Modern means of online communication on the Internet involves the use of VoIP technologies. It is these technologies that allow communication at the level of voice and video calls. It is clear that everything that you say to your interlocutor at a certain point in time is stored either in the form of an audio file or in video format on the server of the manufacturer or the company that provides provider services.

This information, in general, is absolutely confidential, which neither the software developer nor the provider providing Internet access services has the right to disclose.

Now, imagine that any federal agency gets full access to your data, conversations and video calls. To some extent, this is reminiscent of the KGB service that was under the Soviet Union. If such a law is passed, you can imagine how many users will immediately refuse to use IP-telephony, knowing that their conversations and correspondence are under tight control. Well, how will you react? At best, you will tell the federal service to go to hell, and the software product developer to strengthen the encryption system for transmitted and received data, since the AES-type encryption system is absolutely out of date today.

If you look, then, by and large, moreover, that Skype allowed to listen, you can refer to many legislative acts of any country. It seems that, first of all, users located in America and Europe, who have clearly defined rights to protect the confidentiality of personal correspondence, will not agree with this. And no government or intelligence bureau has the right to check private messages, mobile calls, calls from a home number without the permission of higher authorities.

And sanctions for ordinary wiretapping are given only if you are suspected of some kind of criminal activity.

However, for many services, in connection with the adoption of the law on listening to Skype, a situation is created when, as they say, their hands are untied. After all, in fact, you can bring a lot of even the most ridiculous accusations to a person using this application. Yes, both video and voice fakes are created quite elementarily. The main thing is the availability of appropriate software.

Here, the actions of Microsoft itself, which owns this service, become somewhat incomprehensible. According to one of the points of the privacy policy, information about conversations can be provided to law enforcement agencies upon their request. But now we are dealing with the connection of intelligence agencies to conversations and video chats, even without the knowledge of users. All this raises some doubts about the legality and expediency of such a service. However, according to the developers themselves, this is just a refinement of such a popular software product. Although, the technology of "legitimate intervention" is already patented by the owner company.

Thus, if we take into account that Skype wiretapping is still legal, it is quite elementary to attribute any person who uses this program, say, to a potential terrorist, maniac, etc., etc. Where is the difference? How will the federal service be able to distinguish a real maniac or terrorist from a computer game lover who plays a team game using Skype.

And precisely because of this, many listen to the program absolutely do not like it. If you figure it out, then even online you can listen to voice or video conferences that use voice and gestures. Well, imagine that some official is sitting at the control panel, and at that time you are playing something like World Of Warcraft. How will he react to your gestures in front of the camera and your exclamations, like, “I will kill you!” or "Taking hostages!" in games like Counter Strike. We must lie that any gamer will not agree with this, even fundamentally. And we are not talking about office workers and companies that have a lot of information that is not supposed to be disclosed ...

Anticipating the article, I would like to note - a couple of years ago, when Microsoft bought Skype, the Russian media raised the issue of the possibility of leaks and violation of the confidentiality of conversations and chats in Skype. Up to this point, everyone was aware of the rather tough position of the Skype developer regarding the security of their clients. Defending the interests of clients in front of the special services forced the latter to prevent the wide dissemination of Voice over IP technologies with a sufficient level of protection. The purchase of Microsoft technology enabled law enforcement agencies to dictate their terms to corporations - as you know, for use in information systems with personal and other secret data, you need to have a "verified" FSTEC Windows distribution kit.

The Russian special services now have the ability to track Skype conversations, several participants in the information security market told Vedomosti.Ilya Sachkov, CEO of Group-IB, says that "for a couple of years now" special services have been able not only to listen, but also to determine the location of a Skype user. “That is why employees of our company, for example, are forbidden to communicate on work topics on Skype,” Sachkov says.

After Microsoft acquired Skype in May 2011, it provided the Skype client with legal eavesdropping technology, says Peak Systems CEO Maxim Emm. Now any subscriber can be switched to a special mode, in which encryption keys that were previously generated on the subscriber's computer or computer will be generated on the server.

Having gained access to the server, you can listen to the conversation or read the correspondence. Microsoft provides the ability to use this technology to intelligence agencies around the world, including Russian ones, the expert explains. According to two information security experts, Russian intelligence services do not always get access to correspondence and conversations on Skype by court order - sometimes it happens "just by request." It is impossible to believe that listening to Skype is an insurmountable problem for Russian law enforcement agencies, confirms an employee of the Ministry of Internal Affairs.

