Schneier on Security
A blog covering security and security technology.
« Love Letter to an NSA Agent |
| The Japanese Response to Terrorism »
June 20, 2013
New Details on Skype Eavesdropping
This article, on the cozy relationship between the commercial personal-data industry and the intelligence industry, has new information on the security of Skype.
Skype, the Internet-based calling service, began its own secret program, Project Chess, to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials, according to people briefed on the program who asked not to be named to avoid trouble with the intelligence agencies.
Project Chess, which has never been previously disclosed, was small, limited to fewer than a dozen people inside Skype, and was developed as the company had sometimes contentious talks with the government over legal issues, said one of the people briefed on the project. The project began about five years ago, before most of the company was sold by its parent, eBay, to outside investors in 2009. Microsoft acquired Skype in an $8.5 billion deal that was completed in October 2011.
A Skype executive denied last year in a blog post that recent changes in the way Skype operated were made at the behest of Microsoft to make snooping easier for law enforcement. It appears, however, that Skype figured out how to cooperate with the intelligence community before Microsoft took over the company, according to documents leaked by Edward J. Snowden, a former contractor for the N.S.A. One of the documents about the Prism program made public by Mr. Snowden says Skype joined Prism on Feb. 6, 2011.
Reread that Skype denial from last July, knowing that at the time the company knew that they were giving the NSA access to customer communications. Notice how it is precisely worded to be technically accurate, yet leave the reader with the wrong conclusion. This is where we are with all the tech companies right now; we can't trust their denials, just as we can't trust the NSA -- or the FBI -- when it denies programs, capabilities, or practices.
Back in January, we wondered whom Skype lets spy on their users. Now we know.
Posted on June 20, 2013 at 2:42 PM
• 36 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"precisely worded to be technically accurate, yet leave the reader with the wrong conclusion"
I've been seeing a lot of that lately in the news.
Remember the proverb "Trust, but verify."? It's incomplete and inaccurate. It should be "Verify, so you can trust." To verify,one MUST be able to obtain all relevant information. We cannot, and "national security" means we never will.
Therefore, we cannot trust tHE government and its lackeys, including large corporations. QED
It seems clear to me that the restructuring of Skype's network (no longer purely peer-to-peer) has made two major changes in respect to privacy.
1. The first is that with respect to all its services, a detailed record of who is communicating with whom is now kept, and clearly it is being shared. Before Microsoft, back when Skype was purely a peer-to-peer service, I don't believe they kept those records except in the aggregate.
2. The second is that with respect to text communication, it now appears that a copy is retained on Skype servers... because this is the way they can guarantee delivery to those that are offline at the time text is sent. I still don't think Skype is retaining a copy of the encryption keys, but the very fact that they could potentially hand over a copy of the encrypted text is alarming. Nobody knows how well encrypted it is because Skype has kept that a secret.
Wouldn't it be more likely that these companies indeed knew nothing about this monitoring? What prevents the NSA from going to these companies' providers (ISPs) and tapping their communications? This is the theory posited by Steve Gibson and it makes sense from a technical and practical standpoint. Steve makes the inference that PRISM == fiber tap. Makes sense, doesn't it?
"Some commentators have suggested that Skype has stopped protecting its users’ communications.
Sure, we never did.
This Skype leak says otherwise. As does the exposure quoted in the earlier article that telecoms are giving the us government offshore access to get around onshore laws. And other disclosures.
The government likely does not tell them everything.
I would be surprised if executives have not also okayd on site teams doing who knows what.
They are probably terrified to talk... because prism is just the tip of the iceberg.
US Senator/Congressman to NSA: "DOES the NSA have the capability listen to phone calls or read emails at the flick of a switch?".
NSA: "NO SIR - Absolutely Not!". It's actually a clickable button on a menu screen, not a switch at all.
"Reread that Skype denial from last July, knowing that at the time the company knew that they were giving the NSA access to customer communications. Notice how it is precisely worded to be technically accurate, yet leave the reader with the wrong conclusion. This is where we are with all the tech companies right now; we can't trust their denials, just as we can't trust the NSA -- or the FBI -- when it denies programs, capabilities, or practices."
