Most people probably think their Skype communications are safe from prying eyes and ears. After all, Skype says all Skype-to-Skype voice, video, and instant messages are encrypted. Ars Technica and privacy and security researcher Ashkan Soltani, however, have discovered that Microsoft can decrypt the message contents.
In the Ars Technica article, Dan Goodwin writes that Ars sent four web links, created solely for this test, through Skype and two of them were clicked on from a machine with an IP address belonging to Microsoft.
So it turns out Skype doesn't offer end-to-end encryption if Microsoft can read URLS transmitted over Skype. Microsoft says it regularly scans message contents "for signs of fraud, and company managers may log the results indefinitely," according to Ars. As security company Sophos points out, however, Skype's privacy policy does state it uses automated scanning within instant messages and SMS, so maybe the eavesdropping shouldn't be a surprise.
The takeaway, though, is if you thought Skype messages can't be or aren't tapped, think again.
Read more of Melanie Pinola’s Tech IT Out blog and follow the latest IT news at ITworld. Follow Melanie on Twitter at @melaniepinola. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.
This story, "Think your Skype messages are secure? Nope, microsoft is reading Skype messages" was originally published by ITworld.