<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
En fin....<br>
<div class="moz-forward-container"><br>
<br>
-------- Original Message --------
<table class="moz-email-headers-table" border="0" cellpadding="0"
cellspacing="0">
<tbody>
<tr>
<th nowrap="nowrap" valign="BASELINE" align="RIGHT">Subject:
</th>
<td>Think your Skype messages get end-to-end encryption?
Think again</td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE" align="RIGHT">Date: </th>
<td>Mon, 20 May 2013 16:17:01 +0000</td>
</tr>
<tr>
<th nowrap="nowrap" valign="BASELINE" align="RIGHT">From: </th>
<td><Dan Goodin></td>
</tr>
</tbody>
</table>
<br>
<br>
<title>Think your Skype messages get end-to-end encryption? Think
agai</title>
<div id="rss-wrap">
<p>If you think the private messages you send over Skype are
protected by end-to-end encryption, think again. The
Microsoft-owned service regularly scans message contents for
signs of fraud, and company managers may log the results
indefinitely, Ars has confirmed. And this can only happen if
Microsoft can convert the messages into human-readable form at
will.</p>
<p>With the help of independent privacy and security researcher
<a moz-do-not-send="true"
href="http://ashkansoltani.org/bio.html">Ashkan Soltani</a>,
Ars used Skype to send four Web links that were created solely
for purposes of this article. Two of them were never clicked
on, but the other two—one beginning in HTTP link and the other
HTTPS—were accessed by a machine at 65.52.100.214, an <a
moz-do-not-send="true"
href="http://www.whois.net/ip-address-lookup/65.52.100.214">IP
address belonging to Microsoft</a>. For those interested in
the technical details, the log line looked like this:</p>
<pre>'65.52.100.214 - - [16/May/2013 11:30:10] "HEAD /index.html?test_never_clicked HTTP/1.1" 200 -'</pre>
<p>The results—which were similar but not identical to those <a
moz-do-not-send="true"
href="http://www.h-online.com/security/news/item/Skype-with-care-Microsoft-is-reading-everything-you-write-1862870.html">reported
last week</a> by The H Security—prove conclusively that
Microsoft not only has ability to peer at the plaintext sent
from one Skype user to another, but that the company regularly
flexes that monitoring muscle.</p>
</div>
<p><a moz-do-not-send="true"
href="http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/#p3">Read
9 remaining paragraphs</a> | <a moz-do-not-send="true"
href="http://arstechnica.com/security/2013/05/think-your-skype-messages-get-end-to-end-encryption-think-again/?comments=1">Comments</a></p>
<img moz-do-not-send="true"
src="http://feeds.feedburner.com/%7Er/arstechnica/security/%7E4/MH16QwCHd5M"
width="1" height="1"> <br>
<pre class="moz-signature" cols="72">--
Fernando Gont
e-mail: <a class="moz-txt-link-abbreviated" href="mailto:fernando@gont.com.ar">fernando@gont.com.ar</a> || <a class="moz-txt-link-abbreviated" href="mailto:fgont@si6networks.com">fgont@si6networks.com</a>
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
</pre>
<br>
</div>
<br>
</body>
</html>