Microsoft Makes Skype Easier To Monitor 150
In a follow-up to a story earlier this week, derekmead writes "Skype has gone under a number of updates and upgrades since it was bought by Microsoft last year, mostly in a bid to improve reliability. But according to a report by the Washington Post, Skype has also changed its system to make chat transcripts, as well as users' addresses and credit card numbers, more easily shared with authorities. As we've already seen with Facebook and Twitter, big Internet firms aren't digging their heels in against government requests, which shouldn't come as a shock; angering the authorities is bad business. The lesson then is that, while the Internet will always retain a vestige of its Wild West days, as companies get bigger and bigger, they're either going to play ball with governments or go the way of Kim Dotcom."
i just don't use microsoft products (Score:2, Insightful)
sorry, not going to do it.
Re: (Score:3, Insightful)
Agreed.
That's the only sensible and ethical response to a company with such a long history of abuse of its customers.
Re: (Score:2, Insightful)
Didn't we discuss this exact same thing 2 days ago with even more accusing title: http://tech.slashdot.org/story/12/07/24/0039205/microsoft-wont-say-if-skype-is-secure-or-not-time-to-change [slashdot.org] ?
Open Source (Score:5, Interesting)
Time to switch to something [jitsi.org] where we actually know what the software is doing.
Re:Open Source (Score:5, Interesting)
Will Jitsi let me call home to my old wired phone?
Corporations working closely with government, and government working closely with corporations, including exchanges of money through campaign donations & legislative acts. Plus favorable regulations to help the megacorps and block new startups. There's a word for that...... hmmmm, right on the tip of my tongue. Starts with an F. Or a C.
Re:Open Source (Score:4, Interesting)
We're almost at the point that we can drop POTS in favour of something less 'controlled'. I'm sure other measures will be taken to ensure it's not that easy though.
Re:Open Source (Score:4, Insightful)
Once you do that the government will move in an legislate something else. That is what governments do.
Re: (Score:3)
We are. My grandmother, on the other hand...
Ob /. response (Score:2)
Almost Yes. (Score:5, Informative)
Will Jitsi let me call home to my old wired phone?
Yes: ...BUT...
Jitzi supports the SIP standard and there are plenty of SIP-to-POTS providers around (for example, I use Switzernet which is based in switzerland and free to/from several european countries. Works with both my SIP sfotwares - Ekiga and Twinkle).
For obvious reasons there's no easy way to guarantee end-to-end encryption. So you *CAN* call home, but you won't get guaranteed privacy.
For full end-to-end encryption you need:
- a digital link from the source to the other end (which is not the case when bridging to POTS)
- the possibility to audit the software used at both ends that there are no bugs or implementation problems which could leak critical data. (So you need an opensource front-end and an opensource encryption layer, preferably using known and well tested and documented protocols (like ZRTP). And you need enough independent eyeballs looking at said code) (Jitzi is opensource so one can check that everything is properly implemented to avoid leaks).
Re: (Score:2)
Are all my friends already on Jitsi or do I need to get into an awkward political discussion with them to get them to switch?
Re: (Score:3, Interesting)
The great thing about VOIP is it doesn't matter. You can install and run both clients at the same time and then just make sure you are visible in Jitsi as much as possible whilst being visible very rarely in Skype, and then only when you want something (sit there invisible, but turn on notifications so you see when friends without Jitsi come on line). From time to time suggest to people that it would be easier to get you if they had Jitsi. When you meet people show them how to set up Jitsi (or whichever
Standarts (Score:2)
Are all my friends already on Jitsi
As Jitzi just use plain standards, the correct question isn't that, but :
"Are all my friends already on SIP or XMPP/Jingle ?"
(The software component itself isn't important. As long as the software supports SIP or XMPP you can communicate with them.
As long as both software ends support ZRTP/SRTP, you can secure the communication. As long as both software ends support OTR, you can secure the text chat. Whichever software is used isn't relevant.
