China listening in on Skype - Microsoft assumes you approve

With 250 million monthly connected users, Skype is one of the most popular services for making phone calls as well as chatting over the Internet. If you have friends, family or business contacts abroad, chances are you are using Skype to keep in contact. Having said that, you are probably not aware that all your phone calls and text chats can be monitored by the censorship authorities in China. And if you are aware, chances are that you do not consent to such surveillence. Microsoft, however, assumes that you do consent, as expressed in their Privacy Policy:

Skype, Skype's local partner, or the operator or company facilitating your communication may provide personal data, communications content and/or traffic data to an appropriate judicial, law enforcement or government authority lawfully requesting such information. Skype will provide reasonable assistance and information to fulfill this request and you hereby consent to such disclosure.

From the SKYPE PRIVACY POLICY.

Known for years - yet most Skype users are unaware

The fact that Skype is collaborating with Tom Online and operating under "local laws and regulation" for the China market has been known for years. For example, Human Rights Watch got the following response from Skype in 2006, when inquiring about their partnership with Tom:

Skype works hard to comply with all applicable local laws and regulations in countries where we do business. China is no exception. In China, we have a joint venture with TOM Online in which TOM is the majority shareholder. The JV offers a co-branded version of the Skype software called TOM-Skype. To comply with the government regulation, TOM Online is obliged to use a text filter in TOM-Skype. If a message is found to be unsuitable for delivery because of specific text, the message is simply not transmitted between the users. This is an automated process and operates solely on text chats. Voice communications is not a part of this process.

From Appendix XI: Letter from Human Rights Watch to Skype and Skype's response.

Skype's claim that "this is an automated process and operates solely on text chats" is unlikely to be true. Tom Online is a Chinese company operating under local laws and regulation. If the authorities make a request for communication data for a given user they have to comply. To comply, they have to store the data. We can assume that all communication data - including both text and voice - passing through Tom's servers is saved and made available to authorities upon request. This of course also applies to other services based in China such as Sina Weibo and Tencent WeChat (微信). Skype and Microsoft, being foreign brands, are often perceived to be more trustworthy when it comes to privacy. In this case, Skype and Microsoft fail the people that trust them.

In 2008, Information Warfare Monitor and ONI Asia published An analysis of surveillance and security practices on China’s TOM-Skype platform. Their major findings were:

  • The full text chat messages of TOM-Skype users, along with Skype users who have communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and if present, the resulting data are uploaded and stored on servers in China.
  • These text messages, along with millions of records containing personal information, are stored on insecure publicly-accessible web servers together with the encryption key required to decrypt the data.
  • The captured messages contain specific keywords relating to sensitive political topics such as Taiwan independence, the Falun Gong, and political opposition to the Communist Party of China.
  • Our analysis suggests that the surveillance is not solely keyword-driven. Many of the captured messages contain words that are too common for extensive logging, suggesting that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.

While these conditions have been known for years, most Skype users are probably not aware of the differences between Tom Skype and the regular Skype. Many are running Tom Skype on their computers thinking that it's the regular Skype and trusting Microsoft to deal with their call and chat data confidentially.

Regular Skype version also vulnerable

What's worse, even if you are running the regular version of Skype, if the person you are chatting with or talking to is running the Tom version, your communication is still monitored and made available to the Chinese authorities. There is no way to know what software the other person is using. As we've established above, many are using Tom Skype unknowingly. This means that whether or not you are in China, whether or not you are using the regular version of Skype or the Tom version and whether or not you are writing something you think could be politically controversial in China, your communication data could all be stored on Chinese servers and shared with Chinese authorities.

Server tests

We have tested three versions of Skype: The regular, English version, the English version of Tom Skype and the Chinese version of Tom Skype. The following is an overview of the IP addresses that each client connected to while logging in and making a test call. All versions of Skype contact a range of servers and there is some overlap between the different clients. Servers are somewhat randomly selected but, crucially, it is clear that only the Tom versions of Skype communicate with servers located in China. The regular version of Skype, on the other hand, exclusively communicates with servers located outside of China.

