{"id":1583,"date":"2013-05-31T20:13:40","date_gmt":"2013-05-31T17:13:40","guid":{"rendered":"http:\/\/www.gatchev.info\/blog\/?p=1583"},"modified":"2013-05-31T20:15:16","modified_gmt":"2013-05-31T17:15:16","slug":"microsoft-cant-be-trusted-with-skype","status":"publish","type":"post","link":"http:\/\/www.gatchev.info\/blog\/?p=1583","title":{"rendered":"Microsoft can\u2019t be trusted with Skype"},"content":{"rendered":"<p>(Shamelessly stolen from <a href=\"http:\/\/fossforce.com\/2013\/05\/microsoft-snoops-in-skype-dissed-by-hp-more\/\" target=\"_blank\">fossforce.com<\/a>.)<\/p>\n<p>Just because the OEMs aren\u2019t afraid of Redmond any longer doesn\u2019t mean we shouldn\u2019t be. We weren\u2019t surprised at all, this week, when H Online reported that Microsoft has been playing fast and loose with our privacy on Skype. We don\u2019t use Skype here at FOSS Force, but evidently when you sign their user agreement, you let them read everything you write. It appears Skype\u2019s EULA is a little like your Miranda rights. What you say can and will be used against you.<\/p>\n<p>From the H-Open report:<\/p>\n<p>\u201cA reader informed heise Security that he had observed some unusual network traffic following a Skype instant messaging conversation. The server indicated a potential replay attack. It turned out that an IP address which traced back to Microsoft had accessed the HTTPS URLs previously transmitted over Skype. Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service. A few hours after their Skype messages, they observed the following in the server log:<\/p>\n<p>\u201c65.52.100.214 \u2013 &#8211; [30\/Apr\/2013:19:28:32 +0200]<br \/>\n\u2018HEAD \/\u2026\/login.html?user=tbtest&amp;password=geheim HTTP\/1.1\u2032<\/p>\n<p>\u201cThey too had received visits to each of the HTTPS URLs transmitted over Skype from an IP address registered to Microsoft in Redmond. URLs pointing to encrypted web pages frequently contain unique session data or other confidential information\u2026 In visiting these pages, Microsoft made use of both the login information and the specially created URL for a private cloud-based file-sharing service.\u201d<\/p>\n<p>That being the case, we must concur with H-Open\u2019s and heise Security\u2019s assertion that all users of Skype should assume this could happen to them too. In other words, when you\u2019re using Skype, figure you\u2019re on a party line. Better yet, figure everything you do is being routed through the U.S. Department of Homeland Security.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Shamelessly stolen from fossforce.com.) Just because the OEMs aren\u2019t afraid of Redmond any longer doesn\u2019t mean we shouldn\u2019t be. We weren\u2019t surprised at all, this week, when H Online reported that Microsoft has been playing fast and loose with our privacy on Skype. We don\u2019t use Skype here at FOSS Force, but evidently when you [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"hide_page_title":""},"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1583"}],"collection":[{"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1583"}],"version-history":[{"count":0,"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1583\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1583"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1583"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.gatchev.info\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1583"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}