Jitzi is just cited because a Tor's developper did recommend it an
Re: (Score:2)
Why is "I don't like having someone listen in on my private phone calls" a 'political' viewpoint? Surely that's something anyone can relate to? Who actually likes having someone listen to their phone calls?
Re: (Score:2)
And, Failing that, you can always have the conversation converted to text and then ROT13 it. Oh, wait...
Re:Almost Yes. (Score:4, Funny)
And, Failing that, you can always have the conversation converted to text and then ROT13 it. Oh, wait...
ROT-13 is insecure these days, better to use double-ROT-13
Re: (Score:3)
Will Jitsi let me call home to my old wired phone?
Jitsi uses SIP, so it just might (I haven't looked into it too deeply).
Re: (Score:2)
Corporations working closely with government, and government working closely with corporations, including exchanges of money through campaign donations & legislative acts. Plus favorable regulations to help the megacorps and block new startups. There's a word for that...... hmmmm, right on the tip of my tongue. Starts with an F. Or a C.
I'm with you on the F word, but for the C word you'd better mean "corporatism", because you sure as sunshine aren't describing capitalism.
Re: (Score:3)
There's nothing in the definition of capitalism that precludes colluding with the government, or requires absolutely free markets. If it has private transferrable property on the means of production, it's capitalism.
Re: (Score:2)
Your definition, perhaps, but most capitalists' definition precludes more than minimal government. Sort of like how just because you have a welfare state doesn't mean you have socialism.
Re: (Score:2)
Your definition, perhaps
It's an economics textbook definition.
most capitalists' definition precludes more than minimal government.
Who are all those capitalists? Warren Buffet doesn't seem to argue for minimal government - is he a capitalist? Heck, my mom ran a business for 20 years while voting social-democrat - was she a capitalist? Of course, if your definition of "capitalist" is "people who agree with my definition of capitalism", then it kinda works out, but there's the obvious recursion problem
Sort of like how just because you have a welfare state doesn't mean you have socialism.
That's actually a very good point. Indeed, welfare state does not mean that you have socialism. That
Re: (Score:2)
Depends on the economics textbook. Economics (especially macro) isn't a real science where you run actual experiments and learn useful things, it has very little predictive value and with all its contradictory schools of thought seems to me to belong more in the philosophy department than the business school.
So maybe I have the recursion problem you describe, but "capitalism" in most people's minds is inexorably linked with free markets, and it's in that sense that I use it. And when you have actual free
Re: (Score:3)
So maybe I have the recursion problem you describe, but "capitalism" in most people's minds is inexorably linked with free markets, and it's in that sense that I use it. And when you have actual free markets, there's no place for corporatism because you don't have a state powerful enough to be worth coopting.
It's generally true, because capitalism in the absence of free markets tends to degenerate. But then, for most people, the meaning of the word "free market" is the one that it had since introduced by Adam Smith - to wit, a market with free competition. In other words, without monopolies. In Smith's time most monopolies were government-created, and he covered them in detail, but he also had the foresight to warn about collusion between market players themselves, and the harm it would do by making the market
Re: (Score:2)
And by now it probably won't surprise you that I'm libertarian and that the Austrian school economists are the ones that I... well, disregard the least, I suppose. That's why I think the problem of unnatural monopolies in a free market aren't a huge problem, since there's no regulatory barrier for new competitors to undercut the conspirators. Even when a cartel is too big to have to worry about new entrants, like OPEC, they're not that great at staying banded together.
Re: (Score:3)
Re: (Score:2)
in most people's minds is inexorably linked with free markets
Where I live that's certainly not my experience, but then again the people I know are not a valid statistical sample of the population.
So, on what do you base that?
Re: (Score:2)
Honestly? Too many conversations about this sort of thing on the Internet.
Re: (Score:2)
Rather than quibbling about the meaning of a word, why not look it up? [wikipedia.org]
Re: (Score:2)
Rather than quibbling about the meaning of a word, why not look it up? [wikipedia.org]
If you read further, you'd see that shutdown and I were approaching this from different economists' definitions. So you're adding yet another definition for us, which is fine, but doesn't really resolve anything.
