Is it possible to tap Skype?
Reading the title of this article, of course, you might have asked yourselves this question and we give you the answer right away: yes, it is possible to tap Skype.
But, what is Skype, how does it work and how can it be tapped? Can we trust its encryption system or it’s preferable to use specific apps, such as Crypty Talk?
Here, there are the answers to these questions.
What is Skype
Skype is a computer software, through which it’s possible to send instant messages and make video calls.
Now, in the VoIP communications‘ field, it can boast of having more than 600 millions of registered users, of which almost 40 thousands are active at the same time in every moment, day or night.
At its origin, there’s a very complex and efficient structure, that is based on algorithms, and that permits its users to keep their communications in a free and an efficient way.
The system combines strong encryption and P2P architecture that, in theory, permit to keep the communication immune to tappings.
The latter aspect, in particular, has been soon caught by the criminal organizations from all over the world.
Just think that, in some countries, like Saudi Arabia and India, the government has forced some suppliers to give their own encryption keys of the cryptographic systems used by their products, due to national security reasons.
Otherwise, they would have been cut off commerce.
Skype and tappings
Skype has always refused to be a support for taps, for the law enforcement.
In fact, first of all, it’s not about a registered telephone company, so it’s not obliged to do it; moreover, the nature of the service and the communications that you can have through that software stops the managers themselves to rebuild the traffic.
It’s about a fragmentary traffic, in an unpredictable way, on a complex topology, very ramified and variable, which uses the final users’ clients to convey the traffic and keep tracks of the type of network and the presence of clients.
In 2009, the Eurojust even stepped in, the European agency for the legal cooperation, that wanted to deepen the situation and to find a solution to obviate the technical and legal issues related to the VoIP’s tappings, especially referring to the Skype matter, complying with the national and internationals principles and the rules.
In the last few years, a reverse engineer of Skype expert and researcher, Kostya Kortchinsky, has announced on his blog he has noticed that, in less than a month, the nodes have been decreased significantly, from 48 to 10 thousands, and that these were not selected randomly anymore among the clients, but that they were hosted permanently on the dedicated servers, on the main infrastructure managed by Microsoft.
This has been confirmed by Microsoft through an official release, in which it said that some new dedicated main-nodes have been inserted, in order to improve Skype’s performances.
Nevertheless, it seems that behind this modification of Skype’s structure there might be the intention to finally give Microsoft and, consequently to the USA’s government, the possibility to tap the communications among the users of the software.
Indeed, this structure permits to the manager of Skype to know the communication protocol and the encryption master key and the authentication among the nodes, getting from them the single flows of traffic and making them unencrypted.
Here it’s how the reliability of Skype is now just a far away memory.
Skype is no longer totally safe
It’s easy to guess that, as a consequence of this, Skype is no longer inaccessible, even though it seems to be good only for the FBI and other American intelligence agencies.
But is it really impossible for the others to tap Skype?
No, tapping conversations on Skype is not thoroughly impossible.
Indeed, the end-to-end encryption system needs to be activated by the user when they start a communication, son it’s not set automatically as a predefined setting.
Every time you use Skype’s service, you’ll have to activate the chat or the private call: this way, you’ll be able to protect it from the end-to-end encryption.
Otherwise, calls and messages that you exchange with your interlocutor will be potentially traceable.
Moreover, don’t forget that Skype can be tapped as well by installing dedicated virus on e PC, such as the trojan, through which the hackers or whoever wants to proceed with the tappings, can record your communications during a conversation.
The trojans can overcome the encryption system of Skype’s data, controlling the sound card of a PC and managing to get to the microphone, from long distance as well.
Basically, it’s about doing a tapping of the conversation that the user concerned is having in that moment on Skype.
In addition, it is possible to get back to the conversations by accessing physically to your PC: the police that want to have the content of your Skype’s conversations can make a request to the judge to order the seizure of the PC to bring it for evaluation and access to photos, exchanged files, call and to everything that Skype archives in your device, in a similar way to what you do with the phone records.
So, there are ways to tap Skype’s communications and to overcome its encryption, also for who is not a member of the FBI or the American intelligence.
Alternatives to Skype
So, it appears to be clear that Skype is formally safe, but, basically, it isn’t.
Indeed, as we’ve already seen, the methods to access to the content of the exchanged communications through this are many, even too many for those who want to keep their conversations really private.
Therefore, it’s a non totally safe software.
But what can you do then, in order to have more security and more privacy in your own communications?
The suggestion is to use dedicated apps that, once installed on your device, that allow you to get an efficient encryption system to protect your information and communications, weather if it’s about calls, video calls or messages.
An example is Crypty Talk, a smartphone app by Crypty Secure sagl, that allows to communicate anonymously and safely, without any risk of being tapped.
The app uses a cloud storage thoroughly non traceable: any data don’t get saved nor downloaded on the smartphone , every communication or file transferred stays on the encrypted server, with the possibility of auto-erase after some predefined time for every message.
A safe and efficient alternative against external attempts to access from long distance to the data and against who wants to access physically to the memory of your device.
So, instead of trusting the encryption systems inside softwares like Skype, WhatsApp or Telegram the best solution still is to protect your privacy on your own!