IP Country Skype English Tom Skype English Tom Skype Chinese
212.8.166.36 Belgium - -
110.81.238.33 China -
117.25.148.250 China - -
117.79.81.133 China - -
180.149.134.221 China - -
180.149.134.224 China - -
211.100.40.15 China - -
211.100.40.173 China -
211.100.41.100 China - -
211.100.41.18 China - -
211.100.41.32 China - -
211.100.41.62 China - -
211.100.41.63 China - -
211.100.41.76 China -
218.30.111.75 China -
218.30.66.187 China - -
218.6.12.214 China -
218.6.20.11 China - -
219.232.255.99 China -
220.162.97.165 China -
61.160.200.197 China - -
204.9.163.184 Estonia -
204.9.163.200 Estonia - -
204.9.163.204 Estonia -
204.9.163.247 Estonia
212.187.172.78 United Kingdom - -
213.146.189.234 Ireland - -
213.146.189.237 Ireland -
213.146.189.239 Ireland - -
213.199.179.150 Ireland - -
239.255.255.250 Ireland
93.46.8.89 Italy - -
193.95.154.38 Luxembourg - -
78.141.179.11 Luxembourg - -
78.141.179.16 Luxembourg - -
91.190.216.24 Luxembourg - -
91.190.216.25 Luxembourg - -
91.190.216.53 Luxembourg - -
111.221.77.154 Singapore - -
149.13.32.15 US - -
149.13.32.246 US - -
149.13.32.251 US - -
157.55.56.150 US - -
157.56.52.29 US - -
184.25.105.161 US - -
184.26.82.161 US - -
184.87.201.195 US - -
207.46.70.164 US - -
207.46.70.208 US -
207.46.70.225 US - -
23.10.143.139 US -
64.4.21.39 US - -
64.4.34.81 US - -
64.4.45.58 US - -
64.4.61.152 US - -
64.4.61.205 US - -
64.4.9.158 US -
65.54.165.64 US - -
65.55.239.146 US - -
69.171.234.37 US - -
69.31.119.171 US - -
74.125.128.95 US -

How to tell the difference with Tom

Downloading

To download Skype, you'd probably enter www.skype.com in your browser and look for a download link. If you are in China, however, when you go to www.skype.com, you are automatically redirected to http://skype.tom.com. Skype does not ask if you want to be redirected. They also do not inform you of the difference between the regular Skype and the Tom Online version. The websites look very similar. Skype and Microsoft are actively misleading users into thinking that they are using the regular version of Skype.

Regular Skype Tom Skype (English) Tom Skype (Chinese)

Installing

The English version of Tom Skype looks exactly the same as the regular version while installing. The Chinese version is based on an earlier version of Skype and looks somewhat different. (Click on any screenshot to see the full version.)

Regular Skype Tom Skype (English) Tom Skype (Chinese)

Logging in

The login screens are very similar, misleading users to think that they are using the regular version of Skype.

Regular Skype Tom Skype (English) Tom Skype (Chinese)

About

If you click to the About window in the Skype client, you can find out if you are running the Tom Online version of Skype or not. If you are, then your communication is passing through Chinese servers and made available to authorities upon request.

Regular Skype Tom Skype (English) Tom Skype (Chinese)

How to get the real Skype in China

The regular version of Skype is not blocked in China, but downloading the client is made difficult by Skype and Microsoft. Whenever you try to go to www.skype.com they redirect you to skype.tom.com. One solution is to use a VPN or other circumvention tool when downloading Skype. That way you can avoid the automatic redirection to tom.skype.com.

Without a VPN, you can currently download the regular version of Skype in China by going to their beta website: http://beta.skype.com. On this site, they don't force users to redirect to Tom Skype.

Another solution is to download the client from a third-party website such as Yahoo. They in turn currently redirect you to the following download link on download.skype.com which seems to work fine in China: SkypeSetupFull.exe.

This assumes that you are using Windows. If you are on a Mac, you can get the real version of Skype from Softonic. If you are on Linux, here's a direct download link.