You're saying dogs aren't mammals because cats are mammals and dogs aren't cats. In short, your definition is incorrect.
Wow, bold and everything — must be true. That, or maybe my definition seems to be used by some people, but not by others. I think now that I've explained it that reasonable people can figure out where I'm coming from.
Perhaps you're listening to the wrong drug-addled sex tourist on your radio? You would do well to broaden your horizons.
Kai Ryssdal [marketplace.org] is a drug-addled sex tourist? Wow, I learn something new eve
Re: (Score:2)
Re: (Score:2)
Oh, well, that too.
Re: (Score:2)
I hear there's a very nice little commune in Guyana.
Re:Open Source (Score:4, Informative)
... it does need mobile clients, although an Android client is apparently in the works.
Re: (Score:1)
Just uninstalled skype, installed Jitsi and Will advocate / promote the living hell out of it
Fuck you Microsoft.
Re: (Score:2)
I fail to see the correlation...
Skype is a huge step backwards to phone service of the 60s or earlier, there is a single provider and you must use clients which are provided by the telco, and lets not forget that monopoly telcos never used to charge by the minute for calls originally, that was introduced later.
Today things are generally much better... There is often a choice of landline providers depending on your location, and there is usually a choice of mobile providers. The same is true of proper (ie st
Re:Open Source (Score:5, Insightful)
Time to switch to something where we actually know what the software is doing.
Now all have to do is convince friends, family, business and professional contacts to abandon Skpe. Something which is not going to happen.
Re: (Score:3)
Why not? Are they in favour of unauthorized government and corporate wiretapping? I would think most could be convinced quite easily.
Re: (Score:3, Insightful)
Most people THINK they do not have anything to hide, such as when they talk about the antics of their 3-year-old grandson or other inane conversations. Therefore most people would not switch or quit using Skype. Anyone who does have deep dark secrets they wish to hide from the KGB, FBI, NSA, Gestapo or other such agencies, would not be using Skype or any other easily intercepted communication system.
Re: (Score:2)
>Anyone who does have deep dark secrets they wish to hide from the KGB, FBI, NSA, Gestapo or other such agencies, would not be using Skype or any other easily intercepted communication system.
So they are basically right. The NSA is already listening. Unless you're in a position to do something about it, might as well live your life and not worry about it.
Re: (Score:2)
Probably in your country there are no corrupted officials who spend their working days listening to conversations. But the corruption does exist in many places.
Why not to use both programs? We are often influenced by the magic of the figure 1. But dualism is a good principle, which is also widespread in the nature.
Re: (Score:2)
Why do we supposedly need "something to hide" in order to find it sucky being watched/eavesdropped all the time? The fact is it just plain SUCKS if you have to live your life knowing that somebody is/can watch what you're doing and listening to what you're saying. This is why we have things like curtains, why we usually close the bathroom door, and why the Panopticon is referred to is conceptually always a "prison". We shouldn't have to justify not being monitored, that notion turns everything about the pri
Re: (Score:2)
Re: (Score:2)
Better still: invest in hard drive and archiving manufacturers.
Profit!
Re: (Score:2)
Try it and come back with your results. You'll probably be disappointed by reality.
Re: (Score:2)
IME, most are already quite sure that the government can tap any call they damn well please, regardless of the technology.
"News: Skype is no longer difficult for government to monitor!" will, by many, be met with a reaction of "What, you mean it used to be difficult? No way!".
Skype didn't become popular because of the encryption. It became popular because it was the first easy to use software phone that made a couple of simple promises: free calls between Skype users, no complicated setup, works through mos
Re: (Score:2)
They say if you put a frog in boiling water, it will jump out. But if you put him in water and slowly raise the temperature, it will slowly cook itself... We are the frogs! When I told a f
Not abandon. More *also run* (Score:2)
But if said friends have a Google account, they can already log into a XMPP/Jingle server using any compatible client (like Jitzi) and as long as both end support ZRTP encryption, the communication will be secure.
