Is Microsoft reading your Skype communications?
Posted on 15 May 2013.
The question of whether Skype - a Microsoft subsidiary since May 2011 - allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.


Nevertheless, The H warns that whatever the answer may be, to be on the safe side users should do well to assume that Microsoft will be using the transmitted and recorded data in whichever way it wants.

That conclusion has been reached after The H's German associates at heise Security have been notified, and then independently confirmed, that every HTTPS URL sent over Skype gets checked from an IP address registered to Microsoft headquarters in the U.S.

When asked why that is, the company has replied that they are indeed accessing all sent URLs so that they could spot and remove spam and phishing links.

But the researchers remain unconvinced.

"Spam and phishing sites are not usually found on HTTPS pages. By contrast, Skype leaves the more commonly affected HTTP URLs, containing no information on ownership, untouched," they pointed out. "Skype also sends head requests which merely fetches administrative information relating to the server. To check a site for spam or phishing, Skype would need to examine its content."









Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //