24 May 2013

Microsoft decrypts Skype comms to detect malicious links

.. Several independent researchers including security consultant Ashkan Soltani who was hired by Ars Technica confirmed that some of the URLs contained in chats were, indeed, accessed from an IP address belonging to Microsoft...

..encrypted communication must be decrypted in order for the links to be scanned, and according to its Privacy Policy, Skype can record and retain links and other content sent over Skype.

"There's a widely held belief—even among security professionals, journalists, and human rights activists—that Skype somehow offers end-to-end encryption, meaning communications are encrypted by one user, transmitted over the wire, and then decrypted only when they reach the other party and are fully under that party's control. This is clearly not the case if Microsoft has the ability to read URLs transmitted back and forth," points out Ars Technica's Dan Goodin.

Click here to read more

No comments:

Post a Comment