Citizen Lab (part of the Munk Centre for International Studies, University of Toronto) has published a report showing that found that a Chinese version of the Skype sends the full text of millions of messages with ‘sensitive’ keywords to servers controlled by Skype’s Chinese partner TOM Online.
Major Findings of this report are as follows:
- The full text chat messages of TOM-Skype users, along with Skype users who have communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and if present, the resulting data are uploaded and stored on servers in China.
- These text messages, along with millions of records containing personal information, are stored on insecure publicly-accessible web servers together with the encryption key required to
decrypt the data.
- The captured messages contain specific keywords relating to sensitive political topics such as Taiwan independence, the Falun Gong, and political opposition to the Communist Party
of China.
- The surveillance is not solely keyword-driven. Many of the captured messages contain words that are too common for extensive logging, suggesting that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.
Skype’s president Josh Silverman responded Thursday in a blog post, writing that everyone knows China censors — but that Skype didn’t know about the copying of messages to TOM Online’s serers.
Read more here: Breaching Trust