At 07:07 PM 3/10/2006, Damian Gerow wrote:
Thus spake Steve Schear (s.schear@comcast.net) [10/03/06 19:57]: : >While I have no key insights into how Skype encryption is handled -- aside : >from the fact that most crypto-knowledgable communities view it skeptically : >-- I /do/ know they've stated they will fully comply with any wiretapping : >request, and declined to comment further on what exactly that meant. : : I believe it means they will comply with wiretapping requests of calls that : touch the public switched network.
They /do/ claim that there are no back doors within the code. And the quote I was thinking of is:
However, no matter what your approach (the trusting or the paranoid), it's all speculation. So long as their crypto /does/ remain closed -- and they've given nobody any reason to believe it will be anything but -- we'll have a hard time telling just how good it actually is.
Like I said, I'm waiting for Zfone and ZRTP.
One way to provide some measure of protection is to proxy Skype, for example from with a VPN. At least they won't be able to ID your IP address. If both parties are inside the VPN all the better. Steve