Original URL: http://www.theregister.co.uk/2012/07/30/skype_wiretap_analysis/

Skype hits back at angry wiretap reports: Rat finks? Not us

'Supernodes' are not for spooks, they're to make service better for YOU

By John Leyden

Posted in Security, 30th July 2012 10:02 GMT

Analysis Skype has hit back against a wave of stories speculating that the internet telephony outfit has made chat recordings, call logs and other user data more available to the authorities. In truth such assistance to law enforcement has been going on for at least five years, as Skype itself acknowledges.

A series of stories in Slate, The Washington Post and elsewhere alleged that Skype changed its network's architecture since its acquisition by Microsoft last year to enable “lawful interception” of calls.

To support the theory that Microsoft is cooperating further with authorities, the articles cite a patent for “legal intercept” technology, which was granted to Microsoft in June 2011, and the fact that Skype's “supernodes" now route data through centralised servers controlled by the software giant.

These reports, in turn, provoked a hyperbolic response from some quarters, including a piece headed "It's Terrifying and Sickening that Microsoft Can Now Listen In on All My Skype Calls", by The Onion Forbes.

Skype returned fire with a blog post by Mark Gillett, the company's chief operating officer. He said said his engineers changed the VoIP service's architecture to include "mega-supernodes" in the cloud back in 2010, a move to improve reliability rather than set up a set of hubs where user data might be more easily collected and passed onto cops, spooks and g-men:

The move to supernodes was not intended to facilitate greater law enforcement access to our users' communications. Skype has had a team of Skype employees to respond to legal demands and requests from law enforcement since 2005.

While we are focused on building the best possible products and experiences for our users, we also fundamentally believe that making a great product experience also means we must act responsibly and make it safe for everyone to use.

Our position has always been that when a law enforcement entity follows the appropriate procedures, we respond where legally required and technically feasible.

Gillett denied suggestions that "Skype now monitors and records audio and video calls of our users":

Skype to Skype calls do not flow through our data centres and the "supernodes" are not involved in passing media (audio or video) between Skype clients.

These calls continue to be established directly between participating Skype nodes (clients). In some cases, Skype has added servers to assist in the establishment, management or maintenance of calls.

Gillett added that calls to regular landline or mobile networks do go through the networks of Skype's public-switched telephone network (PSTN) partners. PSTN incorporates mobile, landline, fibre-optic, undersea and satellite comms.

The cloud-based architecture means that some instant messages are "stored temporarily on our [Skype/Microsoft] servers for immediate or later delivery to a user", but again we're told this isn't to make it easier for spooks, but to improve the reliability of the network and make it easier to quickly introduce new services.

Skype acts in accordance with its privacy policy and only helps law enforcement when it is "legally required and technically feasible", Gillett reiterated.

The 1,290-word blog post is Skype's clearest position on its privacy policy and co-operation with law enforcement to date, and certainly since the time it was acquired by Microsoft last year.

Not that easy to tap – unless you're a cop with a court order

During a visit to Estonia in June, Tiit Paananen, manager of Skype's engineering centre in Tallinn, Estonia, told The Register that it was easier to plant malware on targeted machines than to "decrypt and de-obfuscate Skype chats and calls".

Skype operates a hybrid peer-to-peer and client–server system, in common with other VoIP services. The architecture is perhaps more difficult to tap than conventional PSTNs. In response, police agencies in the West and secret police agencies in the Middle East have taken to using indirect methods involving viruses and the like.

Trojans, including one disguised as a Skype encryption utility, have been deployed as tools to spy on Syrian dissidents, for example. Last October, German white-hat hackers captured a Trojan which they discovered was capable of tapping Skype calls and IM chats made from infected devices.

That's not to say Skype is a insurmountable barrier to surveillance. In fact, the recent headlines in the mainstream press expressing outrage are based on a false premise that hasn't been already going on for years. Skype itself states it has maintained a law enforcement request compliance team since 2005.

A 2007 vintage Skype law enforcement handbook – which has been available on cryptome.org for years – shows that in response to a court order, Skype will provide all sorts of data, including destination phone numbers for calls, billing information and the email addresses of users. It is unclear whether or not IP address session logs are available.

This was five years ago, when Skype was owned by eBay, and long before Microsoft picked up the firm in May 2011.

Recent Skype wiretap shocka stories are also unfair because they fail to point out that telcos and ISPs routinely supply communication data to police.

It's still unclear to what extent governments can intercept the contents of Skype voice calls. Skype offers end-to-end encryption but it doesn't say how it handles encryption keys.

Christopher Soghoian, a security and privacy researcher, argued convincingly in a blog piece that, like Dropbox and iCloud, Skype probably has unencrypted access to user data, and can therefore be forced to hand it over to the government (thereby failing the so-called "mud puddle" test for data recovery, where a user destroys his computer and forgets his password to encrypted content).

The handling of encryption keys by Skype compares unfavourably to the ZRTP-encrypted VoIP protocol, created by Phil Zimmermann of PGP fame, according to Soghoian:

In contrast to the complex, user-visible fingerprint exchange and verification methods employed by OTR and ZRTP, Skype does nothing at all. Skype handles all the crypto and key exchange behind the scenes. When a Skype user installs the software on a brand new device and initiates a conversation with a friend already in their contact list, that friend is not told that the caller's device/software has a new crypto key and that it should be verified. Instead, the call just connects.

I suspect that Skype does not create a new private encryption key for each device running Skype. Instead, my guess is that it creates a key once, when the user sets up their account, and then stores this online, along with the user's contact list. When the user installs Skype on a new device, the key is downloaded, along with all of their other account data. In this regard, Skype is actually surprisingly similar to Dropbox and iCloud - while you are not storing your tax documents and family photos on Skype's servers, you are storing your communications encryption keys...and when faced with the mud puddle test, Skype fails.

The handling of keys is important because access to crypto keys can allow law enforcement to tap into Skype calls without built-in wiretapping capabilities, as Soghoian explains:

Skype may in fact be telling the truth when it tells journalists that it does not provide CALEA-style wiretap capabilities to governments. It may not need to. If governments can intercept and record the encrypted communications of users (via assistance provided by Internet Service Providers), and have the encryption keys used by both ends of the conversation – or can impersonate Skype users and perform man-in-the middle attacks on their conversations, then they can decrypt the voice communications without any further assistance from Skype.

This analysis is well-informed, albeit speculative. Soghaian concluded that Skype users should avoid the trap of thinking that the service is inherently secure, a comforting notion that seems to have spawned the excitable shock-horror stories over recent days:

Skype is not transparent about its surveillance capabilities. It will not tell us how it handles keys, what kind of assistance it provides governments, under what circumstances, or which governments it will and won't assist. Until it is more transparent, Skype should be assumed to be insecure, and not safe for those whose physical safety depends upon confidentiality of their calls.

Skype of course can't talk about the requests for assistance it has received from intelligence agencies, since such requests are almost certainly classified. However, Skype could, if it wished to, tell users about its surveillance capabilities. It doesn't.

Soghoian's thoughtful essay can be found here. ®