Eurojust, which is “an EU body with a view to reinforcing the fight against serious organized crime” (at least no mention of WMDs in the official description), is about to “find a way” to wiretap Skype computer-to-computer calls.
Oh my, privacy! But wait…
According to WP, Skype employs a so-called Advanced Encryption Standart (AES) which is used in both textual conversations (chats) and phone calls. It’s AES-256 (read: theoretically unbreakable). The Standart works by issuing two keys: one is called public, the other one is private. Data (text, audio, …) encrypted with a public key can only be deciphered by having a private one, and vice versa. Also, it is impossible to find out what the private key is by only knowing the public key. Yes, that’s serious business.
Also, it’s worth mentioning that Skype is different from other instant messaging networks (i.e. MSN) as Skype network is decentralized and based on peer-to-peer (P2P) connections. This means that there is no such single server that would receive all the user calls and conversations.
Imagine a post office; when you send a letter my snail-mail, you have to put it in an envelope and get it to the PO box; then, the post organization in your country collects all the letters from the boxes they own and forwards them to the addressees. But that’s MSN. Skype is more like a, dunno, manually driving to your friend’s house with a letter so you can directly pass it to him/her:
Left: centralized IM network (i.e. MSN); right: decentralized IM (i.e. Skype)
The problem with an Eurojust’s idea to intercept Skype communications (or maybe with Eurojust itself) is that there is technically no way how they can do that. If I’m A and the person I’m calling to is B, then my computer (or any other Skype-enabled device I’m using) encrypts my voice with B’s public key, and only B can then decipher it. All they can get by wiretapping somewhere in between our chitchat is AES-256 encrypted data, and no, putting a billion Euros on decent deciphering hardware wouldn’t work - it could still take up to three octillion (that’s number ‘3′ and 48 zeroes) years to do a single message. Forcibly breaking into Skype Technologies offices in Tallin, Estonia wouldn’t help much either - all Skype servers know about is who and when logs in or logs out.
So, my message to Eurojust:
HAHAHAHAHAHAHA GOOD LUCK!
No war to fight today, just stupidity. Good night.
(via EUobserver)
(29 votes, average: 3.72 out of 5)
Loading ...
You are missing a big point when you say that EuroJust has to break a password. Don’t you think that Skype is willing to collaborate in fighting back international terrorist ? They will gladly share certain data with such a good guys(and influential) like Eurojust.
Just to share some information..
Eurojust coordinates internet telephony investigations
EUROJUST: “The Hague, 20 February 2009
Eurojust coordinates internet telephony investigations
Ms Carmen Manfredda, acting National Member for Italy, will take the lead in coordinating a Europe-wide investigation on internet telephony (VoIP).
At the request of Direzione Nazionale Antimafia in Rome, the Italian Desk at Eurojust will play a key role in the coordination and cooperation of the investigations on the use of internet telephony systems (VoIP), such as ‘Skype’. Eurojust will be available to assist all European law enforcement and prosecution authorities in the Member States. The purpose of Eurojust’s coordination role is to overcome the technical and judicial obstacles to the interception of internet telephony systems, taking into account the various data protection rules and civil rights.
Just wasting some time on Digg and I found your entry. Not typically what I like to read about, but it was certainly worth my time. Thanks.
I have long been making use of my rtx dualphone 3088 for quite some time now and I have to say you’ll find it a really chief bit of kit. see … this page