Tuesday, May 21, 2013

Skype's ominous link checking: facts and speculation

Skype's ominous link checking: facts and speculation - The H Security: News and Features: "Microsoft should at least document the use of these surveillance techniques and provide users with the option to decline the well-intended security measure.
No further access attempts from Redmond were observed during our latest link-sending tests in Skype. Let's hope that Microsoft has learnt from this debacle and disabled the feature, at least temporarily. This would be a good time to meditate on the problem, think carefully about the costs and benefits of such surveillance features and then contemplate how to implement them properly. Incidentally, similar tests carried out in the Google, Facebook and ICQ chat clients returned no results – which means that no access attempts were registered on the special URLs that were sent via these clients." 'via Blog this'
UPDATE 24/5/13: "There’s no evidence that anyone, human or machine, is reading your confidential messages. There's no evidence that the content of the messages is being examined at all. Automated scanning of some URLs within instant messages isn't the same as "reading everything you write." This is roughly equivalent to what mail servers do when they check the header information on an incoming message to determine whether it's spam. That's a legitimate security function, not an invasion of privacy. You can put that tinfoil hat away, at least for now."

No comments:

Post a Comment