If you use Skype to connect with people in China, you’ll want to check this one out, especially if you use Skype for anything more private than Thanksgiving recipes.

It seems that the version that’s distributed in China, called “TOM-Skype”, is definitely up to no good and any encryption that Skype claims is in use to protect the privacy of Skype users apparently doesn’t count in China.

The EFF reports that “TOM-Skype” monitors the private text conversations of users.  It blocks “sensitive” keywords from chat conversations and it reports the contents of those private text conversations to some remote server in China (presumably operated by the Chinese Government of course.)

There’s some 42 Million people using the compromised TOM-Skype client, and it only takes one side of a conversation to be on a compromised client for the whole thing to be snooped.

The Eff recommends that anyone who wants to chat securely, consider using Off the Record Messaging (OTR) and a different client such as Pidgin, Miranda or Adium.

While OTR can’t stop messages from being snooped, the content of those messages is safe even if the “bad guys” get a copy of it because strong encryption is used in the form of a Diffie-Hellman key exchange, the AES symmetric-key algorithm, and the SHA-1 hash function.  This allows OTR to provides “perfect forward secrecy” and deniable encryption.

Technorati Tags: backdoor, chat, tom-skype, otr, deniable encryption, china, text messaging, forward secrecy, otr messaging, off the record, privacy, security

Be Sociable, Share!
  • Twitter
  • Facebook
  • email
  • Google Reader
If you enjoyed this post, make sure you subscribe to my RSS feed!

Tagged with:

Filed under: CensorshipEncryptionInternetLast DaysOpinionPrivacy

Like this post? Subscribe to my RSS feed and get loads more!