Chinese monitoring Tom-Skype messages

Chinese monitoring Tom-Skype messages

Summary: China is running a massive operation to track and store text messages sent over Tom-Skype, a joint venture between a Chinese wireless provider and eBay-owned Skype, The New York Times reports.China has about one million censored messages, many of which contain personally identifiable information, according to the human rights advocates at CitizenLab, based at the University of Toronto.

SHARE:

China is running a massive operation to track and store text messages sent over Tom-Skype, a joint venture between a Chinese wireless provider and eBay-owned Skype, The New York Times reports.

China has about one million censored messages, many of which contain personally identifiable information, according to the human rights advocates at CitizenLab, based at the University of Toronto.

Here are some of the findings:

  • The full text chat messages of TOM-Skype users, along with Skype users who have communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and if present, the resulting data are uploaded and stored on servers in China.
  • These text messages, along with millions of records containing personal information, are stored on insecure publicly-accessible web servers together with the encryption key required to decrypt the data.
  • The captured messages contain specific keywords relating to sensitive political topics such as Taiwan independence, the Falun Gong, and political opposition to the Communist Party of China.
  • Our analysis suggests that the surveillance is not solely keyword-driven. Many of the captured messages contain words that are too common for extensive logging, suggesting that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.

The question is whether Tom and eBay are cooperating with the Chinese government. In talking with the Times, eBay was exclusively concerned with the fact that CitizenLab hacked the system, and didn't address concerns about collaboration with the government.

The security breach does not affect Skype’s core technology or functionality. It exists within an administrative layer on Tom Online servers. We have expressed our concern to Tom Online about the security issue and they have informed us that a fix to the problem will be completed within 24 hours.

Topics: E-Commerce, Browser, Wi-Fi, China, Software, Servers, Security, Networking, Hardware, Government US, Government, Enterprise Software, Collaboration, Social Enterprise

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • cheaper solution

    Just get the logs from NSA, or run a joint
    operation...

    viztor
    viztor
  • The U.S. does the same

    Is there really much difference?

    Zillions of warrentless wiretaps.

    Deep packet inspection on the backbones.

    Getting search records from search companies for U.S citizens.

    U.S. laws broken repeatedly.

    Who are we to call the kettle black?
    The Rationalist
  • RE: Chinese monitoring Tom-Skype messages

    Much ado about nothing!
    Good luck to them!!!
    Have you people ever look at the mountains of rubbish that is transacted online??
    eaf40@...
  • A clarification

    It's important to remember that the issues highlighted in
    the Information Warfare Monitor / ONI Asia report affect
    only the TOM-Skype software distributed in China, and not
    standard versions of Skype. Skype-to-Skype
    communications are, and always have been, completely
    secure and private.

    Josh Silverman, Skype's President, has <a
    href="http://share.skype.com/sites/en/2008/10/skype_pr
    esident_addresses_chin.html" title="Skype President
    Addresses Chinese Privacy Breach - Skype Blogs">blogged
    about the situation</a>, explaining where we stand and
    what we're doing to sort things out.
    Peter Parkes (Skype)