Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Makes Skype Easier To Monitor

samzenpus posted more than 2 years ago | from the lets-have-a-look dept.

Government 150

In a follow-up to a story earlier this week, derekmead writes "Skype has gone under a number of updates and upgrades since it was bought by Microsoft last year, mostly in a bid to improve reliability. But according to a report by the Washington Post, Skype has also changed its system to make chat transcripts, as well as users' addresses and credit card numbers, more easily shared with authorities. As we've already seen with Facebook and Twitter, big Internet firms aren't digging their heels in against government requests, which shouldn't come as a shock; angering the authorities is bad business. The lesson then is that, while the Internet will always retain a vestige of its Wild West days, as companies get bigger and bigger, they're either going to play ball with governments or go the way of Kim Dotcom."

cancel ×

150 comments

Sorry! There are no comments related to the filter you selected.

i just don't use microsoft products (2, Insightful)

Anonymous Coward | more than 2 years ago | (#40785389)

sorry, not going to do it.

Re:i just don't use microsoft products (2, Insightful)

ozmanjusri (601766) | more than 2 years ago | (#40786965)

Agreed.

That's the only sensible and ethical response to a company with such a long history of abuse of its customers.

Open Source (5, Interesting)

Nerdfest (867930) | more than 2 years ago | (#40785403)

Time to switch to something [jitsi.org] where we actually know what the software is doing.

Re:Open Source (4, Interesting)

cpu6502 (1960974) | more than 2 years ago | (#40785435)

Will Jitsi let me call home to my old wired phone?

Corporations working closely with government, and government working closely with corporations, including exchanges of money through campaign donations & legislative acts. Plus favorable regulations to help the megacorps and block new startups. There's a word for that...... hmmmm, right on the tip of my tongue. Starts with an F. Or a C.

Re:Open Source (3, Interesting)

Nerdfest (867930) | more than 2 years ago | (#40785465)

We're almost at the point that we can drop POTS in favour of something less 'controlled'. I'm sure other measures will be taken to ensure it's not that easy though.

Re:Open Source (3, Insightful)

Sir_Sri (199544) | more than 2 years ago | (#40785965)

Once you do that the government will move in an legislate something else. That is what governments do.

Re:Open Source (2)

shutdown -p now (807394) | more than 2 years ago | (#40786737)

We are. My grandmother, on the other hand...

Ob /. response (1)

mdm42 (244204) | more than 2 years ago | (#40788105)

I am a grandfather, you insensitive clod! And I'd be happy to drop my POTS for something less 'controlled'.

Re:Open Source (-1)

Anonymous Coward | more than 2 years ago | (#40785497)

That's when you MOVE! and say FUCK JH@(!@ Of course DOT Com still got fu*@(. But hey! I think it's time to move to Mexico or Columbia and hire a private army. Anyone one to join me? I really need some help offsetting the costs.

Re:Open Source (1)

Tastecicles (1153671) | more than 2 years ago | (#40787699)

I hear there's a very nice little commune in Guyana.

Almost Yes. (5, Informative)

DrYak (748999) | more than 2 years ago | (#40785939)

Will Jitsi let me call home to my old wired phone?

Yes:
Jitzi supports the SIP standard and there are plenty of SIP-to-POTS providers around (for example, I use Switzernet which is based in switzerland and free to/from several european countries. Works with both my SIP sfotwares - Ekiga and Twinkle). ...BUT...

For obvious reasons there's no easy way to guarantee end-to-end encryption. So you *CAN* call home, but you won't get guaranteed privacy.

For full end-to-end encryption you need:
- a digital link from the source to the other end (which is not the case when bridging to POTS)
- the possibility to audit the software used at both ends that there are no bugs or implementation problems which could leak critical data. (So you need an opensource front-end and an opensource encryption layer, preferably using known and well tested and documented protocols (like ZRTP). And you need enough independent eyeballs looking at said code) (Jitzi is opensource so one can check that everything is properly implemented to avoid leaks).

Re:Almost Yes. (1)

rsierpe (2678773) | more than 2 years ago | (#40786219)

wanna make sure its safe? have redundant routes, multiple software/protocols for any given task, and if paranoia level is extreme, you can always try steganography.

Re:Almost Yes. (1)

drfreak (303147) | more than 2 years ago | (#40786771)

And, Failing that, you can always have the conversation converted to text and then ROT13 it. Oh, wait...

Re:Almost Yes. (3, Funny)

FireFury03 (653718) | more than 2 years ago | (#40787795)

And, Failing that, you can always have the conversation converted to text and then ROT13 it. Oh, wait...

ROT-13 is insecure these days, better to use double-ROT-13

Re:Almost Yes. (0)

Anonymous Coward | more than 2 years ago | (#40787009)

When it comes to security, I wouldn't trust you with a glass of water.

Re:Almost Yes. (1)

stms (1132653) | more than 2 years ago | (#40786417)

Are all my friends already on Jitsi or do I need to get into an awkward political discussion with them to get them to switch?