For an additional layer of security, you can connect to your VPN before using Skype. If you are using a proxy and want to force Skype to use the proxy, the best way is to run local firewall software and block all direct outgoing traffic from Skype.

Remember that if the person at the other end is using Tom Skype then your communication is still monitored by Tom. You can ask the person you are talking to to verify what version they are running by opening the About window in their Skype client (see comparison of screenshots above).

Deception

By redirecting Chinese users to Tom Skype without notice, Microsoft is actively misleading users to think that they are downloading the real Skype client. By blocking Chinese users from downloading the real Skype, Microsoft is actively making it more difficult for Chinese users to circumvent surveillance. By offering two versions of the Skype client that look almost identical but have vastly different implications on privacy, Microsoft is misleading users to trust their product. By not notifying users that the user at the other end is using the Tom Online version of Skype, Microsoft is making Skype conversations from around the world available to Chinese authorities, assuming that their users agree.

This is a privacy scandal that has been going on for years. Microsoft should at the very least make the differences between the Skype clients clear, allow Chinese users the option to download the real client, notify Skype users if the user at the other end is using the Tom Online version of Skype and apologize to all Skype users for having potentially shared all their private information with Chinese authorities.

If you know any employees at Microsoft, please let them know how you feel about this. And please help us spread awareness of this problem by sharing this story on social media etc.

Skype to replace Messenger

Microsoft recently announced that Windows Live Messenger [Is] To Be Retired, Users [Will Be] Transitioned To Skype. However, "Windows Live Messenger will live on in China, with no announced termination date for the service there". This may be because Microsoft isn't happy with their collaboration with Tom. According to reports in July, TOM may lose Skype rights in China. Whether Microsoft continues one or both of the Skype and Messenger clients, and whether they collaborate with local ventures or not, we hope that they will come clean concerning surveillance of their users and sharing of private data with Chinese authorities.

Alternatives to Skype

You may conclude that Skype simply isn't trustworthy, whether or not you are using the Tom Online version. One alternative is to use Google Talk, though its service is unstable in China (unless you are on a VPN). Are there other good alternatives? Feel free to comment.

Comments

More Blog Posts

Subscribe to our mailing list
Show content from Blog | Google+ | Twitter | All. Subscribe to our blog using RSS.

Mon, Nov 25, 2024

China’s New Effort to Achieve Cyber Sovereignty

How Real-Name Registration policies create an “ideological firewall” that chills dissent by eliminating user anonymity and selectively restricting transnational access to Chinese social media apps.

Thu, Aug 10, 2023

1.4 million people used FreeBrowser to circumvent the Great Firewall of Turkmenistan

Since 2021, the authorities in Turkmenistan have taken exceptional measures to crack down on the use of circumvention tools. Citizens have been forced to swear on the Koran that they will not use a VPN. Circumvention tool websites have been systematically blocked. Arbitrary searches of mobile devices have also taken place and have even targeted school children and teachers.

The government has also blocked servers hosting VPNs which led to “near complete” internet shutdowns on several occasions in 2022. Current reports indicate that 66 hosting providers, 19 social networks and messaging platforms, and 10 leading content delivery networks (CDNs), are blocked in the country. The government presumably is unconcerned about the negative economic impact that such shutdowns can cause.

Fri, Mar 18, 2022

Well-intentioned decisions have just made it easier for Putin to control the Russian Internet

This article is in large part inspired by a recent article from Meduza (in Russian).

Since the beginning of the war in Ukraine, Russian users have had problems accessing government websites and online banking clients. Browsers began to mark these sites as unsafe and drop the connection. The reason is the revocation of digital security certificates by foreign certificate authorities (either as a direct consequence of sanctions or as an independent, good will move); without them, browsers do not trust sites and “protect” their users from them.

However, these actions, caused - or at least triggered by - a desire to punish Russia for their gruesome actions in Ukraine, will have long-lasting consequences for Russian netizens.