A few days earlier, Bloomberg Businessweek, citing a study by 27-year-old American student Jeffrey Knockel, wrote that the Chinese version of Skype (TOM-Skype) has an option to track subscriber activity.

As Nokel showed, the Chinese distribution of Skype includes a so-called "keylogger" - a program that remembers the sequence of letters and numbers typed on the keyboard. This program, according to Nokel, checks the messages typed in Skype for the presence of "undesirable" words in them, and sends the collected data to the Chinese special services.

According to Knockel, TOM-Skype monitors both links to resources with pornography and drug references, as well as specific words, such as Human Rights Watch, Reporters Without Borders, BBC News. In addition, conversations in which plans to hold protests are discussed are in the field of view of Chinese intelligence services.

Addition.

Skype denies the information that has appeared in the media about wiretapping of conversations by Russian special services.

“In order to ensure that Microsoft (owner of Skype) products are tested for security for government use, the company has an agreement to use the source code of the product. Revealing the codes does not allow access to products used by commercial and private individuals, and does not give government organizations the ability to read encrypted messages or receive data from private users,” a communications agency working with the company told reporters.

An agency spokesman stressed that "providing the source code does not mean revealing the secrets of private correspondence or provision."

“All encryption algorithms that are used by government agencies of various countries are widely known - these are Russian, and American AES, and others. Knowing the encryption algorithm and not having a key that is created on the user's side, it is impossible to read the user's message - this is one of the foundations of cryptography," the agency representative said.

Microsoft's official comment in Russia boils down to the fact that the transferred information about the source codes of the program was disclosed because this software is used in government organizations. "Microsoft has an agreement on the use of source code in the interests of increasing confidence in Microsoft products (Government Security Program, GSP). Previously, the company expressed its readiness to disclose the source code of Skype to the structures of the domestic FSB. This in itself would not reduce the strength of the encryption. However, further explanations sounded strange: "this would allow the FSB to develop ways to decipher the information."

As part of this program, authorized bodies get access to the source code of an expanded number of products intended for use directly in government bodies (which requires the highest degree of security and reliability), as well as tools for their analysis.

"Disclosure of codes under the GSP program does not imply access to products used by commercial and private individuals, nor does it enable government entities to read encrypted messages or obtain private user data," says Skype.

In theory, knowledge of encryption algorithms does not give additional chances to eavesdrop on a conversation. Although you can find flaws in the implementation of protective mechanisms and bypass not, but, for example, unsuccessfully connected user interfaces. Remove sound not from a running program, but from the general sound manager of the operating system. Finally, use not a full enumeration of keys, but a specifically targeted one, designed to exploit "bugs" in the implementation of the Skype code, if the bugs themselves, unknown to developers, can be found at all. And if the authorities have enough competence for this.

It is not clear from the company's comment whether the procedure for generating security keys, which, in theory, should guarantee the confidentiality of both text and Skype voice communications, has changed recently. Previously, such keys were generated on user computers, which were difficult to control.

From a chaotic network to servers

Experts point out that in recent years the method of sending Skype data has begun to change. "After the acquisition of Skype by Microsoft, the architecture of this product began to change," says Anton Razumov, head of the security consultants group at Check Point Software Technologies.

"Previously, a distributed model was used, when traffic went directly from user to user, as a last resort (for example, to bypass dynamic address translation restrictions), intermediate nodes were involved (also skype users, but with a more open connection to )."

"Now the role of servers has really become more significant, which makes it easier to solve the tasks of listening to traffic," says Razumov.

Andrey Sviridenko, chairman of the board of Spirit DSP, which supplies IP-telephony programs to the market, also speaks about this. "There used to be "super-nodes" - user computers that the system automatically assigned as "mini-servers", based, for example, on the fact that these computers had a good Internet channel or a powerful one. This happened automatically, and this network did not have a central element and was difficult to control."

Monitoring the content of social networks of users is not surprising, and probably will have to get used to the limited anonymity of Skype. According to Sviridenko, Microsoft now uses separate data centers that take care of sending Skype data. "Microsoft has strengthened the server component. When everything on the servers is easier to control, a "removal point" appears. Just like in telephony, there are nodes. The SORM system works the same way.“It is known that Skype agreed with the American special services a long time ago, gave them all the encryption keys. They just didn’t have an incentive to negotiate with our special services. Why our special services were excited and dissatisfied. It turned out that our officials were talking on Skype, and the CIA was listening, but the FSB did not. It was an abnormal situation," Sviridenko adds.However, both specialists stipulate that they have no direct data on the operation of such a "wiretap" in Russia. The data is in action. But its existence is not doubted, for example, by the nationalist Dmitry Demushkin, the leader of the "Russians" movement. "In the criminal case against me, there is data on Skype conversations. Four volumes consist only of Skype conversations and VKontakte," he said.

