Peut-on encore faire confiance à Skype ?

Posted by

Historiquement, Skype était une société de droit européen.

Sur le site de Skype, en 2011:

Skype was founded in 2003. It’s based in Luxembourg, with offices in Europe, the US and Asia. It’s owned by an investor group led by Silver Lake and which includes eBay Inc, Joltid Limited and Skype founders Niklas Zennström and Janus Friis, the Canada Pension Plan Investment Board and Andreessen Horowitz.

Maintenant que la société Skype a été acquise par Microsoft, société américaine, tombe-t-elle sous la loi du Patriot Act ? Peut-on encore imaginer que nos conversations privées le sont vraiment ?

La lettre ouverte adressée à Skype mérite d’être lue, jusqu’à la dernière ligne.
Extrait:

In June 2008, Skype stated it could not eavesdrop on user conversations due to its peer-to-peer architecture and encryption techniques.[1] Additionally, Skype claimed it was not required to comply with expanded CALEA rules on lawful interception as long as it was based in Europe.[2] As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters.[3]
Since Skype was acquired by Microsoft, both entities have refused to answer questions about exactly what kinds of user data can be intercepted, what user data is retained, or whether eavesdropping on Skype conversations may take place.[4] In 2012, the FBI stated that it had issued a warrant for chats going back to 2007, and that it had utilized those chats as evidence as the basis for criminal charges.[5] This contradicts Skype’s own policy stating that chats are retained for a maximum of 30 days.[6]

One comment

  1. quoted from Bruce Schneier:

    New Details on Skype Eavesdropping

    This article, on the cozy relationship between the commercial
    personal-data industry and the intelligence industry, has new
    information on the security of Skype.

    Skype, the Internet-based calling service, began its own secret
    program, Project Chess, to explore the legal and technical
    issues in making Skype calls readily available to intelligence
    agencies and law enforcement officials, according to people
    briefed on the program who asked not to be named to avoid
    trouble with the intelligence agencies.

    Project Chess, which has never been previously disclosed, was
    small, limited to fewer than a dozen people inside Skype, and
    was developed as the company had sometimes contentious talks
    with the government over legal issues, said one of the people
    briefed on the project. The project began about five years ago,
    before most of the company was sold by its parent, eBay, to
    outside investors in 2009. Microsoft acquired Skype in an $8.5
    billion deal that was completed in October 2011.

    A Skype executive denied last year in a blog post that recent
    changes in the way Skype operated were made at the behest of
    Microsoft to make snooping easier for law enforcement. It
    appears, however, that Skype figured out how to cooperate with
    the intelligence community before Microsoft took over the
    company, according to documents leaked by Edward J. Snowden, a
    former contractor for the N.S.A. One of the documents about the
    Prism program made public by Mr. Snowden says Skype joined
    Prism on Feb. 6, 2011.

    Reread that Skype denial from last July, knowing that at the time the
    company knew that they were giving the NSA access to customer
    communications. Notice how it is precisely worded to be technically
    accurate, yet leave the reader with the wrong conclusion. This is where
    we are with all the tech companies right now; we can’t trust their
    denials, just as we can’t trust the NSA — or the FBI — when it denies
    programs, capabilities, or practices.

    Back in January, we wondered whom Skype lets spy on their users. Now we
    know.

    The article quoted:
    https://www.nytimes.com/2013/06/20/technology/silicon-valley-and-spy-agency-bound-by-strengthening-web.html

    or http://tinyurl.com/qdl249l

    Skype’s denial:
    http://blogs.skype.com/2012/07/26/what-does-skypes-architecture-do/

    We can’t trust the NSA:
    http://www.schneier.com/blog/archives/2013/06/details_of_nsa.html
    https://www.eff.org/deeplinks/2013/06/director-national-intelligences-word-games-explained-how-government-deceived

    or http://tinyurl.com/ma7dk5j
    https://www.eff.org/nsa-spying/wordgames
    http://www.wired.com/threatlevel/2013/06/nsa-numbers/
    http://fabiusmaximus.com/2013/06/11/nsa-surveillance-51264/

    My post from last January:
    https://www.schneier.com/blog/archives/2013/01/who_does_skype.html

Leave a Reply

Your email address will not be published. Required fields are marked *