Re:Almost Yes. (3, Interesting)

rtfa-troll (1340807) | more than 2 years ago | (#40787467)

The great thing about VOIP is it doesn't matter. You can install and run both clients at the same time and then just make sure you are visible in Jitsi as much as possible whilst being visible very rarely in Skype, and then only when you want something (sit there invisible, but turn on notifications so you see when friends without Jitsi come on line). From time to time suggest to people that it would be easier to get you if they had Jitsi. When you meet people show them how to set up Jitsi (or whichever other client you prefer) to work better than Skype.

No need to get political. The simple phrase "I want to have something I can rely on; I don't trust Microsoft not to mess me about later; remember how they killed off KIN / Windows Mobile 6 / Windows Mobile 7 / the desktop PC [extremetech.com] / efficient working in Office [pcreview.co.uk] / flight simulator / plays for sure / etc. etc.". Preferably choose a Microsoft betrayal that cost you personally There are so many simple technical betrayals by Microsoft that you can start with those before going into the political. Even there, you should start with things like "because Microsoft chooses to support Chinese censorship" [spacedaily.com] which are simple and clear to understand.

Re:Open Source (2)

MyFirstNameIsPaul (1552283) | more than 2 years ago | (#40785969)

Will Jitsi let me call home to my old wired phone?

Jitsi uses SIP, so it just might (I haven't looked into it too deeply).

Re:Open Source (1)

aliquis (678370) | more than 2 years ago | (#40786083)

Yes.

Any SIP phone would with the correct service provider (or your own server.)

Re:Open Source (1)

SteveFoerster (136027) | more than 2 years ago | (#40786369)

Corporations working closely with government, and government working closely with corporations, including exchanges of money through campaign donations & legislative acts. Plus favorable regulations to help the megacorps and block new startups. There's a word for that...... hmmmm, right on the tip of my tongue. Starts with an F. Or a C.

I'm with you on the F word, but for the C word you'd better mean "corporatism", because you sure as sunshine aren't describing capitalism.

Re:Open Source (2)

shutdown -p now (807394) | more than 2 years ago | (#40786743)

There's nothing in the definition of capitalism that precludes colluding with the government, or requires absolutely free markets. If it has private transferrable property on the means of production, it's capitalism.

Re:Open Source (1)

SteveFoerster (136027) | more than 2 years ago | (#40786829)

Your definition, perhaps, but most capitalists' definition precludes more than minimal government. Sort of like how just because you have a welfare state doesn't mean you have socialism.

Re:Open Source (1)

shutdown -p now (807394) | more than 2 years ago | (#40787035)

Your definition, perhaps

It's an economics textbook definition.

most capitalists' definition precludes more than minimal government.

Who are all those capitalists? Warren Buffet doesn't seem to argue for minimal government - is he a capitalist? Heck, my mom ran a business for 20 years while voting social-democrat - was she a capitalist? Of course, if your definition of "capitalist" is "people who agree with my definition of capitalism", then it kinda works out, but there's the obvious recursion problem

Sort of like how just because you have a welfare state doesn't mean you have socialism.

That's actually a very good point. Indeed, welfare state does not mean that you have socialism. That's because socialism, like capitalism is economic mode of production. It is defined in terms of how wealth is generated and distributed on a fairly high-level. In particular, socialism is when the society does not recognize private property to the means of production. When there is still a state, in practice it usually means state ownership, purportedly "on behalf of the people" - Soviet-style statist socialism. Other options are no government and anarcho-socialism.

If not every welfare state is socialist, then, it invites the question of what economic mode all those welfare states like Sweden actually use. Looking at how they deal with private property, you can easily see that they're capitalist - they permit private property on pretty much anything including means of production, and any wealth generated by those privately owned means is distributed to their owners (sans taxes). And this arrangement is codified in laws, and protected and enforced by the state.

Re:Open Source (1)

SteveFoerster (136027) | more than 2 years ago | (#40787109)

Depends on the economics textbook. Economics (especially macro) isn't a real science where you run actual experiments and learn useful things, it has very little predictive value and with all its contradictory schools of thought seems to me to belong more in the philosophy department than the business school.

So maybe I have the recursion problem you describe, but "capitalism" in most people's minds is inexorably linked with free markets, and it's in that sense that I use it. And when you have actual free markets, there's no place for corporatism because you don't have a state powerful enough to be worth coopting.

So that's where I'm coming from. If you're coming from somewhere else, hey, fair enough.

Re:Open Source (2)

shutdown -p now (807394) | more than 2 years ago | (#40787159)

So maybe I have the recursion problem you describe, but "capitalism" in most people's minds is inexorably linked with free markets, and it's in that sense that I use it. And when you have actual free markets, there's no place for corporatism because you don't have a state powerful enough to be worth coopting.

It's generally true, because capitalism in the absence of free markets tends to degenerate. But then, for most people, the meaning of the word "free market" is the one that it had since introduced by Adam Smith - to wit, a market with free competition. In other words, without monopolies. In Smith's time most monopolies were government-created, and he covered them in detail, but he also had the foresight to warn about collusion between market players themselves, and the harm it would do by making the market non-free. He also argued that the government should intervene and prevent such collusion from monopolizing the market to keep it free. So a free market in that sense, ironically, requires a strong (but not corrupt) government.