Has some tried if Jingle works between people connected on Facebook's XMPP gateway ?
In both case, you don't need to drag you whole network into a newer system, you only have to convince users to install a software supporting the necessary standard, you already have a network to leverage.
Now if some
Re: (Score:2)
Something which is not going to happen.
They're already looking.
Call quality, reliabilty an stabilty have all fallen dramatically over the past few months. Just about everybody is pissed off with it.
Re: (Score:2)
Not with *that* attitude.
Re: (Score:2)
I fully agree with your sentence but not necessarily your link.
Yes, all nerds should abandon Skype as soon as possible. However given its rather unfinished state I'm not sure Jitsi is the realistic alternative at this stage.
Re: (Score:2)
Time to switch to something [jitsi.org] where we actually know what the software is doing.
Will Jitsi let me call everyone else I know who uses skype?
Trying to convince them all to ditch Skype due to the government monitoring them is a waste of time since most people in the world are not that bothered about it. They just the view that since they are noting anything wrong they have nothing to hide or that if government want to monitor them it will find a way anyway.
Re: (Score:2)
It will let you call everyone who has a Gmail account ... so in most cases they won't need to start using a new service.
Only if they keep their Gmail account open all the time. I also have a Gmail account with chat enabled but since I only open it in a browser when I actually want to send or read an email I probably hardly ever show as online.
For me, the real question is... (Score:3)
If it's traditional warrant methods then I'm not really any more concerned than I am for regular phone calls on POTS lines. If it's otherwise then I'm glad that I never set up a Skype account.
Re:For me, the real question is... (Score:5, Insightful)
Don't get your hopes up. It's "on the internet". Seems consitutional rights don't apply there.
Re: (Score:3, Insightful)
Seems consitutional rights don't apply there.
what's that?
and in a few years, the current generation of its time will ask that, with a full serious face.
Re:For me, the real question is... (Score:5, Informative)
Your government already thinks constitutional rights don't apply when the target is not a US citizen (bonus points if they aren't even in the US)
Re: (Score:2)
Nothing in the Constitution gives them the authority to ignore anyone's rights. From the Bill of Rights:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
The right of THE PEOPLE, not of "the citizens".
No person shall be held to an
Re: (Score:2)
Because if they're going to extend their laws to cover the rest of the planet, they better damn well be prepared to extend their constitutional protections to the rest of the planet too.
Personally, I'm waiting for the US government to invite me to vote in federal elections. Congress apparently has authority here (and everywhere else - or at least it thinks so), so where's my damn representation?
Re: (Score:2)
This will stop and we will choke you with your own WIRES!
Re: (Score:2)
Yea, this can be a good thing if used properly, or a bad thing if not.
The thing to keep in mind is (Score:2)
People up to something will use a smaller, more secure system, perhaps even rolling their own communications (hey, it's not that hard).
So the people they really want to monitor is *us*.
Re:The thing to keep in mind is (Score:4, Insightful)
So the people "up to something" will use encryption we cannot monitor, you say? Well, I guess that means that everyone who doesn't use our standard encryption that isn't worth being called encryption is suspicious just for using an encryption method we cannot eavesdrop in.
Thank you for your input, citizen, it will be considered with the next round of new laws.
Problem: It is not true (Score:5, Informative)
This from the TFA:
Skype has gone under a number of updates and upgrades since it was bought by Microsoft last year, mostly in a bid to improve reliability. But according to a killer report by the Washington Post, Skype has also changed its system to make chat transcripts, as well as users’ addresses and credit card numbers, more easily shared with authorities.
The " to make chat transcripts, as well as users’ addresses and credit card numbers, more easily shared with authorities" is pure speculation.
And the alleged updates "since it was bought by Microsoft last year" (supernodes hosted in central data centers) was actually started in 2010, well before the Microsoft acquisition:
http://www.zdnet.com/skype-talks-back-to-critics-on-security-and-privacy-7000001682/ [zdnet.com]
But this is slashdot. Why let facts get in the way of a good rumor-fueled speculation when it promises for a good Microsoft bashing?