Precisely. I'm sure the numbers offered to the public by the various service providers conveniently leave out any data recorded for later use but not specifically requested.
--I think your latest book about "trust" is all too relevant now. I would nitpick your statements that people don't choose to trust where their foods from, will the building crash on them, are their devices all backdoored; they don't have the time to verify their entire life to the freakish degree that is required now and the duopolies and monopolies being formed don't give people the choice to not "trust". It's just dark, there's no getting around that.
My prediction is that eventually there won't be much useful information worth spying on, b/c everyone will be too busy spying and taking evasive action; and why would someone want to work hard on real science when it can just be stolen?
What is "lying", then? They apparently are practitioners in the art of lying while telling the truth.
Surely, there are good reasons why Keith Alexander is pestering Congress for a new law which would provide blanket immunity for companies helping the NSA collect data on everyone.
Those who are surprised by this new revelation, please raise your hand.
The surveillance state has failed. It started with this video: https://www.youtube.com/watch?v=2DmN80yi5mo
Tice may be legit. He told us what Snowden told us years ago but was fired by the NSA. He was a serial whistleblower but sometime good people are.
That morphed into a story today that Obama used blackmail via the spying to blackmail Roberts to keep healthcare.
On top of that, our journalists are afraid to report anything, numerous stories on the AP reporters being muzzled. Other journalists afraid to report. The fourth estate is muzzled.
Therre are also stories of wars between NSA and CIA floating around.
Most of this fueled by the fact that the surveillance state is now known. Can you imagine living under this kind of hysteria from now on? Not to mention what could be done as Daniel Ellsberg describes:
Say Kaput to the program. Or I sure hope so.
I started noseyparkerunit on twitter a couple of weeks ago because my grandfather had lost his (our) family to the Stasi closing the curtain. He had emigrated in the early 1900s with his socialist father, but the family stayed behind. But they were sucessful here and stayed. Mademany visits overseas to Holland and Germany as great-grandfather was a commercial florist, having been an orphan. Long story about him sewing chocolates and cigarettes in coats before the curtain felll to get them a form of currency. But he lost them to the Stasi and would never discuss it after that.
So it's personal to me.
Yesterday many German legislators were blasting the program as Stasi like or worse than Stasi. There is talk of building a fortress around Europe to avoid it.
If it survives I'll be surprised. But I won't want to live here and will get out if I can figure out a way. I won't live under a Stasi.
Here;s the Tice story so you can read it instead of listening.
It did make it to Fox, don't know how far else mainstream. A few mainstream sites mentioned the last part about spying on Obama the Senator.
In the past we knew that Skype point-to-point video and audio went directly between the two communicating nodes due to bandwidth considerations, aided by NAT traversal as needed, and was encrypted. Now that Microsoft has added super-nodes into its data centers, and has control over the Skype software, one cannot help but imagine how easy it would be to instruct the communicating nodes to silently disable that encryption AND communicate via a Microsoft super-node, where both sides of the in-the-clear conversation can be saved off without anybody the wiser.
"Back in January, we wondered whom Skype lets spy on their users. Now we know."
Bruce, lets get honest. Users who click through EULA documents without reading them "let" people "spy" on them all day every day.
None of these services even begin to guarantee user privacy. Acting surprised after the fact when a free service doesn't deliver something it never offered you in the first place...really?
You know better. This whole thing is a cultural issue caused by the dissonance generated between lazy users and disingenuous marketing schema.
Whether those users are voters or skypers, the marketing tricks are the same, and the laziness is just as pervasive.
People want someone to blame for "all of this" so they can whine until it's fixed...they need to find three things: A mirror, a civics teacher, and some motivation.
@noseyparkerunit: Yes, the German legislators are blasting the program. They want to be reelected in September. However our interior minister is defending it. It's convenient...the U.S. has been feeding the German government information it could never get in a constitutional way (our Supreme Court [Bundesverfassungsgericht] is still doing its job) probably for years. So I am sure that whatever protections they are talking about, they will make sure they are inefficient.