On the other hand, there's the other definition of "free market", used mainly by Austrian economists and associated political movements (such as libertarians), which is really an adaptation of what was previously called "laissez-faire" - a government free from any outside intervention, but not necessarily the one where competition is possible, since a privately monopolized market is still laissez-faire. That definition is not that popular outside of those circles, and in any case is evidently not required for capitalism since historically pretty much all European states were and are considered capitalist despite considerable economic intervention for the sake of the Smithian free market. I don't think you'll find many people seriously arguing that, say, Germany or UK aren't capitalist.

Re:Open Source (1)

SteveFoerster (136027) | more than 2 years ago | (#40787257)

And by now it probably won't surprise you that I'm libertarian and that the Austrian school economists are the ones that I... well, disregard the least, I suppose. That's why I think the problem of unnatural monopolies in a free market aren't a huge problem, since there's no regulatory barrier for new competitors to undercut the conspirators. Even when a cartel is too big to have to worry about new entrants, like OPEC, they're not that great at staying banded together.

Re:Open Source (2)

SuricouRaven (1897204) | more than 2 years ago | (#40787611)

Unnatural monopolies, perhaps. But it's the natural monopolies that are the real killer of the libertarian ideal.

Re:Open Source (0)

BlueStrat (756137) | more than 2 years ago | (#40787663)

And by now it probably won't surprise you that I'm libertarian and that the Austrian school economists are the ones that I... well, disregard the least, I suppose. That's why I think the problem of unnatural monopolies in a free market aren't a huge problem, since there's no regulatory barrier for new competitors to undercut the conspirators. Even when a cartel is too big to have to worry about new entrants, like OPEC, they're not that great at staying banded together.

Nice to see someone else around here who has actually taken the time & trouble to learn some history and macro-economics, and that has done some research, then employed some critical-thinking skills on what you found.

The point you made in your previous post regarding corporatism needing a large, powerful government can't be stressed enough.

I've met so many people who are angry at US corporatism and yet advocate for more government bureaucracy and regulation, when those are the exact tools the corporatists need and use to exercise their power.

This constant government expansion has been the general solution used for at least the last 5-6 decades or more. We can simply look around us and read the news to answer how well *that's* worked out for us.

Strat

Re:Open Source (1)

icebraining (1313345) | more than 2 years ago | (#40787723)

in most people's minds is inexorably linked with free markets

Where I live that's certainly not my experience, but then again the people I know are not a valid statistical sample of the population.
So, on what do you base that?

Re:Open Source (1)

SuricouRaven (1897204) | more than 2 years ago | (#40787605)

I was thinking 'corruption.'

Re:Open Source (3, Informative)

Nerdfest (867930) | more than 2 years ago | (#40785451)

... it does need mobile clients, although an Android client is apparently in the works.

Re:Open Source (1)

tryptogryphic (1985608) | more than 2 years ago | (#40785611)

Thanks for this link.

Just uninstalled skype, installed Jitsi and Will advocate / promote the living hell out of it

Fuck you Microsoft.

Re:Open Source (0)

Anonymous Coward | more than 2 years ago | (#40786139)

I suppose you don't user landlines or cell phones or email either then?

Re:Open Source (4, Insightful)

westlake (615356) | more than 2 years ago | (#40785667)

Time to switch to something where we actually know what the software is doing.

Now all have to do is convince friends, family, business and professional contacts to abandon Skpe. Something which is not going to happen.

Re:Open Source (2)

Nerdfest (867930) | more than 2 years ago | (#40785745)

Why not? Are they in favour of unauthorized government and corporate wiretapping? I would think most could be convinced quite easily.

Re:Open Source (3, Insightful)

grantspassalan (2531078) | more than 2 years ago | (#40785909)

Most people THINK they do not have anything to hide, such as when they talk about the antics of their 3-year-old grandson or other inane conversations. Therefore most people would not switch or quit using Skype. Anyone who does have deep dark secrets they wish to hide from the KGB, FBI, NSA, Gestapo or other such agencies, would not be using Skype or any other easily intercepted communication system.

Re:Open Source (1, Insightful)

Anonymous Coward | more than 2 years ago | (#40786005)

Tell your boss trade secrets could be intercepted and tell your parents a pedo could snoop on their grandkids. Put the fear in 'em.

Re:Open Source (1)

postbigbang (761081) | more than 2 years ago | (#40786345)

Better still: invest in hard drive and archiving manufacturers.

Profit!

Re:Open Source (1)

Barlo_Mung_42 (411228) | more than 2 years ago | (#40787123)

>Anyone who does have deep dark secrets they wish to hide from the KGB, FBI, NSA, Gestapo or other such agencies, would not be using Skype or any other easily intercepted communication system.

So they are basically right. The NSA is already listening. Unless you're in a position to do something about it, might as well live your life and not worry about it.

Re:Open Source (0)

Anonymous Coward | more than 2 years ago | (#40786271)

Why not? Are they in favour of unauthorized government and corporate wiretapping? I would think most could be convinced quite easily.

While you're at it get them to abandon email, landlines, cell phones, FaceTime, Google Video Chat and services like Siri, same issue with all of those.

Re:Open Source (1)

Isaac Remuant (1891806) | more than 2 years ago | (#40787137)

Try it and come back with your results. You'll probably be disappointed by reality.

Re:Open Source (1)

jimicus (737525) | more than 2 years ago | (#40788123)

IME, most are already quite sure that the government can tap any call they damn well please, regardless of the technology.

