<div><br></div><a href="http://www.pcpro.co.uk/news/security/375169/could-us-cyberspies-have-moles-inside-microsoft">http://www.pcpro.co.uk/news/security/375169/could-us-cyberspies-have-moles-inside-microsoft</a> <div><br>
<br><div class="gmail_quote">On Fri, Apr 20, 2012 at 7:54 AM, JD <span dir="ltr"><<a href="mailto:jdp@algoloma.com" target="_blank">jdp@algoloma.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<snip><br>
<br>
> Security concerns noted and appreciated. While I understand where you're coming<br>
> from, (and each user is different), I don't use Skype for sensitive comms.<br>
> Mainly business stuff between colleagues (and Skype is the standard where I<br>
> work, so I more or less have to use it for that), and talks to my family about<br>
> dull family stuff when I'm away from the house.<br>
><br>
> Given that Skype's data goes through a (large?) number of different routers,<br>
> networks, and such before and after it hits Skype's/MS' servers, worrying about<br>
> MS specifically recording my calls is actually the least of any worries I'd have<br>
> (if I had any to begin with).<br>
><br>
> In short, I'm less concerned about THAT attack vector on my calling since I<br>
> believe there are so many other easier ones*. And the NSA has all my data already.<br>
><br>
<br>
<snip><br>
<br>
Main points about using Skype now that MS owns them was concern over good Linux<br>
platform support. In my use of SisToSip, I learned that most businesses using it<br>
* setup skype on Linux servers<br>
* used an old, now unavailable, version of Skype for the best sound and<br>
stability - v2.0.0.72 (I believe, but this is from memory)<br>
* were extremely concerned that MS would introduce incompatibilities so their 3+<br>
yr old version that doesn't crash and doesn't need to be rebooted weekly/daily<br>
no longer worked<br>
<br>
In my months of using it inside a VM, I ended up having to automatically restart<br>
skype daily so it didn't crash and inbound calls would ring. I also had it setup<br>
to send and receive normal POTS telephone calls. Picking up any regular handset<br>
in my home and using the dialpad to make calls worked ... once I started the<br>
daily reboot and if there wasn't a Skype system-wide outage. Early on it was<br>
often frustrating when the first inbound/outbound call of a day failed until I<br>
killed Skype on the server and restarted it.<br>
<br>
I haven't used Skype much the last year, so perhaps it is better?<br>
<br>
As to whether MS can or will be able to record skype calls ... if they have a<br>
court order and I'm inside the USA, then I don't have any issue. Of course, I<br>
have an expectation of privacy in any form of communication, especially voice,<br>
regardless of the actual technology employed.<br>
<br>
It is when they do it as a favor for any government anywhere or just for fun,<br>
that I'm concerned. I haven't read the methods proposed to record calls by MS. I<br>
thought that if one side of the skype call had an open inbound port, then no<br>
"supernode" was involved in the call, so no 3rd party would be needed after the<br>
initial "what is your IP" was determined. I thought that opening an inbound port<br>
for skype turned the system into a supernode for others to leverage, so this<br>
isn't a perfect solution. Seems that recording would need to happen on one of<br>
the systems involved in the call and transmitted to a remote system.<br>
<br>
I also read that a team had reverse engineered the Skype encryption and released<br>
the code<br>
<a href="http://www.h-online.com/security/news/item/Skype-s-encryption-procedure-partly-exposed-1034577.html" target="_blank">http://www.h-online.com/security/news/item/Skype-s-encryption-procedure-partly-exposed-1034577.html</a><br>
. That doesn't mean the encryption has been cracked.<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>:wq!<br>---------------------------------------------------------------------------<br>Robert L. Harris<br><br>DISCLAIMER:<br> These are MY OPINIONS With Dreams To Be A King,<br>
ALONE. I speak for First One Should Be A Man<br> no-one else. - Manowar<br>
</div>