How private are Skype chats? Do you trust that only you and your message partner can read your conversations? It’s time to think about that a bit. Recall when introduced Skype was a peer-to-peer system (P2P), with every user a node, and some users upgraded to super-nodes to facilitate traffic flow. Skype promised all chats were encrypted end-to-end, so only sender and receiver could decrypt and read; intermediate nodes and super nodes did not have the keys.

Then Micro$oft bought Skype and began integrating it into the M$ world. Somewhere along the line, M$ completely re-engineered Skype from a P2P architecture to a client-server architecture. All traffic passes through Skype servers at M$ sites for routing. And M$ only promised that traffic would be encrypted between user clients and the M$ servers. You will not find mention of P2P or end-to-end encryption in M$ Skype. So, is Skype traffic on the servers encrypted? I’d guess yes. But does M$ have the keys for that encryption? Of course!

Now a new book by Peter Schweizer, Red-Handed: How American Elites Get Rich Helping China Win, drops tidbits about how M$ worked with China. From an online article about the new book, we read,
“According to the book, Microsoft also allowed PLA [People’s Liberation Army] officials to monitor chats on Skype that might be used for organizing protests and other dissident activity in the country.
When asked about it, Skype said “Skype’s mission is to break down barriers to communications and enable conversations worldwide.”

If M$ will work with one national government for Skype-snooping, how many others will they work with /have they worked with?

Feeling secure now, are you?

[Previously posted on Cragin's Random Thoughts]