China Spies on Skype Users
China Spies on Skype Users
A group of Canadian researchers
has discovered that a Chinese version of
the communications software Skype is being used to filter and record text
chats that include politically charged words, such as "democracy", "Tibet"
and "Communist Party". The finding by Citizen Lab, a University of Toronto
research group that focuses on politics and the Internet, has provoked
outcry among free expression and privacy advocates.
Skype, used to make telephone calls and send
instant messages over the
Internet, is widely touted by activists and dissidents as a safe way to
communicate sensitive information. Skype routes calls and chats between
computers over the Internet, avoiding phone networks. The company itself
advertises secure end-to-end encryption.
But the eBay-owned firm was made to apologise
last week after Citizen Lab
revealed that its Chinese partner TOM-Skype not only scans text chats for
sensitive keywords and blocks those messages from reaching their
destination - which Skype had admitted earlier, but also stores them along
with millions of personal user records on computers that could easily be
accessed by anybody.
"It was our understanding that it was not TOM's
protocol to upload and
store chat messages with certain keywords," Josh Silverman, Skype's
president, wrote on a blog last week. "And we are now inquiring with TOM to
find out why the protocol changed." TOM-Skype is a joint venture between
eBay and the Hong Kong based TOM Group.
Nart Villeneuve, the author of the report, found
that he was able to view,
download and archive more than a million stored messages that identify
users, ranging from business transactions to political correspondence.
wasn't just TOM-Skype users who were affected. Any Skype
communicated with a TOM-Skype user was vulnerable, according to the report.
And it didn't appear that keywords were the only trigger. Other factors,
possibly individual usernames, might have been used to catalogue data.
Skype maintains that its
computer-to-computer voice calls are not affected
and are completely secure.
"This is a wake up call to everyone who
has ever put their (blind) faith in
the assurances offered up by network intermediaries like Skype.
Declarations and privacy policies are no substitute for the type of due
diligence that the research put forth here represents," says the report.
researchers said they did not know who was operating the
system, but they said they suspected that it was the Chinese wireless firm,
possibly with cooperation from Chinese police.
The discovery draws more attention to
the Chinese government's Internet
monitoring and filtering efforts, which created controversy this summer
during the Beijing Olympics. According to "The New York Times", researchers
in China have estimated that 30,000 or more "Internet police" monitor
online traffic, websites and blogs for political and other offending
The Chinese government is not alone
in its Internet surveillance efforts.
In 2005, "The New York Times" reported that the National Security Agency
was monitoring large volumes of telephone and Internet communications
flowing into and out of the United States as part of the eavesdropping
programme, intended to hunt for evidence of terrorist activity, that
President Bush approved after the 11 September attacks.
Other U.S. companies have been caught up in
controversy after cooperating
with Chinese officials. Yahoo! has been widely criticised for helping the
Chinese authorities identify Shi Tao, a reporter accused of leaking state
secrets. He was sentenced to 10 years in prison in 2005. The company said
it was following Chinese law.