Re: (Score:2)
The " to make chat transcripts, as well as users’ addresses and credit card numbers, more easily shared with authorities" is pure speculation.
I actually suspect there's some substance there, but the practical purpose is different. As anyone using Skype today knows, it's truly P2P, even when it comes to chat history - meaning that your devices will sync your chats between each other, but only when they are both online to share it. If, say, you always log off on the desktop before logging on the smartphone, it won't share them. And if you're offline on all devices, messages can't be sent to you - the sending client will keep showing the spinning ci
Re: (Score:2)
Both these things are often complained about, but the only other way is to store full chat logs on the server, so that they can be pushed to all clients later when they come online. This would also make history sync always work on all clients. But it, of course, means that your chat logs are now subject to subpoenas, NSA security letters, and whatever else the government has at its disposal.
You could solve this with public key encryption, if you really wanted to. The chat messages could be stored on the server encrypted with the sender's and the receiver's public keys, separately.
Re: (Score:2)
Yeah, but it would require some conscious effort. And I don't think any existing IM system with server-side logs does it that way. GTalk sure doesn't.
Re: (Score:2, Informative)
When you go to another computer, you can still look up your chat transcripts. How do you suppose that is, if Skype doesn't have them? And if Skype has them, who else do you suppose Skype could share them with?
How was this modded informative?
Re: (Score:2)
On the other hand, I'm sure there's no possible way this wild speculation could just be wild speculation. Never!
Face it, unless you're fucking psychic you don't know the real reason they did it.
Also, as a side note, you failed to address the fact that the migration to using centralised data centres was initiated by Skype Communications S.a.r.l, not Microsoft.
Re: (Score:2)
Uhmm, the reason? F* the reason, you're a customer, it's the result that matters (which affects you), which seems fairly shady at this point. Reason, right.
What could go wrong? (Score:2)
Architecture that facilities a man in the middle attack (which is essentially what this does) is just asking for trouble. Skype used to have a pretty impressive peer to peer encryption design. No longer, I guess.
This is bad if law enforcement uses it illicitly. It's worse if some Skype/Microsoft employees go rogue, or if a hacker breaks into the infrastructure. I mean, you're baking insecurity right into the design of the frickin' product. What could go wrong?
I wonder sometimes if big brother is going
Re: (Score:3)
Skype used to have a pretty impressive peer to peer encryption design. No longer, I guess.
Yes it does. Nothing has changed with the peer-to-peer encryption. You have been fed rumors, speculation. Here is what Skype says (but if you *want* to make it into a conspiracy you can of course assume that they are lying):
Skype software autonomously applies encryption to Skype to Skype calls between computers, smartphones and other mobile devices with the capacity to carry a full version of Skype software as it always has done. This has not changed.
(from http://blogs.skype.com/en/2012/07/what_does_skypes_architecture_do.html [skype.com])
This is once again someone irresponsibly reading license terms and trying to twist every phrase and condition into something sinister. Like Skype making sure that you understand that instant messages may be sto
Want to know the truth about Skype? Read on. (Score:5, Interesting)
I'm posting anonymously because I don't need attention. Here's the chronology and you can find the sources of these claims on your own.
- NSA issues a billion dollar RFP asking for a solution to wiretapping Skype
- as years pass, NSA's concerns about Skype keep on growing, they keep on lobbying lawmakers and industry officials
- out of the blue, MS buys Skype and pays an astronomical price
- buying Skype at that price makes no sense for MS since it poisons their relationships with carriers and pundits are confused
- first thing MS does is it kills supernodes and installs THOUSANDS of Linux servers running grsecurity http://grsecurity.net/news.php#Skype
- that means that ALL Skype traffic now passes through MS servers and can be easily wiretapped since MS holds all the keys and can easily perform a MITM attack
- NSA starts jumping from joy because their biggest black hole has been plugged.
