Yesterday, Nart Villeneuve of the Citizen Lab at the University of Toronto published a report Breaching Trust: An analysis of surveillance and security practices on China’s TOM-Skype platform which documents how the Chinese version of Skype has been modified to intercept messages and log them at a central server.
According Villeneuve's
FAQ, users in China who go to Skype.com are redirected to the
TOM-Skype, a joint venture of Skype and TOM Online which is a Chinese wireless provider. Villeneuve installed the software and discovered that every time he type a swearword the software made an http connection to a TOM Skype Server. He followed the URL and found a poorly secured server that contained encrypted copies of Skype text messages. He also found a file containing the encryption key and with a few lines of Python he could see the plaintext messages. By looking at the text files he concluded that in addition to swearwords, the software intercepted messages containing controversial topics such as "Falun", "earthquake", and "democracy."
Skype at first attempted to dodge the issue, acknowledging the sloppy security on the web site but remaining silent on the monitoring issue itself. According the the Wall Street Journal
blog, Skype's initial statement was:
In China, Tom Online is the majority partner in a joint venture that brings Internet communications to Chinese citizens. The software developed and distributed by Tom utilizes Skype functionality, and Tom implements their protocols to meet the rules and regulation of China government authorities.
The idea that the Chinese [government] might be monitoring communications in and out of the country shouldn’t surprise anyone, and in fact, it happens regularly with most forms of communication such as emails, traditional phone calls, and chats between people within China and between people communicating to people in China from other countries.
Nevertheless, we were very concerned to hear about the apparent security issue which made it possible for people to view chat information among mainly Tom users, and we are pleased that, once we informed Tom about it, that they were able to fix the flaw.
Perhaps realizing the problem might affect their business outside of China, they later revised their statement to read:
In 2006, Skype publicly disclosed that Tom operated a text filter that blocked certain words on chat messages but that it did not compromise Tom customers’ privacy. Last night, we learned that this practice was changed without our knowledge or consent and we are extremely concerned. We deeply apologize for the breach of privacy on Tom’s servers in China and we are urgently addressing this situation with Tom.
We confirm our strong belief that Skype to Skype communications, enabled by our peer to peer architecture and strong encryption, remain the most secure form of publicly available communications today.
Corporate IT managers and privacy advocates have long been concerned about the privacy and security of Skype. While Skype does encrypt its communications, it has not documented the proprietary protocols it uses. Furthermore, while the Skype clients theoretically communicate peer-to-peer, they get around NATs by routing communications through "super-nodes" which are usually other users' PCs and could be anywhere in the world. Essentially, users need to trust in Skype's engineering competence and its respect for the user's privacy. The situation in China (and elsewhere) illustrates that this trust may need to be tempered by the knowledge that Skype is serving multiple masters.