A plan by German police to hire hackers to break the encryption that Skype uses for it’s VoIP communications has prompted an interesting article at The Register.  They cover the ‘poison movie’ exploit, which has been fixed, as well as concerns that the current animated ads that play over Skype may provide another vector in which the same kind of exploit could be launched.  They also link to a talk that took place during the Black Hat Europe 2006 conference, in which two participants voiced concerns that without Skype opening up the source code, we can have no idea how secure the AES used by Skype is.  They also repeated the belief that Skype has the keys to decrypt conversations, which Skype has denied.

Free software that doesn’t guarantee anonymity, who woulda thunk it?


“German cops are pushing ahead with controversial plans, yet to be legally approved, to develop “remote forensic software” – in other words, a law enforcement Trojan.

Leaked documents outline proposals by German firm Digitask to develop software to intercept Skype VoIP communications and SSL transmissions. A second leaked document from the Bavarian Ministry of Justice outlines costing and licensing proposals for the software. Both scanned documents (in German, natch) have found their way onto the net after being submitted to Wikileaks.”

Here is some more Tech News from around the web:

Tech Talk