So if any information should be kept secret, it is us who have to make sure it keeps that way (end-to-end encryption; no cloud storage; be careful what information you share on Facebook etc.)
Great interview :
3 NSA veterans speak out on whistle-blower: We told you so
I think many of us have suspected this for years. To the point really that we would be surprised if this were not the case.
free browsers, e/mail and cloud data. ok, who's paying for all this and why ?
I've often wondered if hacking really is not just a game of Whac-a-Mole: "whenever one door closes another one will open". The hackers of course would not be in on this. But alas, there are no secrets on the Internet.
'Bruce, lets get honest. Users who click through EULA documents without reading them "let" people "spy" on them all day every day.'
Shame on everyone for not reading extremely obtusely written EULA agreements that go on frequently for many pages? When we often are trying to get something done when installing it? And every application has these, no matter how trivial the application is?
I think you are correct, there is kind of a game being played here. Probably everyone on here has always acted under the assumption that the US Government is spying on everything. (Which the Snowden disclosures may hint out but do not prove.)
But what are our other suspicions? Are those all true, too? Is the US Government spying on everything? Are they somehow recording all phone calls? (I am not sure if they need to.) Or maybe all phone calls of anyone outside the norm?
Did everyone think that the US Government was archiving all encrypted emails, as yesterday's disclosure shows?
Probably everyone suspect the US was doing spying on China, but where does that stop? Is the US behind a lot of these Chinese attacks? Could they be posing as China while hacking US institutions to have plausible deniability and play China off?
Did they sabotage Patraeus and Clinton, and many of these other leaders? Are they running a new and expanded cointelpro program?
If they spied on Obama when he was a senator, is there a senator they do not spy on? Did they reach an agreement with Obama?
Leaving the conclusive evidence, things can get murky and deep into theory land.
I just wonder if Skype and Voip calls are included in the volume calculations for total surveillance:
Also, in this case the agencies would have access not only to the US based calls but all the global traffic conducted through skype, which would be several times larger than the US only data ...
[on Russ Tice new disclosures, intel has been long spying illegally on senators and other leaders, including that they spied on Obama when he was a senator. http://www.theblaze.com/stories/2013/06/20/... ]
Very good. That is what I have been suspecting they have been doing. Nice to see someone come out and say it.
I also believe that is the immediate danger of this surveillance over America infrastructure they have set up.
They have a few choices with Tice. They could ignore him while working a sabotage campaign against him. They could target him for cointelpro/kgb style harassment. Or they could seize him and press charges, declaring him a grievous traitor.
Problem with seizing him and declaring him a grievous traitor is they would incidentally be confirming everything he is saying. Which he did not get proof of, as Snowden did.
Also, what he knew would be in smaller, much more tightly controlled hands. What Snowden is posting a great many people knew about.
I sure hope he has someone up there watching after him. Because that is really stiring the hornet's nest. That picks right at the heart of a lot of power hungry sociopaths who have no conscience.
"So it's personal to me.
Yesterday many German legislators were blasting the program as Stasi like or worse than Stasi. There is talk of building a fortress around Europe to avoid it.
If it survives I'll be surprised. But I won't want to live here and will get out if I can figure out a way. I won't live under a Stasi."
Probably just get out your popcorn, put on a bullet proof vest, and watch the show. :-)
There are a lot of good elements in the US, despite these betrayals. Probably the majority of the people working for the US Government are in some way true believers. They believe in the constitution, in the rights of man. Their initial reaction may be "it is all lies".
It will sink in.
They may turn this into a full fledged police state. If they do, it will be far worse then anything this poor planet has ever had to shoulder before.
But, do you really believe it would last for long? I would reckon just long enough for people to be shown up for who they are and what stuff makes them. All facades blown apart.
Civilization would be rebuilt on the ruins, and the faces of those who did these things and supported them will live forever in infamy as a dear reminder and warning of what we came from.
"Remember the proverb "Trust, but verify."? It's incomplete and inaccurate. It should be "Verify, so you can trust." To verify,one MUST be able to obtain all relevant information".
