Skype spyware
Some clever Canadian C.S. researchers noticed that the version of Skype recommended for use in China is actually spyware for the Chinese government. If certain words are typed into the IM client, an encrypted message is sent to a server, which (due to lousy security) displays logs of all the messages intercepted.
It’s not clear why the story broke this week, given that the researchers posted it back in June 2006, and was mentioned in the Financial Times back then. The NY Times version is what is stirring up this week’s attention.
However, the NYT discussion of the political angles obscures the context of the joint venture between Skype (owned by eBay) and Chinese online service provider TOM. One of the researchers involved explains what’s up
What is TOM-Skype and what is the difference between it and Skype?China is not the only government that wants to monitor communications within its borders, but it appears to be the only one that appears to have won a custom version of Skype that includes a ContentFilter.exe spyware program.
If you go to www.skype.com from China, you are redirected to skype.tom.com — so that’s version most Chinese people will use.
In 2004 Skype developed a relationship with TOM Online, a leading wireless provider in China, and announced a joint venture in 2005. Skype and TOM Online produced a special version of the Skype software, known as TOM-Skype, for use in China.
When asked about the spyware, eBay seemed more concerned about the ability of the CS researchers to see the spyware logs than explaining why it is spying on its customers.
No comments:
Post a Comment