This cryptanalysis of Microsoft/Skype is applicable to the whole Internet -- by design purpose-made to spy and lightly obfuscate with patently false denials and illusory privacy and comsec -- blessed by security wizards in public, chuckled, rued and reneged in private, usually under NDA and secrecy bonds -- flimsy, false bonds which themselves are chuckled, rued and reneged as the experts race to turn on each other's betrayal and grab for market share by doing the same. Cybersecurity is the latest adverting billboard for this (leached from WMD spying and national security long coddled by top secret national laboratories complicitly aiding each other while pretending opposition). To paraphrase Jon Callas, criticism of cybersecurity is a key escrow part of the script. (What Jon said was "Remember, the only difference between lawful access and espionage is whose jurisdiction it is.") And cybersecurity wizards, like all security whores, work for law enforcement and spies, whether Spamhaus, Spothaus, or CyberBunker, wittingly or unwittingly showing how to attack under light defense -- the very reason for creating and promulgating the Internet, aka: pick your favorite and most trusted communications medium against which even implacatory silence, getting off the grid, pleading a deal, lovers ratting on lovers, Schmidt shitting on JA, Manning induced to shit on himself, Swartz induced to shit on himself, a stream of others induced to shit on and be shit on, to wit social media, chat, Jabber, Anon, paste, backdoored encrypt, nym, false front, megaload, the latest trick to beat the competition while being meticulously tracked, profiled, archives, mined, targeted, siphoned, accused with perfect evidence, APT'd, Monsegured, Barrett Browned, slew of others like them, just when least exptected. To paraphrase Emmanuel Goldstein, at least 25% of Internet users are informants. At 10:18 AM 3/30/2013, Eugen Leitl wrote:

----- Forwarded message from Rich Kulawiec <rsk@gsp.org> -----

From: Rich Kulawiec <rsk@gsp.org> Date: Sat, 30 Mar 2013 10:04:49 -0400 To: liberationtech <liberationtech@mailman.stanford.edu> Subject: Re: [liberationtech] skype User-Agent: Mutt/1.5.21 (2010-09-15) Reply-To: liberationtech <liberationtech@lists.stanford.edu>

On Thu, Mar 21, 2013 at 02:36:53PM -0700, Yosem Companys wrote:

...

Rich, that's because you're not thinking like the average non-technical user, who usually does the following:

[snip thorough and IMHO, on-point analysis]

You make an excellent (series of) points. And I have to concede that you're right.

So let me refocus my comments on the efforts made (here and elsewhere) to get Microsoft to cough up answers: can't everyone see that these responses have been carefully wordsmithed within an inch of their lives in what is an obvious and deliberate attempt to say as little as possible and omit as much as possible?

Microsoft, like many corporations, employs professional spokesliars who are very, very good at crafting wording that can be defended (should it come to that) but which doesn't present the truth in a straightforward fashion. That's their JOB. After all: anyone there could tell the truth -- it's not hard. But it takes a trained and practiced professional to evade it, obscure it, conceal it, dance around it in convincing fashion -- and even use it in limited ways when it serves the purpose.

"A man who tells lies, like me, merely hides the truth. But a man who tells half-lies has forgotten where he put it." --- Mr. Dryden, "Lawrence of Arabia"

Microsoft is never, ever, ever going to provide full, honest, truthful answers to these questions. Why should they? What's in it for them? How would those answers make money for Microsoft? (And if you think for a moment that Microsoft has ANY corporate value other than "making money", then you live in a different universe than I do.)

So what *is* the truth? I dunno.

I think (and I emphasize "think", because I do not know) that Skype is probably spyware. I think it's got backdoors that have been designed into it. I think Microsoft has, is, and will hand over information on Skype users, usage, and content to governments, including the United States, but possibly including other ones. I think that Skype has probably also been cracked by other governments. I think that it also has security issues, some of which are known/partially-known, some of which might be intentional. I think that nobody should be using it for any purpose ever.

That said, though, even if I'm right on all those points, that's not going to stop people from using it. And that's where *you're* right: I wish you weren't, but you are, and I don't know how to fix that situation.

---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE