Skype: We can't comply with police wiretap requests

One of the more interesting tidbits from News.com's survey published this morning on instant messaging privacy came from Skype.

The eBay-owned company says it is unable to comply with court-authorized wiretap requests.

We asked Skype: "Have you ever received a subpoena, court order or other law enforcement request asking you to perform a live interception or wiretap, meaning the contents of your users' communications would be instantly forwarded to law enforcement?"

Jennifer Caukin, Skype's director of corporate communications replied to us: "We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request."

This isn't entirely a surprise. Skype, which claims something like 300 million user accounts, has said in the past that it "cooperates fully with all lawful requests from relevant authorities" but that it is not subject to the U.S. must-provide-a-wiretapping-backdoor law called the Communications Assistance for Law Enforcement Act. Police in Germany, for instance, already have complained of Skype's lack of ready wiretappability.

Because the company's SkypeIn and SkypeOut services send data through the traditional telecommunications network, they presumably can be wiretapped at that point. But voice communications that flow exclusively through the company's peer-to-peer network--and are encrypted using AES--are a different story.

There's no guarantee that Skype's AES encryption is implemented properly or that there aren't lingering security flaws. A 2006 presentation at the BlackHat Europe conference in March said the right algorithms were being used, but that there's "no way" to know if a backdoor for eavesdropping exists. A Skype-commissioned independent evaluation, however, gave it a thumbs-up. Here's more.

The upshot is that if Yahoo, AOL, Microsoft, or so on received a wiretap order for text or voice flowing through their IM networks, they could (and would) be able to comply because the services are centralized. Even if the users' conversations are encrypted through the Off-the-Record Messaging protocol, an eavesdropper still knows who's talking to whom--this is called a pen register or trap and trace device in wiretapping parlance, and it can still be privacy-invasive.

Skype says it doesn't permit even that. Which means that it's the most privacy-protective mainstream method of communicating through voice or instant messaging. To the FBI's legions of eavesdroppers, that sounds a lot like a challenge.

[e_chappuis]

..." to the FBI's legions of eavesdroppers, that sounds a lot like a challenge"...

The real challenge is to "delete" the Statue of Liberty, a simbol that since long, long ago is not representative of the US, if ever it did...

lol, re·lol, sob, re·sob

[JCPayne]

Does anyone have that new service MagicJack???
I'm curious as to how does it works in comparison to the service offered by Skype, Vonage, etc????

[johntwice]

Although I think that our government should be able to access communications when needed. They should only be able to do so with a warrant. I applaud Skype for making it more difficult for the FBI to be able to cast a broad net to capture any data they want. The FBI want it to be easy. If they could index all internet activity and mine it for information they would. San Francisco Lawyer

[hzygzs]

thanks so much.recommend <a href="http://www.youither.com/pro/bee2.asp">???</a> and
<a href="http://www.youither.com/pro/aloe.asp">??</a> and <a href="http://www.youither.com/pro/bee3.asp">??</a>,there're good for health.

[hzygzs]

i make a mistake,sorry.[url=http://www.youither.com/pro/bee2.asp]???[/url]

[greg120a]

I did not know yahoo msg and MSN msg are not save , that is scary.
<a href="http://www.livedirect.org">tele livecams</a>