"The data of Skype text conversations in the case is dated to the end of 2011. In my case, there is no data on audio Skype, but lawyers who work on other cases have also encountered them. Yes, Skype is tapped, just like everyone is tapped and monitored", - says Demushkin. Boris Nemtsov, a leader on the opposite end of the opposition spectrum, was not surprised by the talk of Skype working with the security services: "My conversations are always being tapped, so I wouldn't be surprised if Skype is tapped too."

"If they came to an agreement with the FSB, it's a disaster," Nemtsov said. "Skype was a more secure system, but now, obviously, all forces will be thrown into listening to the Skype of the opposition." "I don't have Skype, I'm a primitive politician," said the leader of the Other Russia, Eduard Limonov. the rooms where I lived and worked. I know that everything is tapped, so I behave, I assume, more or less carefully. "

Another factor was the message from H-Security that the links transmitted via Skype are "breaking through" from Microsoft servers. Recall that the fact of visiting only HTTPS links was experimentally confirmed - a little later after they were transmitted via Skype. This observation led to the conclusion that Microsoft uses all the transmitted information, including session and user IDs. This fact has now been confirmed by several independent experts. It should be noted that contrary to Microsoft's promises, regular HTTP is never affected.

One of the hypotheses was that this activity on the part of the company was caused by the new SmartScreen Filter product. However, there are a few inconsistencies, for example:

• Why does link checking happen with a delay of several hours, and not instantly? Time is always of the essence when it comes to spam or phishing, and checking for “outdated” links can at best only result in documenting them.
• How is Microsoft going to rate a page without loading content? Then it turns out that the company cannot create a rating database only with the help of HEAD requests.
• It is possible that this request is aimed at identifying potential redirects to already known "evil" pages. However, such redirects can be either in the page code (meta http-equiv="refresh") or embedded through a regular iFrame, and only a HEAD check will not detect these threats.

Note that the use of SmartScreen Filter is fully documented for Internet Explorer and the algorithm for its deactivation is described. But not for Skype. As a result, there is no official information that this technology is used in Skype chats, and most importantly, there is no information on how to disable it.

Either way, Microsoft's current implementation of "security" mechanisms leaves much to be desired and has huge negative potential in the area of ​​protecting personal data. At the very least, Microsoft should document this functionality and give the user the option to turn it off.

Leave your comment!

Russian intelligence agencies can now eavesdrop on Skype and locate users, even without a court order. Vedomosti writes about this today with reference to several participants in the information security market. The ability to listen to Skype from the special services appeared thanks to the new owner of this service - Microsoft. The Bill Gates company has reconfigured the system so that now any user can be switched to a special mode and put on wiretapping. It is noteworthy that the management of some large companies has already banned their employees from negotiating via Skype. Theme for the radio"Vesti FM" Maxim Emm, Executive Director of PEAK Systems, commented.

Vesti FM: Maxim, the question arises by itself: why, in fact, Microsoft began to provide the ability to listen to conversations?

Emm: First, it happened quite some time ago - in 2012 or even late 2011 - at the request of the United States government law enforcement agencies. And this is a completely logical step, because all telephone conversations of all telecom operators around the world have the right to be tapped by special services. So Skype is no exception.

"Vesti FM": And in Russia, special services can also listen?

Emm: Naturally, there is the SORM-2 system, which is completely understandable. All operators, receiving a license, are connected to it. Therefore, there is no super news here. It's just that all law enforcement agencies have the right to do this under the sanction of the court. The fact that this could not be done in Skype due to its technological features became a temporary omission - sooner or later it had to be solved anyway.

Vesti FM: And technically, how is it all implemented?

Emm: Of course, neither Skype nor Microsoft discloses the details. But, judging by the patent that Microsoft published in the US Patent Office in 2011, there are technologies that allow, if necessary, to duplicate the flow of audio and text information, in addition to what happens between subscribers, somewhere else. And on top of that, they changed the user agreement, which allows them to store all the information on their servers for up to 30 days.