- MS is happy because they are now getting regular large checks from NSA
tl;dr: Skype's a botnet and NSA paid MS to buy Skype
Re: (Score:2)
- first thing MS does is it kills supernodes and installs THOUSANDS of Linux servers running grsecurity http://grsecurity.net/news.php#Skype [grsecurity.net]
- that means that ALL Skype traffic now passes through MS servers and can be easily wiretapped since MS holds all the keys and can easily perform a MITM attack
No, it means that SOME Skype traffic (i.e. text messages, but not voice calls) can be easily wiretapped.
tl;dr: Skype's a botnet and NSA paid MS to buy Skype
That's not borne out by your data. In fact, the Ars article [arstechnica.com] referenced in your link states that supernodes play no role whatsoever in making calls.
I don't trust Microsoft at all; in fact, I think they can be relied on to do whatever they think is reasonable to get along with government (and by extension, law enforcement). But this particular issue - the establishment of grSecurity supernodes - doesn't get
Re: (Score:2, Informative)
That's not borne out by your data. In fact, the Ars article referenced in your link states that supernodes play no role whatsoever in making calls.
That's not exactly right. Supernodes (now controlled by Microsoft) provide:
1) NAT traversal: meaning... if, for some reason, the two people who want to talk can't connect directly (not that rare), the calls themselves _do_ go through a supernode;
2) rendezvous points/P2P bootstrapping/user location services: this means that Skype/Microsoft, if it wants, can basically "lie" about the location of the person you want to talk to (it has all the keys, after all), allowing them to impersone that user. It then prox
Re: (Score:2)
Skype is essentially running SIP under the hood (slight differences, but essentially the same). The supernodes aren't usually involved in signalling because NAT can be traversed using other methods. However, the supernodes will carry voice traffic. I have no idea what the initial poster means by "MiTM attack". Normally when you are talking about man in the middle, you are talking about spoofing one of the ends. I suspect that's not what they meant because why would you want to do that.... I suspect th
Re: (Score:2)
CALEA's "Second Report & Order" states it's providers that must foot the bill. If our government paid for MS to acquire Skype perhaps there are shady deals afoot, but the US law states providers must pay the costs of snooping: the aforementioned shady deals would be very bad behavior from the US of A government, paying to acquire CALEA compliance.
The costs of running a couple thousand Linux nodes & paying bandwidth can not be that bad. MS certainly knew they'd have to remake Skype when they bought t
Re:Want to know the truth about Skype? Read on. (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
I really don't think the NSA is of much concern. They listen to everything, and they tell no one (not even other governemnt agencies like the DEA, FBI, CIA or DHS) and never do anything. They're a bunch of math geeks. I don't understand their mandate.
Primarily their mission is to be the intelligence branch of the military and they're not in the habit of sharing much either. But if they do, you can be sure the NSA is going to do their best to not look involved and not compromise their SIGINT assets. When they compromised Engima during WWII, do you think they sent out a press release? No. They just used that information selectively, acting like they were just lucky to hit the German forces so hard. NSA is the same way, even if they gave a tip then the DEA
Really? I've notices the opposite... (Score:2)
mostly in a bid to improve reliability
. /. articles that try to put a positive spin on a negative situation?
Is this one of those far too numerous grassroots
This is a story... (Score:2)
From "stealing" mp3s to citizen surveillance (Score:4, Interesting)
*facepalms* (Score:2)
So, what you're saying is, you've created a giant lollipop for crackers everywhere, where they need only compromise your giant database to get millions and millions of credit cards, passwords, addresses, and more. Were I Loyds, I would not even offer a probability on this happening at some point in the near future.
*facepalms* It's like they've all been taught anti-security. MS -> "Let's ditch our push to safer, garbage collected, safe strings, randomized memory location languages, and bring back C++ with
Re:time to bypass the middlemen (Score:5, Insightful)
Umm, how about no thanks? It's time for the programmer community to develop easy to use, robust, strongly encrypted, point to point programs.
And that will happen right after ipv6 becomes standard and NAT goes away. point to point is pretty tricky to make 'just' work in our currented "ipv4 nearly everyone is behind a NAT system".
