Microsoft Upgrades Skype with Eavesdropping ‘Features’
After acquiring Skype for roughly 8.5 billion dollars, Microsoft’s update to the service’s architecture could reportedly make in-call eavesdropping much easier.
Image credit: Skype
With Voice-over-IP taking the lion’s share of web-based communication, it’s reasonable to assume the information carried by Skype would be of great importance for government agencies. However, its decentralized, peer-to-peer architecture and complex encryption mechanisms have made eavesdropping nearly impossible for third parties.
A new report on ExtremeTech reveals that eavesdropping might just have become possible as the Redmond-based company has moved “super-nodes” (key rally points for worldwide users) to dedicated servers running Linux and which are located in Microsoft’s data centers. Before the architecture change, a regular node (an actual Skype user) could be promoted to “supernode”, if it could route sufficient traffic to other nodes. By moving supernodes into datacenters, Microsoft will have complete control over them, including access to conversations.
Multiple (1), (2) voices on the Internet have raised concerns related to the privacy of the conversation, as now some of the VoIP data passes through these supernodes, but the developer claims that the architecture update is only helping the network scale better
“…we developed supernodes which can be located on dedicated servers within secure datacenters. This has not changed the underlying nature of Skype’s peer-to-peer (P2P) architecture, in which supernodes simply allow users to find one another (calls do not pass through supernodes),” said Mark Gillett, Skype’s Corporate VP of Product Engineering & Operations, quoted by ExtremeTech. “We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.”
Wiretapping is nothing new in the telecom area, and, following the purchase of Skype, Microsoft has entered this market. Since it’s a US-based company, it’s obliged by law to ensure wiretapping capabilities for its infrastructure, in order to comply with the Communications Assistance for Law Enforcement Act CALEA), passed in 1994, “requiring telecommunications carriers and manufacturers of telecommunications equipment modify and design their equipment, facilities, and services to ensure they have built-in surveillance capabilities, allowing federal agencies to monitor all telephone, broadband internet, and VoIP traffic in real-time.”