Good point! It just describes two steps of relationship (whatever they are: B2B, P2G, P2B, P2P, G2G: - p-person, g-gov, b-business). I guess asking for blind trust upfront is counterintuitive and not reasonable. GK's part:
"Verify, so you can trust." applies for the first step.
When relationship of trust is already established, then on second step:
"Trust, but verify" is in charge. When counterpart is even good, trust intentions, but verify actions regardless. But my main point is that in any type of relationship (see above) and on any step, trust is (for God sake) TWO way street with balanced rights and ability of both sides to "be able to obtain all relevant information" about other side's intentions, actions, etc.
"Shame on everyone for not reading extremely obtusely written EULA agreements that go on frequently for many pages? When we often are trying to get something done when installing it? And every application has these, no matter how trivial the application is?"
Shame on "everyone" for using systems without making an effort to find out what the conditions of that use are, and then complaining afterwards, that the conditions didn't suit them, yes.
"...Probably everyone on here has always acted under the assumption that the US Government is spying on everything..."
Which is what blows my mind, given the recent reaction to these stories. If you're a member of a participatory democratic republic, and you think your government is doing something you don't agree with, your obligation is to engage and work to change the system.
The system in the US is designed to be run by the people. When the people slouch off collectively to eat nachos and watch television instead, someone(thing) has to fill the vacuum and run the system.
We're governed by the equivalent of an EULA; it called the legal system. We've been clicking "agree" on our own government for decades because it's obtusely written and goes on for many pages. Obviously people seem to be pretty upset right now about where that has gotten them...want to make a small wager on how they react in the long term?
My money is on more nachos and television.
EULA is not written for regular user with purpose of understanding by end user, but by and for legal team of provider to leave zero chance for end user ever win any dispute in the court of law or even prevent get to the court by mandatory arbitration, waiver of class action rights, etc.
Could anything be done to change that?
Yes. Example: recent requirements (sometimes government action may be useful for common people ) for credit card companies to provide short and in plain English term of usage.
As soon as any legal binding agreement is targeting average consumer (I am not talking about merger an aquisition when each side has powerful legal team on its side), terms of usage should have level of understanding of high school graduate.
No expectation that Big Business ever accept such idea by self-regulation.
Uncle Sam, that is your call as you did good with credit companies/sharks!
"...Uncle Sam, that is your call..."
There is no "uncle sam". There are US citizens, who can choose to run their country, or choose to allow someone else (corporate "persons") to do it for them while they play xbox and tweet lolcats at each other.
These sorts of misleading statements need a name. Something like "true lie" - a technically true but effectively unimportant fact intended to obscure a more meaningful truth.
--I wasted around 4-5 years of my life trying what you describe. Basically it got me on a *do not hire* list. As more and more graduates from college graduate and find out there's *maybe* a 32k a year job waiting for you (with about maybe 25-50k student loan debt); while old-fart McGeezer continues to not do any work and collect off your work; then there will be change.
If I can't get an engineering job in the next few years I'm going to have more time to sit around and hack; and if I'm homeless I will find a home to stay in, the hard way.
I work for a company which uses webex pretty heavily, and the question that comes to my mind is "is webex doing this (or being forced to do this) also"?
@ Works for...,
"is webex doing this (or being forced to do this) also"?
Does it matter?, after all even if they are currently not and even if they issue denials, then the the chances are they either are or will be in the future --due to legislation secret or otherwise-- and in the meanwhile are having some point in their network being monitored to that effect any way with or without their knowledge.
There are ways that someone who is appropriatly technicaly knowledgable can sit on your wire and watch the packets size and where they go to (not just during but considerably after you activly use such a software package). From this they can work out information flows and bandwidth even it the packet contents are encrypted as a modern form of traffic analysis. Which could raise a red flag, but not lower one.
The problem of course is that the minimum amount of information required to compleatly break a communications link is the end point info and any encryption key, all of which would fit comfortably inside a single IP packet. This packet could be sent at any point in time during or after you using the package. It does not even have to be sent to a different end point provided it is marked in some way or in a known position within the communications.
So yes you can find things to make you suspicious with any communications package, but conversley you can not find things to reduce any suspicions you might have.
