German Government Skype interception methods leaked...

Stephan Somogyi cryptography at lt.gross.net
Sat Jan 26 18:15:33 EST 2008


At 10:24 -0500 26.01.2008, Perry E. Metzger wrote:

>     "Wikileaks has released documents from the German police revealing
>     Skype interception technology. The leaks are currently creating a
>     storm in the German press[...]"

I've skimmed some of the coverage and I can't help but think that 
this is being hyped in large part because Skype is mentioned.

What's being described seems to require running DigiTask's code on an 
endpoint. If you're installed on the machine anyway, rather than 
grabbing packets on the wire, all you'd need to do is get the data -- 
eg by inserting yourself into standard OS audio and HID APIs -- 
before Skype's code processes it. Such an approach would never have 
to deal with encrypted bits, and really has nothing to do with Skype 
at all.

NB also that unless they've implemented specific countermeasures in 
the mean time, Skype remains vulnerable to traffic analysis, cf. 
<http://arstechnica.com/news.ars/post/20060824-7582.html>.

s.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list