Internal intelligence agencies hungry for deeper cooperation from Skype

29/03/2013 17:10

 

Source RT

Intelligence services have for years have been monitoring Skype communications, several participants in the Russian information security industry have told Russian newspaper Vedomosti. According to security experts, access to correspondence and Skype conversations within the Russian intelligence community does not always go through the court system – it is often obtained on a “simple request.”

After Microsoft acquired Skype in May 2011, it updated its software with a technology allowing “legitimate wiretapping,” Maksim Emm, CEO of Peak Systems, told the publication. Since then, any user account can be switched to a special mode in which the encryption keys that were previously generated on a user’s mobile device or computer would be generated on Skype’s server.

With access to the server, anyone can listen to the conversation or read the correspondence, including short messages sent to mobile phones. Microsoft provides the opportunity to use this technology to
security services all around the world, including Russia, the expert explained.

Another expert elaborated that “for a couple of years” the intelligence agencies can not only listen, but also determine a user's location. “That is why our employees, for example, are forbidden to talk on work-related manners on Skype,” Ilya Sachkov, CEO of Group-IB, told Vedomosti.

The Federal
Security Service (FSB) asked Microsoft back in 2011 to provide Skype's source code, claiming it was required to reduce the threat to Russia's national security. Although the code would not allow authorities to obtain direct and easy access to private data, it could help to crack the encryption system.

The request was apparently turned down, leaving security services with the only fully legal ways of obtaining private information – through a direct court request to Microsoft.

RIA Novosti / Iliya Pitalev

Legalized wiretapping

Microsoft’s somewhat cooperative attitude towards releasing private data did not stop the FSB from filing numerous complaints to the company, pushing it to register under a different designation – as a telecommunications operator.

While Skype provides VoIP (Voice over IP) services, the company is not registered as an operator. Such a move would make accessing and collecting private data even easier for the authorities, because in accordance with Russian legislation, mobile operators and Internet service providers are required to collect personal data and store it for at least three years.

Meanwhile, the French telecom regulator ARCEP is also pushing Skype towards further collaboration with the special security services.

The body posted a notice on Tuesday saying that prosecutors had been notified that Skype should register with the authorities as telecom firm as it provides its users with the ability to make phone calls, and therefore is required to meet regulations including “implementing the means required to perform legally ordered interceptions.”

ARCEP added further that Skype's failure to register as an “electronic communications operator,” after several requests by ARCEP, could be viewed as a criminal offense.

Please note : The content on this site does not always express the viewpoints of the site owner

Many topics are covered and links given, so that you can do your own research

 

FAIR USE NOTICE: These pages/video may contain copyrighted (© ) material the use of which has not always been specifically authorized by the copyright owner. Such material is made available to advance understanding of ecological, Political, Human Rights, economic, scientific, Moral, Ethical, and Social Justice issues, etc. It is believed that this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, this material is distributed without profit to those who have expressed a prior general interest in receiving similar information for research and educational purposes.

globalnoncompliance.net