Feeds

NSA offering 'billions' for Skype eavesdrop solution

Business model for P2P firm at last?

Top three mobile application threats

Counter Terror Expo News of a possible viable business model for P2P VoIP network Skype emerged today, at the Counter Terror Expo in London. An industry source disclosed that America's supersecret National Security Agency (NSA) is offering "billions" to any firm which can offer reliable eavesdropping on Skype IM and voice traffic.

The spybiz exec, who preferred to remain anonymous, confirmed that Skype continues to be a major problem for government listening agencies, spooks and police. This was already thought to be the case, following requests from German authorities for special intercept/bugging powers to help them deal with Skype-loving malefactors. Britain's GCHQ has also stated that it has severe problems intercepting VoIP and internet communication in general.

Skype in particular is a serious problem for spooks and cops. Being P2P, the network can't be accessed by the company providing it and the authorities can't gain access by that route. The company won't disclose details of its encryption, either, and isn't required to as it is Europe based. This lack of openness prompts many security pros to rubbish Skype on "security through obscurity" grounds: but nonetheless it remains a popular choice with those who think they might find themselves under surveillance. Rumour suggests that America's NSA may be able to break Skype encryption - assuming they have access to a given call or message - but nobody else.

The NSA may be able to do that: but it seems that if so, this uses up too much of the agency's resources at present.

"They are saying to the industry, you get us into Skype and we will make you a very rich company," said the industry source, adding that the obscure encryption used by the P2Pware is believed to change frequently as part of software updates.

The spyware kingpin suggested that Skype is deliberately seeking to frustrate national listening agencies, which seems an odd thing to do - Skype has difficulties enough getting revenues out of its vast user base at any time, and a paid secure-voice system for subversives doesn't seem like a money-spinner.

But corporate parent eBay, having had to write down $1.4bn already following its $2.6bn purchase of Skype back in the bubble-2.0 days of 2005, might see an opportunity here. A billion or two from the NSA for a backdoor into Skype might make the acquisition seem like a sensible idea.

We asked the NSA for comment, particularly on the idea of simply buying a way into Skype, but hadn't yet received a response as of publication. ®

SANS - Survey on application security programs

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.