"Vesti FM": This is, of course, surprising, because it is difficult to calculate how many millions of Skype users! Is all this data about every conversation, every correspondence stored somewhere? Is it physically possible at all?

Emma: Of course not! If there is a request from law enforcement agencies to wiretap a specific subscriber, then, of course, all this begins to be conducted on it. This is no different from how mobile phones or landlines are listened to. There is nothing of the kind in this. This is a normal activity of law enforcement agencies to solve crimes.

Listen in full on the audio version.

Popular

03.04.2019, 08:07

“Russia needs an imperial approach”

MIKHAIL KHAZIN: “If we are an empire, we should not be led by OPEC, by all sorts of lobbyists, because in this case the word imperial is used. It should be. What was the strength of Stalin's empire? The Imperials reached the guard on the street. And today all of us are liberal officials, whose main idea is that I am not responsible for anything.”

The Skype service has begun full cooperation with law enforcement agencies, as far as technically and legally possible. Microsoft may allow intelligence agencies to listen to Skype users' conversations, as well as provide access to their private correspondence, following the "new" policy of full cooperation with law enforcement agencies. Note that since its inception, the Skype video communication service has been a serious barrier to law enforcement agencies in conducting surveillance. Using various encryption mechanisms for several years, Skype remained one of the few services whose data interception was almost impossible. However, in the spring of this year, reports began to appear on the network that Microsoft was redesigning the architecture of Skype, changes in which would allow law enforcement agencies to "connect" to the conversations of users of the service. At the same time, Microsoft representatives said that the proposed changes in the program are the usual improvements to the product and there is no reason to believe that the administration of the service is trying to develop backdoors for government wiretapping.

Recall that in May last year, Microsoft patented the technology of "lawful interference", which allows law enforcement agencies to "connect" to users' conversations in various VoIP services, as well as "intercept" the transmitted content without the knowledge of the users themselves. When asked about whether the new technology will be used in the Skype service, the developers did not answer. According to the Slate resource, the owner has changed Skype's privacy policy, in the norms of which one can see the willingness of the creators to cooperate with law enforcement agencies as closely as possible from a legal and technological point of view.

Subject to Section 3 of the Skype Privacy Policy, Skype and its partners may share personal data, conversation content, and/or user data traffic in response to a legitimate request from the judiciary or law enforcement authorities. In addition, instant messages sent by the user will be stored for 30 days, unless another period is requested by government officials.

The head of the development department, Mark Gillett, tried to refute this news in the company's official blog.

"It has been suggested that Skype's architecture has been changed at the behest of Microsoft to give law enforcement greater access to our users' communications," said the head of development. - Delusion. The migration of Skype to Microsoft data centers is based on our commitment to provide the best experience for our users. This move was made to improve the reliability of the platform and increase the speed with which we can respond to issues. It also gives us the ability to quickly implement exciting new features.”

The second suggestion, which is debunked on Skype's official blog, is that the service has recently changed its law enforcement policy.

“The team on Skype, which has been active since 2005 to respond to legitimate demands and requests from law enforcement agencies. Our position has always been to assist law enforcement if they follow the appropriate procedures, if our assistance is required by law and technically feasible. You will find additional information on our position in the rules posted on our website,” says Mark Gillett.

Also, the developer denied the assumption that Skype began to monitor and record audio and video calls of users and provided intelligence agencies with easy access to instant messages.

Mark Gillett emphasizes that the practice of encrypting calls has not been cancelled. “Only the China version of the software contains a chat filter in accordance with local regulations,” added the head of development.

For many years, Skype has gained a reputation as the most reliable and secure means of communication over the Internet from prying eyes and prying ears. In addition, companies that want to prevent employees from using Skype in the workplace are also having a hard time.

Is Skype secure?

It is no coincidence that Skype is considered one of the most well-protected communication channels from eavesdropping. Its creators, who already had experience in organizing the Kazaa peer-to-peer network, created an IP telephony service that works on the principle of a P2P network and actively uses multi-level traffic encryption. Despite the great interest in Skype on the part of both intruders and intelligence agencies, the protocol is quite stable and does not give out its secrets to outsiders.

