[liberationtech] skype

[Louis Suárez-Potts]

One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. 

louis


On 13-03-20, at 22:39 , "Eric S Johnson" <crates at oneotaslopes.org> wrote:

> Dear LibTechers,
>  
> When Microsoft applied in 2009 for a patent on “recording agents” to surveil peer-to-peer communications, it was assumed they were talking about something they might implement in Skype.
> Skype in 2010 started rearchitecting its use of supernodes “to improve reliability.”
> MS stated in 2012 that the re-engineering is “to improve the user experience.”
> The recent report in the Russian media that MS can trigger individual users’ Skype instances to establish session-specific encryption key exchange not with “the other end” but with intermediate nodes (thus making possible inline surveillance of Skype communications—presumably VoIP, since MS already stores Skype IM sessions “for 30 days”)—dovetails nicely with suspicions that MS is making (or has made) Skype lawful-intercept-friendly.
>  
> But wouldn’t the above evolution require changes in the Skype client, too? Does anyone know of any work to identify whether it’s possible to say “if you keep your Skype client below version 4.4 [for instance], any newer capability to remotely trigger individually-targeted surveillance-by-intermediate-node isn’t (as) there”?
>  
> Best,
> Eric
> PGP
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings athttps://mailman.stanford.edu/mailman/listinfo/liberationtech