Recent changes to Skype’s architecture could allow for wiretapping

Jul 23, 2012 10:01 GMT  ·  By

Skype, the popular VoIP service, has reportedly performed a series of changes to its architecture that would enable it to more easily intercept calls.

The company has long resisted to taking part in online surveillance actions, although many governmental entities have requested that.

In fact, Skype’s encryption and complex peer-to-peer network connections were considered to be almost impossible to intercept, which caused headaches to many agencies. But all that might have changed recently, hackers report.

According to a recent article on ExtremeTech, following the purchase of Skype, Microsoft has moved some of the “supernodes” that create the network (users are seen as “nodes,” but some become “supernodes,” influencing data traffic) to dedicated Linux servers, under its direct control.

By doing so, the company gained the position in which it could easily “wiretap” conversations. In fact, Microsoft is said to be re-working these supernodes to ensure that law enforcement has access to monitoring calls.

The nodes and supernodes in the Skype peer-to-peer network create the connection between users. Thus, data traffic appears between the peers that are having the conversations.

Since Microsoft has been centralizing the Skype supernodes, it would have the possibility to route voice data of the calls through monitored servers, which automatically makes the call unsecure. This approach is similar with a man-in-the-middle attack, the news site notes.

Since Skype has been used lately by a large number of criminals, although it is also part of the lives of ordinary people and business men, law enforcement agencies have been looking to find means to tap into monitoring Skype conversations.

However, Microsoft wouldn’t admit to this. Mark Gillett, Skype’s Corporate VP of Product Engineering & Operations told ExtremeTech that they were merely enhancing the user experience with moving supernodes to their own servers.

“As part of our ongoing commitment to continually improve the Skype user experience, we developed supernodes which can be located on dedicated servers within secure datacenters,” he said.

“This has not changed the underlying nature of Skype’s peer-to-peer (P2P) architecture, in which supernodes simply allow users to find one another (calls do not pass through supernodes). We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.”