Canadian human-rights activists and computer security researchers have released a report on the extensive surveillance system in China that monitors and archives text conversations that include politically charged words. The research group, called Information Warfare Monitor, is a joint project of The SecDev Group, and the Citizen Lab, at the Munk Centre for International Studies, University of Toronto. The following are introductory excerpts from the study:
Our investigation reveals troubling security and privacy breaches affecting TOM-Skype — the Chinese version of the popular voice and text chat software Skype, marketed by the domestic Chinese company TOM Online. TOM-Skype routinely collects, logs and captures millions of records that include personal information and contact details for any text chat and/or voice calls placed to TOM-Skype users, including those from the Skype platform. These records are kept on publicly-accessible servers, along with the information required to decrypt these log files. These files contain the full text of chat messages sent and/or received by TOM-Skype users that contain particular keywords that trigger TOM-Skype's content-filtering capability.
Our investigation revealed eight servers that are part of the TOM-Skype surveillance network. In addition, we found one server hosting a special version of TOM-Skype designed for use in "net bars" or cybercafés. This server contained log files and information that revealed the list of the words that the system censored. Another server captured data from TOM Online's wireless services, and contained logs of SMS messages and other sensitive information.
The log files obtained during the course of the investigation reveal information such as the IP addresses, usernames (and land line phone numbers) used to place or receive TOM-Skype calls, as well as the full content of filtered messages and the time and date of each message. The collected data affects all TOM-Skype users and also captures the personal information of any Skype users that interacted with registered TOM-Skype users. This represents a severe security and privacy breach. It also raises troubling questions regarding how these practices are related to the Government of China's censorship and surveillance policies. The captured messages contain keywords relating to sensitive topics such as Taiwan independence, the Falun Gong, and political opposition to the Communist Party of China.
Security problems appear to be endemic at TOM Online. The publicly-accessible servers accessed by our investigation are insecure and contain information that can be used to exploit the TOM-Skype server network. It is possible that a malicious attacker could exploit vulnerabilities in the system and access the millions of logged communications and, possibly, detailed user profiles. In fact, evidence suggests that the servers used to store captured data have been compromised in the past and used to host pirated movies and torrents.
The study has raised key issues such as the extent of cooperation between TOM Online, Skype and the Chinese government in monitoring the communications of activists, dissidents and ordinary citizens. The study has listed the following as "Major Facts" in the findings:
The following is a chart of the 96,499 messages that were successfully translated with machine translation where 15,156 messages (15.71%) contained the word "communist", 6,744 contained "Falun" (6.99%) and 2,363 (2.45%) contained "Taiwan Independence."
Readers can learn more by visiting the Information Warfare Monitor website where this report titled, "Breaching Trust: An analysis of surveillance and security practices on China's TOM-Skype platform" can be downloaded.
Update 10/2/2008 10:49 AM PST: Jennifer Caukin, an eBay spokeswoman, has issued the following statement today:
"In China, TOM Online is the majority partner in our joint venture that brings Internet communications to Chinese citizens. The software developed and distributed in China by TOM utilizes Skype functionality, and TOM, just like any other communications company in China, has established procedures to meet local Chinese laws and regulations.
In 2006, Skype publically disclosed that Tom operated a text filter that blocked certain words on chat messages but that it did not compromise Tom customers' privacy. Last night, we learned that this practice was changed without our knowledge or consent and we are extremely concerned. We deeply apologise for the breach of privacy on Tom's servers in China and we are urgently addressing this situation with Tom.
We confirm our strong belief that Skype to Skype communications, enabled by our peer to peer architecture and strong encryption, remain the most secure form of publically available communications today."
Update 10/2/2008 1:28 PM PST: President of Skype, Josh Silverman has addresses the Chinese privacy breach on the company blog.
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DDoS Protection
Neustar DNS Services