Realistically, a middle man is going to be here for a long while yet.
Re: (Score:2)
Realistically, a middle man is going to be here for a long while yet.
Which really isn't a problem - for instance using asterisk as a ZRTP passthrough.
In theory this should cost ~$3/mo for most people to use if both ends are correctly configured.
Re: (Score:2)
Which really isn't a problem
The "problem" is that we want point to point communications (no middleman) that aren't a pain to make work.
Your solution doesn't seem to address this.
- for instance using asterisk as a ZRTP passthrough. In theory this should cost ~$3/mo for most people to use if both ends are correctly configured.
We still have a middleman (to whom are we paying $3/mo).
We still have to configure 'both ends' - this is the "pain to make work" that end users don't want.
Point to point communications w
Re: (Score:2)
The "problem" is that we want point to point communications (no middleman) that aren't a pain to make work. Your solution doesn't seem to address this.
Oh, I thought we wanted secure communications today because Skype is bugged.
We still have a middleman (to whom are we paying $3/mo).
Which is a decent deal, as compared with Skype.
We still have to configure 'both ends' - this is the "pain to make work" that end users don't want.
Yeah, brand new technology tends to require fiddling. Come back in 5 years and it
Re: (Score:2)
MS just seems to time some of their mis-steps so well. There is hope [jitsi.org]. I only wish some of the Linux distros didn't screw up their desktop environments just as Windows 8 was coming out and Valve was looking at Steam for Linux.
Re:time to bypass the middlemen (Score:5, Insightful)
Re: (Score:2)
Not if it is an open protocol. ZRTP looks like an asymmetric encryption, you can hardly monitor that.
Re: (Score:2)
It's time for the programmer community to develop easy to use, robust, strongly encrypted, point to point programs.
"easy to use" being the keyword on which Free Software has consistently been failing because it is by geeks, for geeks.
Re: (Score:3)
You dumped your ISP?
I've never tried a ZRTP [wikipedia.org] connection through Tor, but in theory that's most of the necessary parts.
If governments didn't attack Tor exit nodes there would be plenty of bandwidth available for everybody to have this level of privacy.
Re: (Score:2)
>You dumped your ISP?
ISP is irrelevant with asymmetric encryption. Sure, they may know who I am connecting to, but that's what VPNs are for.
Re: (Score:2)
So the worst they can do is to block communication? Nice way to be told that somebody has an interest in your talk.
Re: (Score:2)
I wouldn't say he intentionally encouraged piracy, but he must have been aware that he derived most of his income from piracy.
Re: (Score:2)
I can't in good conscience recommend using Skype to any business for communications, which can often be sensitive, as long as Microsoft is putting in backdoors. Need to find another platform.
I've been recommending SIP solutions for business for years. The Grandstream phones work very well when paired with Asterisk servers.
To be honest, I don't know how this news changes anything WRT Skype - its always been a closed system where the security is completely unverifyable (and the software has been designed to make discovering what its doing really hard), if you trusted it before you were an idiot.
Re: (Score:2)
if you trusted it before you were an idiot.
That's a bit harsh.
Skype has ~650 million users. With Skype support in Asterisk it makes a lot cheaper to take inbound international calls, and still route Skype calls into a traditional call center. There has been some interest expressed by clients that I work with.
There is a big difference between a platform that is reputed to be P2P with strong encryption being trusted to carry communications, and a platform that is openly advertising support for backdoors with law enforcement.
As for completely unverif
Re: (Score:2)
"We are going to implement a backdoor and pray like fucking crazy hackers don't find it to pwn us".
Why do you think the they would need to find it, and why do you call US intelligence services doing industrial espionage hackers?
Re: (Score:3)
You're missing the point here, the problem with Skype is that it's perceived as easy to use and it was the first popular one on the market, so it's crazily widespread. I use Jabber with my family, employees and other people whose computers I can control. I use Jabber with some technical people whose computers I do not control. But I gotta use Skype with non-technical people I can't influence about softw
Re: (Score:2)
Two words:
Retroactive immunity.