European news sources are picking up confirmation of a long-rumored "back door" in Skype that allows police agencies worldwide to listen in on conversations. Heise Online and Austrian broadcaster ORF both report sources confirm the existence of the Skype back door after attending a late-June meeting in Austria among interior ministry officials (the state police), ISPs, justice ministry lawyers and regulatory experts.
The main purpose of the meeting was to pressure Austrian ISPs to allow the Austrian police to install network bridges and their own computers in ISP datacenters so that they could easily listen in on Internet traffic and even copy it. During this gathering, Skype was mentioned as one Internet communication which already presented no challenge to police eavesdroppers.
Based on these discussions, it was unclear whether Skype was providing information to authorities about a backdoor or giving them a key to decypher communications. There have even been reports that Skype sells such access to government agencies.
Skype tells its customers that their conversations are encrypted and secure. Skype, owned by eBay/PayPal, declined to comment through its official spokeman.
The agenda of the Austrian meeting is quite revealing about the progress of the modern police state concept that now stretches from the Great Firewall of China to the U. S. where telecoms were just granted immunity from civil liability for similar "cooperation," to Europe where the police in Sweden , Germany , and Denmark are enjoying greatly increased power to snoop.
Austrian police wanted the ISPs not only to install and connect their surveillance hardware but also insisted that customers be given static IP addresses to make them easier to track. A few ISPs apparently objected to these plans, but two admitted that they were already providing the police with what they wanted. Even the interior ministry officials admitted that it would now be difficult to get legislation through the Austrian parliament mandating ISP cooperation:
The reason given for not updating the legislation right away was that, in view of the present absence of terrorist activity, it would not currently be possible to mobilise political support for such a move. (Remember PNAC, anyone?)
Skype's backdoor is reminiscent of antivirus software maker McAfee's post-911 offer to put a backdoor in its customers' software to let in the FBI's "Magic Lantern" trojan. In another similar revelation, a whistleblower reported earlier in the year that Verizon had provided the FBI with a backdoor to its customers' cellular records. New York's Democratic Attorney General Andrew Cuomo recently scored a "success" by pressuring ISPs to shut down a large portion of UseNet because child pornography had been found a a relatively small percentage of the sites.
One irony about all this surveillance was a topic of discussion at the Austrian meeting. The Austrian police admitted that using encrypted communications methods like true VPN would thwart their efforts:
The officials are reported to have made clear that they were well aware that their monitoring plans would only catch the more gauche end of the criminal spectrum. Professionally organised criminals would utilise encryption algorithms that would not allow easy decryption.
It makes one wonder about the real purpose of all this surveillance if even the eavesdroppers realize that it's easy to evade.
