djk at tobit.co.uk
Thu Sep 17 18:48:25 BST 2009
David Alban wrote:
> but, giving into paranoia, i'm careful not to skype anything i
> wouldn't want my company and/or ebay to see. just in case They're
If skype is behaving like a standard voip client (i.e. chit-chatting to
a central "directory" server, then setting up an (encrypted) UDP/RDP
point to point circuit for the actual conversation) then they (GCHQ)
probably havn't "Mastered the Internet"[tm] (El Reg passim) sufficiently
yet to be "Watching"[tm]. But you can bet they are running as fast their
little legs can move to fix that (and they have a couple of billion £
available to make it happen).
However the Indian Government are/were prepared to ban and filter out
skype (setup?) traffic unless they could get a backdoor. Make what you
want out of that (again El Reg passim).
If skype circuit setup works like most voip systems, part of the
chit-chat is devoted to agreeing a set of IP addresses and ports that
each end is prepared to communicate on for the RDP conversation traffic.
There is no reason why that chit-chat can't direct you via a suitable
monitoring computer which sits there as a "man in the middle" to record
your every utterance.
In fact there are all sorts of circumstances that, for standard voip
systems, this happens as a matter of course, eg getting to/from phones
behind NAT, doing protocol conversions (where neither phone has a codec
in common that they are prepared (or allowed) to use).
Another common one is to manage conference calls. It is much more
efficient to have a (set of) central "conference call" mule(s) in
somewhere like TeleHouse which handles the 20 or so 64 Kb RDP input
streams, mixing them together (in the audio sense) and outputting the
result, down just one single RDP stream to your phone. The alternative
would be for your phone/asterisk box to manage 20 duplex streams to each
other participant, which is 1.28Mb of real time RDP traffic in each
Me Paranoid[tm] - never!
More information about the london.pm