Microsoft Rebuilds Skype Infrastructure for Wiretapping
The Panopticon is a type of institutional building designed by English philosopher and social theorist Jeremy Bentham in the late eighteenth century. The concept of the design is to allow a watchman to observe (-opticon) all (pan-) inmates of an institution without their being able to tell whether or not they are being watched.
Even before it was acquired by Microsoft, Skype was never really seen a particularly secure method of activist communication. Given its popularity, Skype has been a particularly attractive target for government and corporate surveillance, and there are plenty of stories (especially recently, with the Syrian revolution in full swing) of activists being tricked into downloading and installing trojan-laden versions of the program and setting themselves up to have their communications monitored. In the US this is generally done under the “lawful intercept” provision of the PATRIOT act. On paper this sort of thing is supposed to be done in specific circumstances involving international communications and “foreign agents”, but guess what.
All this is why it was particularly concerning when Microsoft announced that it was buying Skype for a vast sum last year, shortly after the FBI began agitating for easier wiretap access to popular communications platforms. Microsoft’s record in terms of allowing backdoor access had been pretty suspect for a long time, but given Skype’s semi-decentralized architecture nobody was particularly sure how or when a system like the one the FBI was requesting might be put into place.
Normally, Skype used a peer-to-peer type of communication, via a decentralized series of peer servers called “supernodes”. Supernodes functioned in a superficially similar way to DNS servers, in that they provided the initial “introduction” between clients that allows them to connect directly to one another and bypass any central servers. This was a good thing, since it’s harder to perform surveillance on a direct connection between two computers than it is to just sit your monitoring program on a central server and suck up data as it passes through.
Then, at just about the same time as the “FBI wants easier wiretapping access” stories started to break, Skype replaced the supernode system with centralized servers. Now the peer traffic gets routed through a set of machines owned and maintained solely by Microsoft, which greatly simplifies the process needed to wiretap communications. Microsoft/Skype have denied that the system is intended to be used this way, but given recent developments in the realm of government surveillance it seems difficult to believe that the system wouldn’t be used in this way. Encryption, normally mandatory on Skype communications, isn’t a whole lot of help here since the keys are owned by Microsoft and thus easily provided to third parties.
Yesterday, news came out that Skype had had its source code leaked, though it has not at the time of writing been put to any sort of real use. It’s possible that a modified system could be put into place to bypass the central servers, but this remains to be seen. Meanwhile, the surveillance state marches on largely unopposed.
Basically, Microsoft purchased Skype and completely rebuilt its network architecture in order to make wiretapping literally effortless. This is bad.