A Canadian researcher has discovered that a Chinese version of eBay Inc.’s Skype communications software snoops on text chats that contain certain keywords, including “democracy.”
The revelation is not only of interest to rights groups that monitor Internet censorship. The discovery also likely intrigues law enforcement and intelligence agencies in other countries, because they have been bothered by the growing use of Skype, which claims 338 million users across the world.
By its very nature, Skype is difficult to wiretap. Skype routes calls and chats between computers over the Internet, avoiding traditional phone networks. And the contents are supposedly encrypted, raising concerns in law enforcement that Skype could let criminals communicate without fear of eavesdropping.
The software is distributed by Skype’s Chinese partner, Tom Online Inc. Skype has acknowledged since 2006 that this version looks for certain sensitive words in text chats, and blocks those messages from reaching their destination. The issue appears only to affect people using the Chinese software.
What Villeneuve found was that the Tom-Skype program also passes the messages caught by the filter to a cluster of servers on Tom’s network. Because of poor security on those servers, he was able to retrieve more than a million stored messages. The filter appears to look for words like “Tibet,” “democracy” and “milk powder” — China is in the throes of a food scandal involving tainted milk.
This directly contradicts a blog posting on Skype’s Web site, which says that the software discards the filtered messages, and neither displays nor transmits them anywhere.