Digital certificates are needed to confirm that the site the user wants to visit is not fraudulent. The certificates contain encryption keys to establish a secure connection between the site and the user. It is very easy to understand whether a page on the Internet is protected by a certificate. One need just look at the address bar of the browser. If the address begins with the https:// prefix, and there is a lock symbol next to the address, the page is protected. By clicking on this lock, you can see the status of the connection, the name of the Certification Authority (CA) that issued the certificate, and its validity period.

There are several dozen commercial and non-commercial organizations in the world that have digital root certificates, but 3/4 of all certificates are issued by only five of the largest companies. Four of them are registered in the USA and one is registered in Belgium.

Mon, Aug 03, 2020

Announcing the Release of GreatFire AppMaker

GreatFire (https://en.greatfire.org/), a China-focused censorship monitoring organization, is proud to announce that we have developed and released a new anti-censorship tool that will enable any blocked media outlet, blogger, human rights group, or civil society organization to evade censors and get their content onto the phones of millions of readers and supporters in China and other countries that censor the Internet.

GreatFire has built an Android mobile app creator, called “GreatFire AppMaker”, that can be used by organizations to unblock their content for users in China and other countries. Organizations can visit a website (https://appmaker.greatfire.org/) which will compile an app that is branded with the organization’s own logo and will feature their own, formerly blocked content. The app will also contain a special, censorship-circumventing web browser so that users can access the uncensored World Wide Web. The apps will use multiple strategies, including machine learning, to evade advanced censorship tactics employed by the Chinese authorities.  This project will work equally well in other countries that have China-like censorship restrictions. For both organizations and end users, the apps will be free, fast, and extremely easy to use.

This project was inspired by China-based GreatFire’s first-hand experience with our own FreeBrowser app (https://freebrowser.org/en) and desire to help small NGOs who may not have the in-house expertise to circumvent Chinese censorship. GreatFire’s anti-censorship tools have worked in China when others do not. FreeBrowser directs Chinese internet users to normally censored stories from the app’s start page (http://manyvoices.news/).

Fri, Jul 24, 2020

Apple, anticompetition, and censorship

On July 20, 2020, GreatFire wrote to all 13 members of the Subcommittee on Antitrust, Commercial and Administrative Law of the U.S. House Committee on the Judiciary, requesting a thorough examination into Apple’s practice of censorship of its App Store, and an investigation into how the company collaborates with the Chinese authorities to maintain its unique position as one of the few foreign tech companies operating profitably in the Chinese digital market.  

This letter was sent a week before Apple CEO TIm Cook will be called for questioning in front of the Subcommittee on Antitrust, Commercial and Administrative Law. The CEOs of Amazon, Google and Facebook will also be questioned on July 27, as part of the Committee’s ongoing investigation into competition in the digital marketplace.

This hearing offers an opportunity to detail to the Subcommittee how Apple uses its closed operating ecosystem to not only abuse its market position but also to deprive certain users, most notably those in China, of their right to download and use apps related to privacy, secure communication, and censorship circumvention.

We hope that U.S. House representatives agree with our view that Apple should not be allowed to do elsewhere what would be considered as unacceptable in the U.S. Chinese citizens are not second class citizens. Private companies such as Apple compromise themselves and their self-proclaimed values of freedom and privacy when they collaborate with the Chinese government and its censors.

Subscribe to our blog using RSS.

Comments

http://www.laborday2015usa.com
I have never seen this type of article

International City Gurgaon offering luxury villas in Gurgaon. International City is located just off Dwarka Expressway Gurgaon.
http://www.internationalcity.in/presidential-luxury-villas-in-gurgaon

thanks for article and status www.mothersday-2014.org

Hey! thanks for sharing this article. I am planning to collaborate with you to work on my site .Thanks again

Hey thanks for sharing this and covering everuthing in detail.
http://www.printablecalendardownload.net
http://www.whatsappstatus143.net

Happy New Year Images, Wallpapers, Wishes, Poems, Status, Covers, Pictures
http://www.thehappynewyear2016images.com/

hello hello hello hello helo helo sfdjalksfalsnflasnflasjflaksjfjaslkjfaskfdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddsssssssssssssssssssssssssssssssssssssssssssssssssss

Thanks for sharing this information.
http://www.feliznavidad-anonuevo2016.com/

So far Windows 10 has received positive response from technical groups and it is not official released by Microsoft. However they have released a preview version. You can easily Download and Windows 10 Upgrade or Windows 10 free download full version for free of cost and get concept of how this product will work.

http://techviral.com/windows-10/

I’m also excited to install this on your new system.

