The whole part about being "hacked" is hilarious. It seems way more plausible that Skype internally uses fonts with special glyphs for its icons, and that when it couldn't find them for whatever reason, it defaulted to the next font on the font stack, which had Chinese characters on the codepoints where those glyphs were expected to be.
-- "In 2008, when the company was owned by eBay instead of Microsoft , a Skype spokeswoman told CNET : "We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request."
-- "After buying Skype, Microsoft dramatically overhauled its architecture, replacing peer-to-peer "super nodes" with thousands of servers run by Microsoft -- a more centralized approach that may have made it easier for government eavesdroppers. Around the same time, Microsoft would no longer stand by Skype's earlier claim to be wiretap-unfriendly."
I have a Skype subscription and I consistently receive complaints on the other end of the line. Skype worked well from 2007-2010 on Nokia N8x0 devices and Windows.
It's been god-awful since then. I think I've had one acceptable call. As for my point, eBay and Microsoft truly slaughtered Skype.
and now skype video calls actually work instead of playing "super node roulette" with quality and connectivity. Not to mention, being deemed a super node randomly at work and watching all your upload bandwidth being eaten by idle skype clients.
I have no idea if the new server-based system is wiretap friendly, but the old system was definitely 100% business unfriendly. Companies pay for GotoMeeting, Webex, Lync, voip video calls, etc for a reason. Skype had to be modernized to compete with other services. I don't see some grand conspiracy here. Why would MS spend all this money to just help the government? Its just asinine.
Those who need encrypted and secure communications were foolish to trust Skype in the first place. If you aren't rolling your own FOSS-based applications on your own hardware, you can expect zero privacy here. I imagine the "old" Skype was just as easily gamed. Sorry if I don't think some spokesperson's PR statement is proof that it was truly secure. Especially considering Skype was originally a Russian company. There's precedence for this, for example Blackberry's "unbreakable" peer-to-peer encryption scheme is regularly downgraded, invisible to the end user, to more breakable bitrates per national law. I believe India and Saudi Arabia do this.
"third-party Skype client (e.g. to have support in Pidgin)"
Funny because recently the old Skype plugin for Pidgin was re-written to utilize the new HTTP Skype. So now you have a nice client-less Skype chat in Pidgin. I'm certain someone could study it to write their own client.
I've been using the HTTP-based skype pidgin client. It seems to mostly work - the only show stopper is that file transfer requests fail silently. I had someone trying to send me a file. I had no idea. It was a little awkward.
The author cites Wikipedia. In the comments a poster claims to have added that bit to Wikipedia but was unable to cite any sources for it.
"Since i could not find any reference for it, I added it to the wikipedia page but was not fully certain i was right and that someone would remove it if i were wrong since i know really very little about how it works on the inside."
Really? They are sending messages as plain-text over the wire?
Now I was going to say encryption is pointless anyway as Microsoft (as did Skype previously) happily log everything and give it to more and less democratic governments all over the world. But at least use some encryption to keep the middle man out.
The very earliest versions used plaintext, but they started tunneling it over HTTPS a long time ago more due to firewalls than out of privacy reasons. I don't think people ever thought MSNP was end-to-end secured, and treated it more or less like an instant form of email.
On the other hand, authentication was always secured via HTTPS, so passwords were never sent in plaintext.
IF I remember correctly, the P2P patents and technology where not included in the deals, only a licence. My guess is that Microsoft sees that as reason to "align" their technology stacks.
Zennström really made a number of good deals, selling the same thing several times.
• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
• Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
• In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".
Not just that, but there are still very few third party clients that speak version 24, which makes interop kind of difficult. See http://ismsndeadyet.com/
[+] [-] slapresta|10 years ago|reply
[+] [-] larrik|10 years ago|reply
[+] [-] jdavid|10 years ago|reply
-- "In 2008, when the company was owned by eBay instead of Microsoft , a Skype spokeswoman told CNET : "We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request."
-- "After buying Skype, Microsoft dramatically overhauled its architecture, replacing peer-to-peer "super nodes" with thousands of servers run by Microsoft -- a more centralized approach that may have made it easier for government eavesdroppers. Around the same time, Microsoft would no longer stand by Skype's earlier claim to be wiretap-unfriendly."
[+] [-] orbitingpluto|10 years ago|reply
It's been god-awful since then. I think I've had one acceptable call. As for my point, eBay and Microsoft truly slaughtered Skype.
[+] [-] drzaiusapelord|10 years ago|reply
I have no idea if the new server-based system is wiretap friendly, but the old system was definitely 100% business unfriendly. Companies pay for GotoMeeting, Webex, Lync, voip video calls, etc for a reason. Skype had to be modernized to compete with other services. I don't see some grand conspiracy here. Why would MS spend all this money to just help the government? Its just asinine.
Those who need encrypted and secure communications were foolish to trust Skype in the first place. If you aren't rolling your own FOSS-based applications on your own hardware, you can expect zero privacy here. I imagine the "old" Skype was just as easily gamed. Sorry if I don't think some spokesperson's PR statement is proof that it was truly secure. Especially considering Skype was originally a Russian company. There's precedence for this, for example Blackberry's "unbreakable" peer-to-peer encryption scheme is regularly downgraded, invisible to the end user, to more breakable bitrates per national law. I believe India and Saudi Arabia do this.
[+] [-] Xylemon|10 years ago|reply
[+] [-] zipperhead|10 years ago|reply
[+] [-] dsl|10 years ago|reply
"Since i could not find any reference for it, I added it to the wikipedia page but was not fully certain i was right and that someone would remove it if i were wrong since i know really very little about how it works on the inside."
[+] [-] revelation|10 years ago|reply
Now I was going to say encryption is pointless anyway as Microsoft (as did Skype previously) happily log everything and give it to more and less democratic governments all over the world. But at least use some encryption to keep the middle man out.
[+] [-] userbinator|10 years ago|reply
On the other hand, authentication was always secured via HTTPS, so passwords were never sent in plaintext.
[+] [-] dimino|10 years ago|reply
I wonder if anyone's trying to advance this at all -- the 3rd party plugin doesn't seem to receive updates anymore.
[0] - http://xtras.adium.im/index.php?a=xtras&xtra_id=5011
[+] [-] Xylemon|10 years ago|reply
[+] [-] acqq|10 years ago|reply
[+] [-] kpil|10 years ago|reply
Zennström really made a number of good deals, selling the same thing several times.
[+] [-] higherpurpose|10 years ago|reply
[+] [-] jdavid|10 years ago|reply
Quote:
• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
• Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
• In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".
[+] [-] dimino|10 years ago|reply
[+] [-] McGlockenshire|10 years ago|reply
[+] [-] unknown|10 years ago|reply
[deleted]