Despite the repeated rumors of successful attacks and "backdoors", in the entire long history of Skype there have been no official reports that Skype has been hacked and successfully listened to. But law enforcement can rest easy because Skype's management emphasizes that it is ready to cooperate with law enforcement" wherever it is legally and technologically possible". And ordinary users? Obviously, if they are not doing anything illegal, and they are more concerned about protection from intruders than from law enforcement agencies, then they may not worry. Encrypting traffic using AES-256, to transmit the key of which, in In turn, a 1024-bit RSA key is used, sufficient for the most sensitive participants in personal and business negotiations.

Why is it difficult to block Skype

Listening to Skype is many times more difficult than intercepting email, which many people use without resorting to any means of protecting the data transmitted over it. Nevertheless, despite the good security of the protocol, many companies prefer to block employees' access to Skype.

What is it for? As a rule, employers themselves explain this behavior very simply: so that the employee is not distracted during working hours if communication via Skype is not included in the list of his immediate duties. The following motivations are also popular: to avoid possible leaks of confidential information, to save on traffic, which Skype consumes with a very good appetite ... Although the latter is already rare due to the widespread penetration of "unlims".

Nevertheless, due to a number of features of the Skype protocol, even blocking it is not so simple. The fact is that to bypass the blocking with the help of "firewalls", Skype developers have worked a lot at the stage of creating a distributed architecture of their protocol. Therefore, Skype is designed in such a way that it can use both UDP and TCP protocols, and thanks to packet encryption, it is also quite difficult to recognize them in general traffic. Although, of course, it cannot be said that this task is completely unsolvable.

Ways to solve the blocking problem

With the help of Google (or Yandex, if this search engine is closer to you), you can find quite a few forums where system administrators are trying together with varying degrees of success to find a recipe for blocking Skype using iptables. It seems that Skype developers are monitoring attempts by both administrators and firewall manufacturers to block their product, and the most successful of them are neutralized by releasing a new version of the client, which already successfully bypasses new ways to block Skype traffic.

Nevertheless, there are a number of products that are quite suitable for blocking the use of Skype in one single office. The most successful hardware solutions are Facetime's Unified Security Gateway or Cisco IOS Flexible Packet Matching, for example. With their help, you can either completely block Skype traffic, or at least moderate the appetite of the Skype client by setting a fixed bandwidth for it. As for purely software firewalls, according to reviews, TeleMate NetSpective has proven itself well among them. Most of the widely used "firewalls" (let's not point a finger, so as not to offend their manufacturers) in matters of blocking Skype traffic, alas, are not up to par.

However, once again, most administrators who have faced the task of disabling Skype in practice agree that the most effective (and at the same time, perhaps the cheapest for a company) measure is to remove the Skype client from user workstations and permanently making sure he doesn't show up there again. But this, again, requires the use of not the cheapest solutions for monitoring installed software.

Back to listening

Well, having talked about blocking Skype, let's get back to a much more interesting issue - listening to this protocol. As I said above, the encryption capabilities are more than enough to not be afraid that someone will be able to take advantage of the traffic going from one client to another. And, nevertheless, Skype can be listened to and read. But not by intercepting and decrypting the traffic sent by the Skype client, but by intercepting the data stream that has not yet been encrypted and forwarded. Of course, this requires access to the computer of the person whose Skype conversations they want to listen to.

This can be implemented both with the help of programs that intercept all information from the sound card and keyboard (after all, Skype has a chat, and you also want to watch it), and specialized solutions "sharpened" specifically for Skype. The first option is generally implemented with little bloodshed - it is enough to select the Stereo Mixer as the input channel in the same standard Sound Recorder (depending on the sound card, it may be called differently - for example, "What you hear"). Plus some free keylogger , which can be found in five minutes using Google, and you have a ready-made employee tracking system.But it has disadvantages: along with a Skype conversation, the music that the user listens to in between them will be recorded. input - you will have to manually separate the "grains from the chaff", that is, messages sent via Skype from documents typed in Word. As for specialized tools, Google has shown that there are actually few of them. SearchInform SkypeSniffer is rightfully considered one of the best. The program is able to independently select Skype voice and keyboard input from the general stream, and also has powerful search capabilities in the database of collected user messages. Plus, it's part of a powerful data loss prevention solution that you can upgrade to as you wish while using it.

Summary

In general, we can say that if you are not an international terrorist, then you don’t have to worry about intercepting your Skype conversations - ordinary people, even if they are very technically savvy, are still beyond their strength. You can block Skype traffic if you wish, but it's much easier to block the installation of the Skype client itself. Listening to Skype conversations by installing interceptors on the user's computer is not difficult - unless, of course, there is such a need.