Why Doesn’t Skype Include Stronger Protections Against Eavesdropping?
At the EFF blog Seth Schoen speculates that Microsoft could be under continuous secret court orders which could possibly be interpreted to not allow it to add privacy protecting features to Skype. Maybe, but this can’t explain why Skype did not protect users prior to acquisition by Microsoft.
Schoen’s post closes with (emphasis in original):
That’s certainly not the case today, legally or technically—today, different kinds of calls offer drastically different levels of privacy and security. On some mobile networks, calls aren’t encrypted at all and hence are even broadcast over the air. Some Internet calls are encrypted in a way that protects users against some kinds of interception and not others. Some calls are encrypted with tools that include privacy and security features that Skype is lacking. Users deserve to understand exactly how the communications technologies they use do or don’t protect them. If Microsoft has reasons to think this situation is going to change, we need to know what those reasons are.
I’ll throw out some definite reasons users aren’t getting the protection and information deserved (secret court orders may be additional reasons):
- Features have costs (engineering, UX, support); why should a developer bother with any feature when:
- Few users have expressed demand for such features through either exit or voice;
- Advocates who believe users deserve protection and information have failed to adequately increase actual user and policy demand for such;
- Advocates and would-be providers of tools giving users what they deserve have failed to adequately deliver (especially to market! few users know about these tools) such.
In short Skype has not protected users or informed them about lack of protection because they face near zero threat (regulatory or competitive product) which would interest them in doing so.
EFF is doing as well and as much as any entity at generally informing users who probably already care a little bit (they’re reached by the EFF’s messages) and a whole lot more deserving of support. Keep that voice up but please always include exit instructions. Name “tools that include privacy and security features”; I see a screenshot of Pidgin in the EFF post, give them some love! Or better, Jitsi, the most feasible complete Skype replacement for all platforms. Otherwise your good efforts will be swamped by Skype user loyaltynetwork effect lockin.
Related argument: Realize Document Freedom Day; on topic: Free, open, secure and convenient communications: Can we finally replace Skype, Viber, Twitter and Facebook?
Hi Mike,
Since the focus of that post was on a possible legal theory, I didn’t think it was very appropriate to focus on promoting Skype competitors—but maybe it could have been done in an appropriate way.
I just posted another item yesterday (https://www.eff.org/deeplinks/2013/07/technology-protect-against-mass-surveillance-part-1) talking about more secure communications tools, although unfortunately I didn’t mention Jitsi there. I’m going to be doing more stuff about promoting secure communications and I’ll try to think more about your observations on this front before the next time I write on the subject. (There is going to be a part 2 that talks about some problems for secure communications, including network effects.)
Hi Seth,
Though I do think in general there ought be more focus on promoting competitors, I didn’t mean to suggest that be a focus of your post. Merely a mention by name (eg the screenshot caption) or a link to some other page on “tools that include privacy and security features†would be helpful, even to the general reader who has no reason to know whether you’re talking about research software, or something practical, which Skype could do right now, everything else notwithstanding.
I look forward to reading part 2 (and just read part 1; I hadn’t read it yet due to the less provocative title … can’t win!). Thanks for all you do, and all the other EFF people! Above is all quibbles.
[…] relationship with the NSA, which includes live Skype wiretapping and Windows back doors, can be explained and reasoned about as something which only a vain monopolist can get away with (domination in desktop operating […]
[…] Commons, crowdfunding, Defensive Patent License, Document Freedom Day, DRM-in-HTML5 outrage, EFF, federated social web, Internet Archive, Open Knowledge Foundation, SOPA/ACTA online protests, […]