[LACNIC/Seguridad] Fwd: Think your Skype messages get end-to-end encryption? Think again

Fernando Gont fernando en gont.com.ar
Lun Mayo 20 23:03:23 BRT 2013 

En fin....


-------- Original Message --------
Subject: 	Think your Skype messages get end-to-end encryption? Think again
Date: 	Mon, 20 May 2013 16:17:01 +0000
From: 	<Dan Goodin>



Think your Skype messages get end-to-end encryption? Think agai

If you think the private messages you send over Skype are protected by
end-to-end encryption, think again. The Microsoft-owned service
regularly scans message contents for signs of fraud, and company
managers may log the results indefinitely, Ars has confirmed. And this
can only happen if Microsoft can convert the messages into
human-readable form at will.

With the help of independent privacy and security researcher Ashkan
Soltani <http://ashkansoltani.org/bio.html>, Ars used Skype to send four
Web links that were created solely for purposes of this article. Two of
them were never clicked on, but the other two—one beginning in HTTP link
and the other HTTPS—were accessed by a machine at 65.52.100.214, an IP
address belonging to Microsoft
<http://www.whois.net/ip-address-lookup/65.52.100.214>. For those
interested in the technical details, the log line looked like this:

'65.52.100.214 - - [16/May/2013 11:30:10] "HEAD /index.html?test_never_clicked HTTP/1.1" 200 -'

The results—which were similar but not identical to those reported last
week
<http://www.h-online.com/security/news/item/Skype-with-care-Microsoft-is-reading-everything-you-write-1862870.html>
by The H Security—prove conclusively that Microsoft not only has ability
to peer at the plaintext sent from one Skype user to another, but that
the company regularly flexes that monitoring muscle.

Read 9 remaining paragraphs
<http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/#p3>
| Comments
<http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/?comments=1>


-- 
Fernando Gont
e-mail: fernando en gont.com.ar || fgont en si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1





------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/seguridad/attachments/20130520/c990fca4/attachment.html>

Más información sobre la lista de distribución Seguridad