Friday, 4 May 2012

Microsoft changes skype supernodes architecture to support wiretapping

Two months ago, Skype replaces user-hosted P2P supernodes with Linux grsec boxes hosted by Microsoft, but for what?

I found some brilliant and valuable comment about this:
I think wiretapping is one of the big reasons for the rearchitecture. Skype officially claimed they could not comply with wiretapping requests because of the P2P network as late as 2008 (http://news.cnet.com/8301-13578_3-9963028-38.html), and Microsoft was already working on wiretapping VoIP in 2009 (http://blog.tmcnet.com/blog/tom-keating/microsoft-patents-voip-and-skype-wiretapping.asp).
via Hacker News

Answer is: WIRETAPPING

So, think twice.

P.S. M$ talking, that "supernodes don't transit voice traffic" - this is bullshit. They do. In case, where you both behind NAT or in case of authority curiosity.

P.S2. Especially, for Kostya Kortchinsky at post.
Relay nodes take care of those if you can't communicate directly with the other end. There is a mutual exclusivity in that a node can't be a relay and a supernode at the same time.
Can he prove it? No. But, I can. This code, which I wrote in past, will allow for your traffic to flow via supernode(and also relay node): skyrel.c skypush.c

How to deal with AES keys? Not big problem, if you have Skype RSA CA(certificate of authority) private key, which skype/microsoft obviously have.

So, forget about security and anonymity in microsoft-skype.