Feeds

Italian crooks use Skype to frustrate wiretaps

Bitter P2P pill

Providing a secure and efficient Helpdesk

Italian crooks are making greater use of internet telephony because of the widespread use of wiretaps in the country.

Customs and tax police in Milan are complaining that drug dealers and other organised criminals are using tools such as Skype in an effort to frustrate investigations, the BBC reports. Investigators cite the example of a suspect drug dealer advising his accomplice to contact him by Skype before forwarding details about a deal to buy 2kg of cocaine.

A recent survey from German think-tank the Max Planck Society found that Italy led the way in electronic surveillance with 76 intercepts per 100,000 head of population. Telecommunication interception is a preferred technique in anything from counter-terrorism and mafia investigation to political corruption probes, and even investigations into match fixing in football.

This may soon change - draft laws would restrict the use of wiretaps to serious crimes, partly because leaked wiretaps featuring politicians are finding their way into the hands of journalists.

In the meantime, Italian crooks are becoming more aware of the reliance of police on communications interception and are using Skype as a counter-surveillance technique.

Intelligence agencies and police across Europe have complained that VoIP technologies are making their life more difficult.

German police have sought legal permission to plant spyware on the PCs of terror suspect. In a parallel move, leaked documents that emerged last year detailed plans by German firm Digitask to develop technology capable of intercepting intercept Skype VoIP communications and SSL transmissions, alongside costing and licensing proposals.

At the Counter Terror Expo in London last week, an industry source told El Reg that the US's National Security Agency is prepared to pay "billions" for technology that can reliably eavesdrop on Skype IM and voice traffic.

P2P VoIP technologies pose a particular technical challenge because it's not possible to simply tap communications at a telephone exchange. In addition, Skype use a proprietary encryption scheme, which may (or may not) further complicate matters.

In the world of smoke and mirrors that is signal intelligence, it could be that police do have a way of tapping into VoIP calls and simply want crooks to use it in the mistaken belief that eavesdropping is impossible. The history of encryption teaches us that how encryption technologies are used is more important that how secure it might be in theory. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.