"News: Skype is no longer difficult for government to monitor!" will, by many, be met with a reaction of "What, you mean it used to be difficult? No way!".

Skype didn't become popular because of the encryption. It became popular because it was the first easy to use software phone that made a couple of simple promises: free calls between Skype users, no complicated setup, works through most firewalls.

Not abandon. More *also run* (1)

DrYak (748999) | more than 2 years ago | (#40786001)

But if said friends have a Google account, they can already log into a XMPP/Jingle server using any compatible client (like Jitzi) and as long as both end support ZRTP encryption, the communication will be secure.

Has some tried if Jingle works between people connected on Facebook's XMPP gateway ?

In both case, you don't need to drag you whole network into a newer system, you only have to convince users to install a software supporting the necessary standard, you already have a network to leverage.

Now if someone could write a Skype wrapper for Jitzi (like there is one for Pidgin/Adium's Purple), or if someone could implement ZRTP in Pidgin, you could even have Skype and SIP or XMPP contacts in the same application.

Re:Open Source (0)

Anonymous Coward | more than 2 years ago | (#40786833)

I don't even know anyone who uses Skype. Why is it so damm difficult to get the one or two people you know off this program? Pathetic. All you got to do is not use it. Tell people you can connect with XYZ.

Re:Open Source (1)

ozmanjusri (601766) | more than 2 years ago | (#40787005)

Something which is not going to happen.

They're already looking.

Call quality, reliabilty an stabilty have all fallen dramatically over the past few months. Just about everybody is pissed off with it.

Re:Open Source (0)

Anonymous Coward | more than 2 years ago | (#40787829)

Now all have to do is convince friends, family, business and professional contacts to abandon Skpe. Something which is not going to happen.

Well we did manage to convince them to change browsers, and we did manage to get them to use Skype in the first place. We are geeks, we are the system admins of our friends and family.

Do your job or hand in your geek card!

Re:Open Source (1)

Trogre (513942) | more than 2 years ago | (#40787023)

I fully agree with your sentence but not necessarily your link.

Yes, all nerds should abandon Skype as soon as possible. However given its rather unfinished state I'm not sure Jitsi is the realistic alternative at this stage.

Re:Open Source (1)

Ash Vince (602485) | more than 2 years ago | (#40787941)

Time to switch to something [jitsi.org] where we actually know what the software is doing.

Will Jitsi let me call everyone else I know who uses skype?

Trying to convince them all to ditch Skype due to the government monitoring them is a waste of time since most people in the world are not that bothered about it. They just the view that since they are noting anything wrong they have nothing to hide or that if government want to monitor them it will find a way anyway.

For me, the real question is... (2)

TWX (665546) | more than 2 years ago | (#40785405)

...will this mean "wiretapping" via traditional warrant methods, or warrantless eavesdropping, either by non-warrant request or by essentially giving them the keys to the castle?

If it's traditional warrant methods then I'm not really any more concerned than I am for regular phone calls on POTS lines. If it's otherwise then I'm glad that I never set up a Skype account.

Re:For me, the real question is... (4, Insightful)

Opportunist (166417) | more than 2 years ago | (#40785547)

Don't get your hopes up. It's "on the internet". Seems consitutional rights don't apply there.

Re:For me, the real question is... (2, Insightful)

TheGratefulNet (143330) | more than 2 years ago | (#40786043)

Seems consitutional rights don't apply there.

what's that?

and in a few years, the current generation of its time will ask that, with a full serious face.

Re:For me, the real question is... (5, Informative)

Kalriath (849904) | more than 2 years ago | (#40786837)

Your government already thinks constitutional rights don't apply when the target is not a US citizen (bonus points if they aren't even in the US)

Re:For me, the real question is... (1)

yuhong (1378501) | more than 2 years ago | (#40785731)

Yea, this can be a good thing if used properly, or a bad thing if not.

FR/IST STOp (-1)

Anonymous Coward | more than 2 years ago | (#40785509)

The probLems [goat.cx]

The thing to keep in mind is (1)

transporter_ii (986545) | more than 2 years ago | (#40785519)

People up to something will use a smaller, more secure system, perhaps even rolling their own communications (hey, it's not that hard).

So the people they really want to monitor is *us*.

Re:The thing to keep in mind is (1)

jmharvey (467293) | more than 2 years ago | (#40785569)

I wonder how true that is. We (the /. crowd) tend to forget just how tech-savvy the general population is. Skype is a huge technological leap for a lot of people. Pidgin+OTR is dead simple, but most people don't even know it exists.

Re:The thing to keep in mind is (3, Insightful)

Opportunist (166417) | more than 2 years ago | (#40785575)

So the people "up to something" will use encryption we cannot monitor, you say? Well, I guess that means that everyone who doesn't use our standard encryption that isn't worth being called encryption is suspicious just for using an encryption method we cannot eavesdrop in.

Thank you for your input, citizen, it will be considered with the next round of new laws.