Even if you write a software package yourself you will almost certainly write it using somebody elses code library and to somebody elses specification / protocol.
As I've noted many times on this and other blogs in the past it's known that at one point all publicaly available encryption libraries for using AES on PC architecture systems had side channels that would enable the AES key to be easily found if used in "online mode" of opperating (The NSA only certifies it for "data at rest" or "offline mode" usage in their IME hardware which is a very big red flag).
Likewise I've said again on this and other blogs fairly repeatedly that the NSA is not realy into classical cryptoanalysis for code breaking any longer, that's a game that kind of stopped in the 1980's. They had moved into ensuring "fixed plaintext" and "Side Channels". They have since moved into other areas such as "fixing standards and protocols" and playing in weaking other areas.
For instance I've repeatedly warned for many years now about the generation of random numbers for encryption Keying Material (KeyMat). It is increadibly easy to get wrong and we have seen research that shows it's a very very furtile place to play. Because it does not matter how good your crypto algorithms are if the keys and nonces ("numbers used once" and relied on for security proofs) you use are predictable due to a poor random number generator.
Also the way the NSA works is not the way you think, they don't target individuals and try to break their communications except under exceptional circumstances. They hover up everybodies comms and use various techniques to crack the 20% or so of easy stuff which when alied with "human error" accidental and deliberate gives anything up to 80% of usefull information in the longterm.
What do I mean by "accidental or deliberate" when it comes to human error... Well it's all to do with plaintext. There are generaly two types tallked about in publicaly available cryptoanalysis texts "known plaintexts" and all others, the reality is in practical cryptography "known plaintexts" are a smaller subset of "assumed plaintexts". Thus the reality is "random plaintexts" for which nothing can be assumed and "assumed plaintexts" for which some kind of content or structural discriminator can be used to distinquish between random and non random plain texts.
In the past such structural and content discriminators were based around language redundancy and standard form of communications such as Date, Time, To, From, Network, Subject and other standard fields.
They obviously still exist but pale in comparison with modern "File Format" and WYSIWYG meta data. With the likes of MS office and Adobe PDF etc files has vast quantities of known plaintext at known offsets.
But it get's worse have you ever thought about the "undo" function and the how and where of it's storage and all sorts of other meta data stored in files that you cannot see including the "unique identifiers" the likes of MS and others have chosen to put in files for author PC "identification and attribution" dressed up as "content protection". Even the TLA's appear to have been caught out by this and we occasionly get to hear of "redacting-errors" well it's not just redacting which causes these errors. It's why my standing advice to anyone having to supply copies of documents is "PAPER Paper NEVER DATA". And if you are forced to produce electronic form "print them out and scan them back in on clean PC hardware and send the documents as simple striped image files". That way you don't send out information hidden in the complex file format the likes of MS and the NSA et al and those corperate shysters calling for "electronic disclosure" just love.
Oh and there is another game in town that people tend not to talk about but realy realy should and that's "fall back". As we know the likes of the much used and abused SSL protocol are full of "protocol / Standards" level side channels and the use of now depreciated encryption algorithms hashes etc. Now have you ever thought about what happens with software packages and the designers of them?
Well you need to remember "backwards compatability" and "ease of user use", this causes not only all the depreciated stuff to be included but also a near invisible (to the user) "fallback" to use them to ensure that the user gets the connection established. This "fallback" occurs due to something politely refered to as "the negotiation phase" that happens before the protocol proper is used. Sadly whilst accademic and other non NSA type researchers go looking for problems in the protocols proper examining the negotion stage protocols is not "sexy", whilst the TLA NSA and LEO types view them as rich pickings for targeted attacks.
Why because the negotiation phase is very difficult to "Armour" against either evesdroping or Man In the Middle (MITM) attacks, unless you plan to do so from day zero. The dificulty is such that so much so many consider it impossible if "backwards compatability" is to be maintained (which is a good argument for dropping full backwards compatability once and for all).
This problem is so bad I've actually demonstrated a few years ago a MITM attack on an encrypting software package for communications across serial comms such as modems where the MITM attack forced the comms into the lowest compatible format of unencrypted ASCII plain text, all without telling the user this is what it had done....
