the nature of passionate software evangelism. A much rarer event, however, is one of Redmond’s own unloading publicly on the faults of not only Windows, but Microsoft’s company culture.”

At Microsoft, backdoors are not a bug; sometimes they are a feature. Since nobody among the users can inspect the code or thoroughly interpret the binaries, it’s hard to remove the backdoors, let alone prove their existence.

“You assist an evil system most effectively by obeying its orders and decrees. An evil system never deserves such allegiance. Allegiance to it means partaking of the evil. A good person will resist an evil system with his or her whole soul.”Mahatma Gandhi

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 26/4/2018: KStars 2.9.5, Ubuntu 18.04 LTS, NetBSD 8.0 RC1

    Links for the day



  2. Battistelli Misuses EPO Budget to Saturate the European Media With Puff Pieces About His Event

    The latest examples of 'synthetic' coverage or fluff about Battistelli's expensive event that he cryptically and mysteriously chose to have at his other workplace in Saint-Germain-en-Laye



  3. Battistelli's EPO Continues to Promote Software Patents and Even Pays the Media to Play Along, Impacting Other Continents

    With silly new terms such as "4IR" (the EPO used to say "ICT", "CII", "Industry 4.0" etc.) Team Battistelli is hoping to make software patents look/sound acceptable, honourable and inherently innovative or "revolutionary"



  4. Links 25/4/2018: Ubuntu 18.04 Coming Shortly, Fedora 28 Next Month

    Links for the day



  5. Koch Brothers and Big Oil Could Not Buy the Decisions in Oil States, SAS

    In Oil States Energy Services v Greene’s Energy Group, a case which Koch-funded think tanks meddled in (including those whose panel guests send me threatening legal letters), ends up with dissent from a Koch-connected Justice citing or quoting those very same Koch-funded think tanks



  6. The European Patent Office (EPO) Wastes a Lot of Money on External PR Agencies for Battistelli's 'Heist'

    The EPO's management is once again scattering/throwing EPO budget at PR agencies and media companies (publishers/broadcasters) to disseminate a bunch of puff pieces and virtually ignore the very obvious conflict of interest, which should be a scandal on par with that of FIFA (resulting in the arrest of its boss, Mr. Blatter)



  7. Today's EPO is Not Compatible With the Law and It's Grossly Incompatible With Truth and Justice

    Today, once again, the EPO openly advocates software patents while media promotes loopholes (notably hype waves)



  8. Quick Mention: As Expected, the US Supreme Court Cements PTAB's Role With Trump-Appointed Gorsuch Dissenting

    Oil States has been decided and it's very good news for the Patent Trial and Appeal Board (PTAB); even Conservatives-leaning Justices support PTAB



  9. Links 24/4/2018: Preview of Crostini, Introducing Heptio Gimbal, OPNsense 18.1.6

    Links for the day



  10. Patent Maximalists Step Things Up With Director Andrei Iancu and It's Time for Scientists to Fight Back

    Science and technology don't seem to matter as much as the whims of the patent (litigation) 'industry', at least judging by recent actions taken by Andrei Iancu (following a hearing before the Senate Judiciary Committee)



  11. Mythology About Patents in the East

    Misconceptions (or deliberate propaganda) about patent policy in the east poison the debate and derail a serious, facts-based discussion about it



  12. Patent Trolls Watch: Red River Innovations, Bradium Technologies/General Patent, and Wordlogic

    A quick look at some patent trolls that made the news this Monday; we are still seeing a powerful response to such trolls, whose momentum is slipping owing to the good work of the Patent Trial and Appeal Board (PTAB)



  13. Holding Benoît Battistelli Accountable After the EPO

    The many abuses and offenses committed by Mr. Battistelli whilst he enjoyed diplomatic immunity can and should be brought up as that immunity expires in two months; a good start would be contacting his colleagues, who might not be aware of the full spectrum of his abuses



  14. Links 23/4/2018: Second RC of Linux 4.17 and First RC of Mesa 18.1

    Links for the day



  15. The Good Work of the Patent Trial and Appeal Board (PTAB) and the Latest Attempts to Undermine It

    A week's roundup of news about PTAB, which is eliminating many bad (wrongly-granted) patents and is therefore becoming "enemy number one" to those who got accustomed to blackmailing real (productive) firms with their questionable patents



  16. District Courts' Patent Cases, Including the Eastern District of Texas (EDTX/TXED), in a Nutshell

    A roundup of patent cases in 'low courts' of the United States, where patents are being reasoned about or objected to while patent law firms make a lot of money



