German Govt. Skype Interception Trojans Revealed 172
James Hardine writes "Wikileaks has released documents from the German police revealing Skype interception technology. The leaks are currently creating a storm in the German press. The first document is a communication by the Ministry of Justice to the prosecutors office, about the cost splitting for Skype interception. The second document presents the offer made by Digitask, the German company secretly developing Skype interception, and holds information on pricing and license model, high-level technology descriptions and other detail. The document is of global importance because Skype is used by tens or hundreds of millions of people daily to communicate voice calls and Skype (owned by Ebay, Inc) promotes these calls as being encrypted and secure. The technology includes interception boxes, key forwarding trojans and anonymous proxies to hide police communications."
Germany (Score:2, Interesting)
Re:Germany (Score:2, Interesting)
It seems to be necessary to install some software on the user's computer to achieve this. As long as this software doesn't do anything but opening up Skype communications, it doesn't do anything that would affect the user's rights. All their Skype communications can only be heard by people who are legally allowed to hear it - even though one of them is the police, which is not the _intended_ recipient.
Man-in-the-middle against SSL? (Score:5, Interesting)
The only possibility that I can see is to modify the browser itself, so that when the user tries to get a secure connection to www. criminals.com, the browser contacts www. police.de instead, gets a valid certificate from the police, while the police's computer then makes a secure connection to www. criminals.com.
How does this affect admissibility? (Score:2, Interesting)
What's interesting here is the collection of evidence by installing spyware: if forensic analysis of a disk means absolutely nothing may be installed/changed/touched on the disk, how are they allowed to install their own software? does this invalidate any evidence they collect for use in a court, or are civil law courts a bit more flexible with such things?
Secondly, the problem here doesn't appear to be with Skype at all. As with any encryption, it doesn't matter how safely you transfer your data, you still have to read/write/speak/listen to it unencrypted. No program can pull that off without requiring you to write your messages or speak encrypted.
Re:Man-in-the-middle against SSL? (Score:3, Interesting)
The classic /. question..... (Score:3, Interesting)
Re:Man-in-the-middle against SSL? (Score:4, Interesting)
With a minute of thinking: The first method would be much better, because they don't need to know ahead who I am going to contact.
With another minute of thinking: My computer has for example four Verisign root certificates installed. Does that mean that Verisign (I only take them as an example) could technically install a box with a computer into the phone line 50 meters away from my house, and do a man-in-the-middle attack by creating genuine Verisign certificates for any SSL connection that I make, without breaking into my home or doing anything to my computer at all? And the only trace that I would have would be the curious fact that everyone I contact uses certificates signed by Verisign?
With a further minute of thinking: My computer has about 100 root certificates installed that came with Leopard, and similar things happen for Windows users. I have no idea where these certificates come from; I just have to trust Microsoft and Apple. If the police could convince Microsoft and Apple to put a root certificate owned by the police into their installers, then the police could read anyone's SSL connections without breaking into their homes (but breaking into their connection a bit further down the line)?
What about China? (Score:2, Interesting)
I'm wondering now about China. I remember that Skype was, for a short time, on slippery footing for continued operations in the People's Republic. Then, for some reason, there was no longer a problem. I can't help but suspect that Skype may have opened up its code to China in order to continue operating there. The Chinese government lives and breathes by spying on its people (and anybody else living in its territory, of course).
On the other hand, maybe they didn't open their code, but the Chinese government figured out how to tap into communications, anyway. In the current article, the Germans have shown one way that it's possible.
Same old same old (Score:1, Interesting)
Re:Skype is not securely encrypted. (Score:3, Interesting)
According to this: http://www.ossir.org/windows/supports/2005/2005-11-07/EADS-CCR_Fabrice_Skype.pdf [ossir.org]
Skype seems to use AES for the VOIP payload, and RC4 for signaling packets.
Naturally, although AES is an excellent algorithm, it will fail if the implementation is weak, especially in the key handling.
I agree that the code is largely obfuscated, and without open source, it would be a nightmare to expect to rely on its security.
However, there was an "independent" review of Skype, which I understand was able to review the source code.
See: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf [skype.com] for what appears to be the definitie analysis (as of 2005.)
Maybe things have changed since then? I would be surprised if the German government and its subcontractors have seriously been able to compromise Skype through man-in-the-middle attacks, but would not be surprised if a single end-point were compromised.
Re:Man-in-the-middle against SSL? (Score:2, Interesting)
Probably in the same way that governments perform any other interception methods, full cooperation from corporations.
Look at who Narus, the manufacturer of big honkin' communication vacuums that the NSA has installed at ATT and other telco's, partners with:
http://www.narus.com/partners/index.html [narus.com]
IIRC, Verisign and it's subsidiaries like Network Solutions, employs and is managed by people formerly part of the intelligence community. Given what we know about ATT and the NSA, it's really not at all surprising that the government would have copies of valid certs that would allow transparent monitoring of SSL traffic.
Re:Germany (Score:3, Interesting)
Here in the USA, the police will break into your house to install keyloggers and such. Hardware keyloggers, usually. They will only send something through email if they don't know who you are (such as virus writers) and they do it to find out who, and where you are, not to listen to your phone calls. The problem with sending software trojans is that it usually doesn't work, and might get noticed.
Re:Skype is not securely encrypted. (Score:2, Interesting)
Skype might have solved some or even all of these problems. But the point is that simply stating that AES (and RC4) are used (even perfect implementations there-of) does not guarantee any kind of security at all. these things are far more subtle then that.
besides the moment an attacker (in this case the bavarian police) gets access to and end point (i.e. the actual machine which skype is running on) the whole thing is just B.S. anyway. i mean NO system in the world is secure under such an adversarial model... not unless you have some crypto chip installed with secret keys on it or something like that. (think TCPM).