Most communications applications have a mode of operation that used to be called "Engineering Order Wire" or EOW which was just plain text. Software developers have the same only they would call it some kind of "test mode" and like as not it does not appear in the user interface or user manuals and it gets left in "just in case" in the release version of software. And guess what even when it does not some company like Carrier-IQ comes along and adds other software that does an "end run" arround all the other applications so that "support can be given to users and developers"....
With that going on the likes of the NSA just get a free ride...
Whilst I and others have been saying this for quite some time people live in their own world and don't take it on board untill they find out. Either the hard way or somebody who works for the likes of these organisations becomes a whistelblower in a sufficiently public way. One of the reasons he is now called Barrack "the control freek" Obama is his attitude to whistleblowers well, from some of the revelations so far it appears that as Shakespear had it "the good that men do is oft intered with their bones, the bad lives on! So let it be with Ceaser". But in Obamas case he has hidden away so much bad that he has done as highly clasified secrrets which is starting to come out that any good he might have done will be forgoton before the end of his term and the chances are good he will become so vilified that a new word such as Obamaradering will enter the dictionaries as his epitaphe, see Gerrymandering for a milder version or the getting slightly nearer Rachmanism (named after Peter Rachman a close associate of the violent and criminal underworld Cray Twins).
"The system in the US is designed to be run by the people. When the people slouch off collectively to eat nachos and watch television instead, someone(thing) has to fill the vacuum and run the system. "
"My money is on more nachos and television."
People can not really do much but that. I do believe it is important that people educate themselves and think these matters up. I believe it is important they make the right judgments in their hearts. And they should not be afraid of having strong emotions on situations they can not do anything about -- if those strong emotions are right.
That is, maybe people sense there is profound motive, forces they do not completely understand, that they may have to align with in order to go that direction. And maybe that scares them.
There are definitely the hallmarks of powerful, incomprehensible forces at work behind the creation of this tyrannical empire infrastructure foundation which is being built.
What kind of people would just throw themselves into the winds of change like that?
They might just end up working as blind, emotionally charged servants of powers they do not understand.
Media, I think, people can underestimate the influence of that, the power of it. I can certainly understand why some nations believe that there is some ominious intelligence agency behind "Hollywood".
In North Korea, they have a serious problem, because they have a flooding of outside media into their nation which depicts nations like South Korea and the United States as entirely different from what their government tells them.
They are acting like any totalitarian system, or cultic system, they want - above all - to avoid such media contamination.
Even worse is when the message is not directly said, but shown. Implied and proven by being shown at the same time, where people come to their own, invariable conclusions... which awaken their resistance to the Regime in a way that they can no longer doubt nor contest.
Point is: have the motive, the faith first, and action will follow. Invariably. Be that as a leaker, be that as a pundit, be that as a designer of open source security software, be that as "just an artist".
What action everyone should avoid is taking the law into their own hands, which I believe is what these governments are doing.
Also, while you can go to protests, or other obvious forms of expression... you do not need to do this to express your self.
Motive, confidence comes first, then naturally from that springs message.
No motive, no belief, no action.
Not the other way around.
Maybe all anyone can do is: Make sure your seatbelts are firmly buckled, ensure your bullet proof vest is on, check your coke and popcorn... and enjoy the ride?
It is going to get bumpy.
I've wondered off and on about the secure communications being compromised by those protocol headers and fixed plaintext file format issues you mention. Now that you are validating my suspicions, I'm inclined to wonder the implications for what is most often (mis?)marketed as "secure data at rest", ie "whole disk encryption".
First, the obvious: whole disk encryption by necessity has to encrypt the contents of known plaintexts such as the filesystem format itself (as well as all those known-text OS files!) But let's say that one deals with that.
Second, reading your post, I find myself wondering how much traffic an adversary would have to sniff from one's network connection to a whole-disk-encrypted laptop before the metadata from those communications pollutes the "data at rest" with sufficent plaintexts (cache files, log entries, downloaded content itself, etc) to render the entire drive decryptable even when subsequently removed from the network.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.