  17. The Federal Circuit's (CAFC) Decisions Are Being Twisted by Patent Propaganda Sites Which Merely Cherry-Pick Cases With Outcomes That Suit Them

    The Court of Appeals for the Federal Circuit (CAFC) continues to reject the vast majority of software patents, citing Section 101 in many such cases, but the likes of Managing IP, Patently-O, IAM and Watchtroll only selectively cover such cases (instead they’re ‘pulling a Berkheimer’ or some similar name-dropping)



  18. Patents Roundup: Metaswitch, GENBAND, Susman, Cisco, Konami, High 5 Games, HTC, and Nintendo

    A look at existing legal actions, the application of 35 U.S.C. § 101, and questionable patents that are being pursued on software (algorithms or "software infrastructure")



  19. In Maxon v Funai the High 'Patent Court' (CAFC) Reaffirms Disdain for Software Patents, Which Are Nowadays Harder to Get and Then Defend

    With the wealth of decisions from the Court of Appeals for the Federal Circuit (CAFC) wherein software patents get discarded (Funai being the latest example), the public needs to ask itself whether patent law firms are honest when they make claims about resurgence of software patents by 'pulling a Berkheimer' or coming up with terms like “Berkheimer Effect”



  20. Today's European Patent Office Works for Patent Extremists and for Team UPC Rather Than for Europe or for Innovation

    The International Association for the Protection of Intellectual Property (AIPPI) and other patent maximalists who have nothing to do with Europe, helped by a malicious and rather clueless politician called Benoît Battistelli, are turning the EPO into a patent-printing machine rather than an examination office as envisioned by the EPC (founders) and member states



  21. The EPO is Dying and Those Who Have Killed It Are Becoming Very Rich in the Process

    Following the footsteps of Ron Hovsepian at Novell, Battistelli at the EPO (along with Team Battistelli) may mean the end of the EPO as we know it (or the end altogether); one manager and a cabal of confidants make themselves obscenely rich by basically sacrificing the very organisation they were entrusted to serve



  22. Short: Just Keep Repeating the Lie (“Quality”) Until People Might Believe It

    Battistelli’s patent-printing bureau (EPO without quality control) keeps lying about the quality of patents by repeating the word “quality” a lot of times, including no less than twice in the summary alone



  23. Shelston IP Keeps Pressuring IP Australia to Allow Software Patents and Harm Software Development

    Shelston IP wants exactly the opposite of what's good for Australia; it just wants what's good for itself, yet it habitually pretends to speak for a productive industry (nothing could be further from the truth)



  24. Is Andy Ramer's Departure the End of Cantor Fitzgerald's Patent Trolls-Feeding Operations and Ambitions?

    The managing director of the 'IP' group at Cantor Fitzgerald is leaving, but it does not yet mean that patent trolls will be starved/deprived access to patents



  25. EPO Hoards Billions of Euros (Taken From the Public), Decreases Quality to Get More Money, Reduces Payments to Staff

    The EPO continues to collect money from everyone, distributes bogus/dubious patents that usher patent trolls into Europe (to cost European businesses billions in the long run), and staff of the EPO faces more cuts while EPO management swims in cash and perks



  26. Short: Calling Battistelli's Town (Where He Works) “Force for Innovation” to Justify the Funneling of EPO Funds to It

    How the EPO‘s management ‘explained’ (or sought to rationalise) to staff its opaque decision to send a multi-million, one-day ceremony to Battistelli’s own theatre only weeks before he leaves



  27. Short: EPO Bribes the Media and Then Brags About the Paid-for Outcome to Staff

    The EPO‘s systematic corruption of the media at the expense of EPO stakeholders — not to mention hiring of lawyers to bully media which exposes EPO corruption — in the EPO’s own words (amended by us)



  28. Short: EPO's “Working Party for Quality” is to Quality What the “Democratic People's Republic of Korea” is to Democracy

    To maintain the perception (illusion) that the EPO still cares about patent quality — and in order to disseminate this lie to EPO staff — a puff piece with the above heading/photograph was distributed to thousands of examiners in glossy paper form



  29. Short: This Spring's Message From the EPO's President (Corrected)

    A corrected preface from the Liar in Chief, the EPO's notoriously crooked and dishonest President



  30. Short: Highly Misleading and Unscientific Graphics From the EPO for an Illusion of Growth

    A look at the brainwash that EPO management is distributing to staff and what's wrong with it


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts