Feeds

Privacy group demands answers from Skype

How secure is secure?

Next gen security for virtualised datacentres

Lobby group Privacy International is demanding Skype improves its VoIP service to properly protect the privacy of its users.

PI said it had reviewed Skype's security and had specific concerns including the VoIP service's use of full names on the contact list, which makes it easy for people to impersonate others.

The lack of an HTTPS download service means that a third party could interfere with the initial installation of the Skype client by tricking people into installing their own Trojan-infected version of the software.

Privacy International is also worried about the codec Skype uses to compress audio calls. PI reckons the VBR compression codec allows between 50 and 90 per cent of phrases to be identified.

The lobby group notes that many Skype users live under repressive regimes where the security, or not, of their private conversations may have serious consequences.

Eric King, Privacy International's Human Rights and Technology Advisor, said: "Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership position in global communications."

PI calls on Skype to act quickly to resolve these problems in order to protect its users.

Privacy International's blog on Skype security is here.

A spokesman for Skype said: "Privacy International has not been in touch with us so it will take us some time to read and digest the report before we are in a position to respond. We will look into the points they have raised and will reach out to them. Skype takes these issues seriously and aims to provide users with the best possible levels of privacy and security."®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New twist as rogue antivirus enters death throes
That's not the website you're looking for
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.