Re:The thing to keep in mind is (1)

grantspassalan (2531078) | more than 2 years ago | (#40786017)

Do you really think that the government agencies that would do this spying are interested in your inane communications with your girlfriend or whoever? It is more likely that if these people have even the slightest suspicion on you, they might be monitoring your e-mails and sending them through text filters that would flag certain words or phrases. There are a number of “flag lists” that have certain words on them, that might actually bring your totally uninteresting e-mail to the attention of an actual human person. Anyone who suspects they are being monitored by the government, can just randomly pepper their conversations and e-mails with some of these words, just to “Play with the System” a little. Anyone who does this for a while, will probably end up on an “ignore this kook” list.

time to bypass the middlemen (0, Insightful)

Anonymous Coward | more than 2 years ago | (#40785545)

The internet doesn't need the damn middlemen. My computer can connect to another's computer and we can exchange encrypted traffic and we don't need anyone in the middle to snoop on us to make that possible.

It's like if I was in the same room as a friend, and some slick "suit" type slides up and says, "Hey, you wanna talk to your friend over there? Instead of going over and talking to him, hows about you tell me what you want to tell him, and I'll go tell him what you said. Then I'll do the same in reverse, so you two can talk."

Umm, how about no thanks? It's time for the programmer community to develop easy to use, robust, strongly encrypted, point to point programs. We shouldn't need Skype, or Facebook, or Yahoo, or Google in order to communicate with each other online. Putting all our eggs in those baskets that are out to "monetize" our communication and snoop on it for governemtsn is going to end badly for us all.

Re:time to bypass the middlemen (4, Insightful)

vux984 (928602) | more than 2 years ago | (#40785669)

Umm, how about no thanks? It's time for the programmer community to develop easy to use, robust, strongly encrypted, point to point programs.

And that will happen right after ipv6 becomes standard and NAT goes away. point to point is pretty tricky to make 'just' work in our currented "ipv4 nearly everyone is behind a NAT system".

Realistically, a middle man is going to be here for a long while yet.

Re:time to bypass the middlemen (1)

bill_mcgonigle (4333) | more than 2 years ago | (#40785963)

Realistically, a middle man is going to be here for a long while yet.

Which really isn't a problem - for instance using asterisk as a ZRTP passthrough.

In theory this should cost ~$3/mo for most people to use if both ends are correctly configured.

Re:time to bypass the middlemen (1)

vux984 (928602) | more than 2 years ago | (#40786095)

Which really isn't a problem

The "problem" is that we want point to point communications (no middleman) that aren't a pain to make work.

Your solution doesn't seem to address this.

- for instance using asterisk as a ZRTP passthrough. In theory this should cost ~$3/mo for most people to use if both ends are correctly configured.

We still have a middleman (to whom are we paying $3/mo).

We still have to configure 'both ends' - this is the "pain to make work" that end users don't want.

Point to point communications with no middleman are definitely possible, but realistically aren't practical on the internet as it is.

Honestly, even with ipv6 and a global address space its not going to be easy enough -- even without NAT the edge routers in every household and business and wifi hotspot etc are going to have to let incoming calls in to your device. And that's just not ever going to happen. There is ALWAYS going to be a middleman... the only question is who.

The best we can really hope for is a decentralized non-commercial p2p cluster of middlemen.

Re:time to bypass the middlemen (1)

bill_mcgonigle (4333) | more than 2 years ago | (#40787029)

The "problem" is that we want point to point communications (no middleman) that aren't a pain to make work. Your solution doesn't seem to address this.

Oh, I thought we wanted secure communications today because Skype is bugged.

We still have a middleman (to whom are we paying $3/mo).

Which is a decent deal, as compared with Skype.

We still have to configure 'both ends' - this is the "pain to make work" that end users don't want.

Yeah, brand new technology tends to require fiddling. Come back in 5 years and it should be all automatic.

Point to point communications with no middleman are definitely possible, but realistically aren't practical on the internet as it is.

Agreed.

There is ALWAYS going to be a middleman... the only question is who.

Good point. Best that those remain open source so they can be inspected. My edge routers are, though my Telco modems aren't. Fortunately, I can trust those guys to be so cheap as to not put anything with enough memory to be dangerous in my way. ;)

The best we can really hope for is a decentralized non-commercial p2p cluster of middlemen.

A good start would be for governments to stop attacking providers of Tor exit nodes. That's a major impediment at the moment.

Re:time to bypass the middlemen (1)

fustakrakich (1673220) | more than 2 years ago | (#40785685)

My computer can connect to another's computer and we can exchange encrypted traffic and we don't need anyone in the middle to snoop on us to make that possible.

You dumped your ISP?

Re:time to bypass the middlemen (2)

bill_mcgonigle (4333) | more than 2 years ago | (#40785993)

You dumped your ISP?

I've never tried a ZRTP [wikipedia.org] connection through Tor, but in theory that's most of the necessary parts.

If governments didn't attack Tor exit nodes there would be plenty of bandwidth available for everybody to have this level of privacy.

Re:time to bypass the middlemen (1)

Erikderzweite (1146485) | more than 2 years ago | (#40787741)

>You dumped your ISP?

ISP is irrelevant with asymmetric encryption. Sure, they may know who I am connecting to, but that's what VPNs are for.

Re:time to bypass the middlemen (1)

Nerdfest (867930) | more than 2 years ago | (#40785717)

MS just seems to time some of their mis-steps so well. There is hope [jitsi.org] . I only wish some of the Linux distros didn't screw up their desktop environments just as Windows 8 was coming out and Valve was looking at Steam for Linux.

