Are you getting Skyped?
Posted by: Jon on 05/21/2013 08:15 AM
[
Comments
]
As you know when you are using Skype, a subsidiary of Microsoft, you have given them the right to read anything that you may write while you are using the service....."Skype may use automated scanning within Instant Messages and SMS to (a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links."
The H's associates at heise Security made a discovery this week that caused somewhat of a controversy when they exposed what seemed to be Microsoft probing URLs that were posted in Skype chats. As the week went on, further research into this behavior unearthed some more facts and raised further questions.
H Secuity reported about a reader who informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. The server indicated a potential replay attack. It turned out that an IP address which traced back to Microsoft had accessed the HTTPS URLs previously transmitted over Skype. Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service.
A spokesman for the company confirmed that it scans messages to filter out spam and phishing websites. This explanation does not appear to fit the facts, however. Spam and phishing sites are not usually found on HTTPS pages. By contrast, Skype leaves the more commonly affected HTTP URLs, containing no information on ownership, untouched. Skype also sends head requests which merely fetches administrative information relating to the server. To check a site for spam or phishing, Skype would need to examine its content.
Interesting point highlighted there, is the reason given the real reason, or are they trying to pull the Skype over our eyes?
The H's associates at heise Security made a discovery this week that caused somewhat of a controversy when they exposed what seemed to be Microsoft probing URLs that were posted in Skype chats. As the week went on, further research into this behavior unearthed some more facts and raised further questions.
H Secuity reported about a reader who informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. The server indicated a potential replay attack. It turned out that an IP address which traced back to Microsoft had accessed the HTTPS URLs previously transmitted over Skype. Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service.
A spokesman for the company confirmed that it scans messages to filter out spam and phishing websites. This explanation does not appear to fit the facts, however. Spam and phishing sites are not usually found on HTTPS pages. By contrast, Skype leaves the more commonly affected HTTP URLs, containing no information on ownership, untouched. Skype also sends head requests which merely fetches administrative information relating to the server. To check a site for spam or phishing, Skype would need to examine its content.
Interesting point highlighted there, is the reason given the real reason, or are they trying to pull the Skype over our eyes?
Comments