Thank you for sharing of information, I am very pleased with the content of your article is very useful and I wait for the next article to update the information again.http://obatmaag.bestagaric.com/

In this site we will provide you about the fitoor box office collection as well as all the details like release date, trailer, poster, first look

Airlift Movie | Torrent Download | Akshay Kumar | 2016

Airlift 2016 an Indian war thriller film starring Akshay Kumar and Nimrat Kaur in lead roles. The film is directed by Raja Krishna Menon. The film is based on world's biggest civil evacuation in 1990, Iraq invades Kuwait, leaving approx 1,70,000 Indians trapped. This is a true story of how Ranjit Katyal and India facilitate the largest human evacuation. The film is scheduled for release on 22 January 2016. People have been searching for Airlift Torrent and it’s download links all over the internet so we thought that we might as well help such people by providing relevant and official download links for Airlift Torrent downloads.

I hope ICC t20 World Cup 2016 becomes one of the best tournament of the world and it brings so much of entertainment. People will love to get live score, live streaming, etc..
ICC World T20 2016 Live Streaming and live score is very important for all of you.
t20 World Cup Live.

Info untuk menyembuhkan sakit maag dengan http://obatmaag.bestagaric.com/

Great tips and very easy to understand. This will definitely be very useful for me when I get a chance to start my blog.
http://www.sscresults-2016.com/
This post is very simple to read and appreciate without leaving any details out. Great work!

thanks for this article... I'm gonna to share with my friends...
maru bharat

good article
IPL Live

Hmm... great article nice sharing
http://www.iplt20liveonline.com/

Hmm... great article nice sharing
http://www.marubharat.com/

Clash Royale Free Gems & Gold – No Download!
http://clashroyalegenerator.hack-trick.com

Learn English and Russian online in Skype! lingvoclass.c o m

This Trick Is Very Helpful If You Are Searching For Whatsapp For PC. One of the constraints of Whatsapp is that you can just use it on your phone. On the off chance that you are not convey your phone, you're stuck without Whatsapp.
http://www.azbirthdaycollections.com/
http://www.coloringpages-biographies.com/

Love to see this infor here
This Trick Is Very Helpful If You Are Searching For Whatsapp For PC. One of the constraints of Whatsapp is that you can just use it on your phone.

http://www.whatsappstutusjgm.com/
http://jandhanyojnascheme.com/

Your posts really great. Every one is indetailed and clear understanding. You are awesome.

Thank You

It is actually a nice and helpful piece of information.very deeply described.thanks.....
Happy new year 2017

thanks for your nice post
http://goo.gl/jR6Dj7

Very nice post mate. You have explained everything in very deep. Your post is simple to read and easy to learn. Very nice. You can also check
new year 2017

Dangal Box Office Collection
http://www.dangalboxofficecollection.org

Merry Christmas 2016 Wallpaper
http://www.merrychristmaswallpaper.com/

for all types templates visit at
Templates

Nice article
Watch full episod of The voice 2017
The voice 2017

For Technology
Tricomputo

For Gadget Review
fabulous Gadget

IPL news
IPL Season 10

thaks for share!!
https://tricomputo.com/

thanks sharing

http://www.otomags.com/

to relieve cough is not only just but also can cure. In addition to overcome cough, red ginger can also be overcome strep throat. The nature of this warm red ginger that can help cure a cough and sore throat.

Thanks for sharing this valuable information to our vision. You have posted a trust worthy blog keep sharing.

Jelly Gamat QnC

Great content as always.. keep posting dude http://ipllivestreamingfree.com/

Tomorrowland is an electronic music festival held in Boom, Belgium. Tomorrowland was first held in 2005, and has since become one of the world's largest and most notable music festivals.
Tomorrowland 2017

Pages

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.