Re:time to bypass the middlemen (4, Insightful)

Teresita (982888) | more than 2 years ago | (#40785869)

That will work until the alternative solution crosses a certain threshold of users, the founders sell out to Microsoft or Apple or Google and the new technology is monetized and put under monitoring, just like Skype and Vonage and Napster and Lindows before them. Lather, rinse, repeat.

Re:time to bypass the middlemen (1)

Erikderzweite (1146485) | more than 2 years ago | (#40787763)

Not if it is an open protocol. ZRTP looks like an asymmetric encryption, you can hardly monitor that.

Government is evil. (0, Insightful)

Anonymous Coward | more than 2 years ago | (#40785549)

Government is evil.

sounds like derekmead is trolling... (0)

dAzED1 (33635) | more than 2 years ago | (#40785787)

There's a lot in between specifically designing software to give authorities lots of info, and making money from facilitating other people breaking the law. Kim "Dotcom," however you may feel on the subject in general, did intentionally promote piracy. The Mozilla foundation, as a counter, does not. Nor does the Mozilla Foundation go out of its way to provide this type of info to authorities, and improving the info that can be given. It's an exceptionally false dichotomy.

Re:sounds like derekmead is trolling... (1)

metacell (523607) | more than 2 years ago | (#40787671)

I wouldn't say he intentionally encouraged piracy, but he must have been aware that he derived most of his income from piracy.

Latest in a series of bad moves... (0)

Anonymous Coward | more than 2 years ago | (#40785813)

As we've already seen with Facebook and Twitter, big Internet firms aren't digging their heels in against government requests, which shouldn't come as a shock; angering the authorities is bad business.

So is angering customers. Which can MS Skype live without?

I killed my skype account the day I found out it was a Microsoft property.

Problem: It is not true (5, Informative)

benjymouse (756774) | more than 2 years ago | (#40785817)

This from the TFA:

Skype has gone under a number of updates and upgrades since it was bought by Microsoft last year, mostly in a bid to improve reliability. But according to a killer report by the Washington Post, Skype has also changed its system to make chat transcripts, as well as users’ addresses and credit card numbers, more easily shared with authorities.

The " to make chat transcripts, as well as users’ addresses and credit card numbers, more easily shared with authorities" is pure speculation.

And the alleged updates "since it was bought by Microsoft last year" (supernodes hosted in central data centers) was actually started in 2010, well before the Microsoft acquisition:

http://www.zdnet.com/skype-talks-back-to-critics-on-security-and-privacy-7000001682/ [zdnet.com]

But this is slashdot. Why let facts get in the way of a good rumor-fueled speculation when it promises for a good Microsoft bashing?

Re:Problem: It is not true (-1)

Anonymous Coward | more than 2 years ago | (#40786411)

And you are, if I am correct, Mr, Gate's Jiz-Mop? No possible way this wild "speculation could have any validity to it. Never! Microsoft obvioulsy has a glistening humanitarian history and a passion for liberty. But wait, do I see something something on your chin...? My god, boy, you really should give yourself a bath before soliciting yourself on the internet. And no, golden showers from Bill don't count.

Re:Problem: It is not true (1)

Kalriath (849904) | more than 2 years ago | (#40786855)

On the other hand, I'm sure there's no possible way this wild speculation could just be wild speculation. Never!

Face it, unless you're fucking psychic you don't know the real reason they did it.

Also, as a side note, you failed to address the fact that the migration to using centralised data centres was initiated by Skype Communications S.a.r.l, not Microsoft.

Re:Problem: It is not true (1)

l3v1 (787564) | more than 2 years ago | (#40787621)

"Face it, unless you're fucking psychic you don't know the real reason they did it."

Uhmm, the reason? F* the reason, you're a customer, it's the result that matters (which affects you), which seems fairly shady at this point. Reason, right.

Re:Problem: It is not true (1)

shutdown -p now (807394) | more than 2 years ago | (#40786777)

The " to make chat transcripts, as well as users’ addresses and credit card numbers, more easily shared with authorities" is pure speculation.

I actually suspect there's some substance there, but the practical purpose is different. As anyone using Skype today knows, it's truly P2P, even when it comes to chat history - meaning that your devices will sync your chats between each other, but only when they are both online to share it. If, say, you always log off on the desktop before logging on the smartphone, it won't share them. And if you're offline on all devices, messages can't be sent to you - the sending client will keep showing the spinning circle until the recipient comes online.

Both these things are often complained about, but the only other way is to store full chat logs on the server, so that they can be pushed to all clients later when they come online. This would also make history sync always work on all clients. But it, of course, means that your chat logs are now subject to subpoenas, NSA security letters, and whatever else the government has at its disposal.

As for users' addresses and credit card numbers, that makes no sense. Since that info is all stored in user profiles, it should already be available to any law enforcement agency with a warrant.

Re:Problem: It is not true (1)

metacell (523607) | more than 2 years ago | (#40787695)

Both these things are often complained about, but the only other way is to store full chat logs on the server, so that they can be pushed to all clients later when they come online. This would also make history sync always work on all clients. But it, of course, means that your chat logs are now subject to subpoenas, NSA security letters, and whatever else the government has at its disposal.

You could solve this with public key encryption, if you really wanted to. The chat messages could be stored on the server encrypted with the sender's and the receiver's public keys, separately.

Re:Problem: It is not true (1)

shutdown -p now (807394) | more than 2 years ago | (#40787913)

Yeah, but it would require some conscious effort. And I don't think any existing IM system with server-side logs does it that way. GTalk sure doesn't.

Re:Problem: It is not true (2, Informative)

Anonymous Coward | more than 2 years ago | (#40787061)

When you go to another computer, you can still look up your chat transcripts. How do you suppose that is, if Skype doesn't have them? And if Skype has them, who else do you suppose Skype could share them with?

How was this modded informative?

What could go wrong? (1)

TheNucleon (865817) | more than 2 years ago | (#40786013)

Architecture that facilities a man in the middle attack (which is essentially what this does) is just asking for trouble. Skype used to have a pretty impressive peer to peer encryption design. No longer, I guess.

This is bad if law enforcement uses it illicitly. It's worse if some Skype/Microsoft employees go rogue, or if a hacker breaks into the infrastructure. I mean, you're baking insecurity right into the design of the frickin' product. What could go wrong?

I wonder sometimes if big brother is going to knock on the door tomorrow and stick a monitoring device right up my backside.

Re:What could go wrong? (2)

benjymouse (756774) | more than 2 years ago | (#40786107)

Skype used to have a pretty impressive peer to peer encryption design. No longer, I guess.

Yes it does. Nothing has changed with the peer-to-peer encryption. You have been fed rumors, speculation. Here is what Skype says (but if you *want* to make it into a conspiracy you can of course assume that they are lying):

Skype software autonomously applies encryption to Skype to Skype calls between computers, smartphones and other mobile devices with the capacity to carry a full version of Skype software as it always has done. This has not changed.

(from http://blogs.skype.com/en/2012/07/what_does_skypes_architecture_do.html [skype.com] )

This is once again someone irresponsibly reading license terms and trying to twist every phrase and condition into something sinister. Like Skype making sure that you understand that instant messages may be stored on the servers because they need to be synchronized with multiple devices which are not all on-line. Like Skype saving voice-messages - because they are (d-oh!) *voice* *messages* (as opposed to peer to peer communication).

For a real take on this read: http://www.zdnet.com/skype-talks-back-to-critics-on-security-and-privacy-7000001682/ [zdnet.com]

Want to know the truth about Skype? Read on. (5, Interesting)

Anonymous Coward | more than 2 years ago | (#40786409)

I'm posting anonymously because I don't need attention. Here's the chronology and you can find the sources of these claims on your own.

- NSA issues a billion dollar RFP asking for a solution to wiretapping Skype
- as years pass, NSA's concerns about Skype keep on growing, they keep on lobbying lawmakers and industry officials
- out of the blue, MS buys Skype and pays an astronomical price
- buying Skype at that price makes no sense for MS since it poisons their relationships with carriers and pundits are confused
- first thing MS does is it kills supernodes and installs THOUSANDS of Linux servers running grsecurity http://grsecurity.net/news.php#Skype
- that means that ALL Skype traffic now passes through MS servers and can be easily wiretapped since MS holds all the keys and can easily perform a MITM attack
- NSA starts jumping from joy because their biggest black hole has been plugged.
- MS is happy because they are now getting regular large checks from NSA

tl;dr: Skype's a botnet and NSA paid MS to buy Skype

Re:Want to know the truth about Skype? Read on. (1)

grcumb (781340) | more than 2 years ago | (#40786589)

- first thing MS does is it kills supernodes and installs THOUSANDS of Linux servers running grsecurity http://grsecurity.net/news.php#Skype [grsecurity.net]
- that means that ALL Skype traffic now passes through MS servers and can be easily wiretapped since MS holds all the keys and can easily perform a MITM attack

No, it means that SOME Skype traffic (i.e. text messages, but not voice calls) can be easily wiretapped.

tl;dr: Skype's a botnet and NSA paid MS to buy Skype

That's not borne out by your data. In fact, the Ars article [arstechnica.com] referenced in your link states that supernodes play no role whatsoever in making calls.

I don't trust Microsoft at all; in fact, I think they can be relied on to do whatever they think is reasonable to get along with government (and by extension, law enforcement). But this particular issue - the establishment of grSecurity supernodes - doesn't get you an automatic MiTM capability.

Re:Want to know the truth about Skype? Read on. (1)

LordMyren (15499) | more than 2 years ago | (#40786785)

CALEA's "Second Report & Order" states it's providers that must foot the bill. If our government paid for MS to acquire Skype perhaps there are shady deals afoot, but the US law states providers must pay the costs of snooping: the aforementioned shady deals would be very bad behavior from the US of A government, paying to acquire CALEA compliance.

The costs of running a couple thousand Linux nodes & paying bandwidth can not be that bad. MS certainly knew they'd have to remake Skype when they bought them, that the old P2P structure would have to go. I would want to think no grand conspiracy was involved, that what happened, the remodeling to a snoop-friendly infrastructure was simply due. It will be interesting to see going forwards, with the tentative thumbs up given to Skype plus the upcoming WebRTC technologies, how CALEA enforcement can be maintained: WebRTC certainly suggests decentralized models, although of course STUN & the various tunneling protocols are ripe for deliberately avoiding the easiest P2P routes & tunneling through glassboxes.

Re:Want to know the truth about Skype? Read on. (0)

Anonymous Coward | more than 2 years ago | (#40788099)

I really don't think the NSA is of much concern. They listen to everything, and they tell no one (not even other governemnt agencies like the DEA, FBI, CIA or DHS) and never do anything. They're a bunch of math geeks. I don't understand their mandate. If Microsoft has a deal with the DEA, FBI or DHS, I'd worry. It's not that these agencies are inherently bad... I think they're good, full of good intending individuals... but they do act, and they do make some horrendous mistakes sometimes, usually related to political pressures.

Re: "go the way of Kim Dotcom" (1)

Anonymous Coward | more than 2 years ago | (#40786423)

You mean they're going to be vindicated in the face of illegal state action?

(OK, hasn't quite happened yet, but that's the way it's going.)

either going to play ball with governments... (0)

Anonymous Coward | more than 2 years ago | (#40786879)

Illegal search and seizure - just routine business

I know corporations will do anything for a buck, but doesn't it make you worried that all the authorities, government and corporate, find it perfectly OK to break the law and aren't the least bit bothered by the increasingly fascist state, as long as they make a profit this quarter?

Really? I've notices the opposite... (1)

QuietLagoon (813062) | more than 2 years ago | (#40786889)

mostly in a bid to improve reliability

.
Is this one of those far too numerous grassroots /. articles that try to put a positive spin on a negative situation?

Say goodbye to business... (0)

EdIII (1114411) | more than 2 years ago | (#40787389)

Microsoft can kiss business use goodbye. They have been pushing an API for Skype that I have been casually looking into for awhile.

When Microsoft says it is going to make it easier for the authorities to tap into conversations all I really hear is, "We are going to implement a backdoor and pray like fucking crazy hackers don't find it to pwn us".

I can't in good conscience recommend using Skype to any business for communications, which can often be sensitive, as long as Microsoft is putting in backdoors. Need to find another platform.

That also precludes communications platforms from integrating with Skype like Asterisk. Sure, a POTS connection is not nearly as secure as Skype would be, but it is far more difficult to tap a POTS line from thousands of miles away.

What is interesting is if Microsoft's enterprise communications platform Lync suffers from the same vulnerabilities. They might just be fucking themselves out of the business sector for communications entirely.

Re:Say goodbye to business... (1)

FireFury03 (653718) | more than 2 years ago | (#40787943)

I can't in good conscience recommend using Skype to any business for communications, which can often be sensitive, as long as Microsoft is putting in backdoors. Need to find another platform.

I've been recommending SIP solutions for business for years. The Grandstream phones work very well when paired with Asterisk servers.

To be honest, I don't know how this news changes anything WRT Skype - its always been a closed system where the security is completely unverifyable (and the software has been designed to make discovering what its doing really hard), if you trusted it before you were an idiot.

This is a story... (1)

hawkingradiation (1526209) | more than 2 years ago | (#40787487)

...where the NSA et al would mod "up" and not necessarily only all the Microsoft Trolls.

Re:This is a story... (0)

Anonymous Coward | more than 2 years ago | (#40788125)

Please give me one single example of the NSA doing anything at all (besides listening). They listen, but they never say anything. What is the source of the paranoia? At least the DEA and FBI have accidentally killed innocent people... irrational fear of certain agencies kind of makes sense if you're a paranoid type... but whom has the NSA ever hurt or helped? And post-9/11 they're even more subdued.

Surprise? (0)

Anonymous Coward | more than 2 years ago | (#40787581)

Wow! Was this a surprise!!!!! What is next?

Total unexpergated BS and FUD from /. (0)

Anonymous Coward | more than 2 years ago | (#40787693)

Sorry slashdot dittoheads, you and much of the tech press have your pants down. As a Skyper, I'm here to let ya know, you have this story entirely wrong. Who is dishing out the FUD here? Who is indulging in fact-free, doctrinaire dittoheadishness? /. Of course.

Read Skype's official response to all this BS here: What Does Skype's Architecture Do? http://blogs.skype.com/en/2012/07/what_does_skypes_architecture_do.html

Then read my lips: the changes made to our network are as described above. Really. Mark nails it.

When you find actual evidence of intercepted Skype calls, or any actual evidence of Skype intercepts, yell, shout, and scream. Its been done before to good effect. Its a necessary vigilance. If you have weak minded submissions debating EULA arcana, or lucky 8 ball reasoning that MS patent + MS acquisition == sellout, or even close observations about our evolving network topology, take a deep breath and look at what's real. This story is not.

Re:Total unexpergated BS and FUD from /. (1)

Bernal KC (10943) | more than 2 years ago | (#40787719)

The above post was accidentally posted anonymously by me. It was meant to be posted in my name. Obviously, I'm not a regular contributor here.

If you still want to chat securely over Skype (0)

Anonymous Coward | more than 2 years ago | (#40788065)

For text chats you don't even have to have much in the way of technical skill to ensure your chats are still safe from the gubbiment. Install both the Skype and OTR plugins for pidgin, and away you go.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>