Skype's Been Hijacked in China,
and Microsoft Is O.K. With It
http://www.businessweek.com/articles/2013-03-08/skypes-been-hijacked-in-china-and-microsoft-is-o-dot-k-dot-with-it
Skype's Been Hijacked in China, and Microsoft Is O.K. With It
By Vernon Silver on March 08, 2013 Tweet Facebook LinkedIn Google Plus 8 Comments
Jeffrey Knockel is an unlikely candidate to expose the inner workings of Skype’s role in China’s online surveillance
apparatus. The 27-year-old computer-science graduate student at the University of New Mexico, Albuquerque
doesn’t speak Chinese, let alone follow Chinese politics. “I don’t really keep up with news in China that much,” he
says. But he loves solving puzzles. So when a professor pulled Knockel aside after class two years ago and suggested a
long-shot project—to figure out how the Chinese version of Microsoft’s (MSFT) Skype secretly monitors users—he
hunkered down in his bedroom with his Dell (DELL) laptop and did it.
Since then, Knockel, a bearded, yoga-practicing son of a retired U.S. Air Force officer, has repeatedly beaten the
Since then, Knockel, a bearded, yoga-practicing son of a retired U.S. Air Force officer, has repeatedly beaten the
ever-changing encryption that cloaks Skype’s Chinese service. This has allowed him to compile for the first time the
thousands of terms—such as “Amnesty International” and “Tiananmen”—that prompt Skype in China to
intercept typed messages and send copies to its computer servers in the country. Some messages are blocked
altogether. The lists—which are the subject of a presentation Knockel will make on Friday, March 8, at Boston University,
as well as a paper he’s writing with researchers from the University of Toronto’s Citizen Lab—shed light on the
monitoring of Internet communications in China. Skype’s videophone-and-texting service there, with nearly 96 million
users, is known as TOM-Skype, a joint venture formed in 2005 with majority owner Tom Online, a Chinese wireless
Internet company.
The words that are subject to being monitored, which Knockel updates almost daily on his department’s website,
The words that are subject to being monitored, which Knockel updates almost daily on his department’s website,
range from references to pornography and drugs to politically sensitive terms, including “Human Rights Watch,”
“Reporters Without Borders,” “BBC News,” and the locations of planned protests. (The system he traced does not
involve voice calls.) Knockel says his findings expose a conflict between Microsoft’s advocacy of privacy rights and
its role in surveillance. Microsoft, which bought Skype in 2011, is a founding member of the Global Network Initiative, a
group that promotes corporate responsibility in online freedom of expression. “I would hope for more,” Knockel says of
Microsoft. “I would like to get a statement out of them on their social policy regarding whether they approve of what
TOM-Skype is doing on surveillance.”
On Jan. 24, an international group of activists and rights groups published an open letter to Skype, calling on it to
On Jan. 24, an international group of activists and rights groups published an open letter to Skype, calling on it to
disclose its security and privacy practices. Microsoft, when asked for comment on Knockel’s findings and activists’
concerns, issued a statement it attributed to an unnamed spokesperson for its Skype unit. “Skype’s mission is to
break down barriers to communications and enable conversations worldwide,” the statement said. “Skype is
committed to continued improvement of end user transparency wherever our software is used.” Microsoft’s statement
also said that “in China, the Skype software is made available through a joint venture with TOM Online. As majority
partner in the joint venture, TOM has established procedures to meet its obligations under local laws.” Hong Kong-
based Tom Group (2383), the parent of Tom Online, didn’t respond to e-mailed requests for comment for this story. In an
October 2008 statement addressing TOM-Skype censorship, it said: “As a Chinese company, we adhere to rules and
regulations in China where we operate our businesses.” China’s Ministry of Foreign Affairs didn’t immediately respond
to faxed questions seeking comment.
When Internet users in China try to access Skype.com, they’re diverted to the TOM-Skype site. While the Chinese
When Internet users in China try to access Skype.com, they’re diverted to the TOM-Skype site. While the Chinese
version bears the blue Skype logo—and provides services for online phone calls and text chats—it’s a modified
version of the program found elsewhere in the world. The surveillance feature in TOM-Skype conducts the monitoring
directly on a user’s computer, scanning messages for specific words and phrases, Knockel says. When the program finds a
match, it sends a copy of the offending missive to a TOM-Skype computer server, along with the account’s username,
time and date of transmission, and whether the message was sent or received by the user, his research shows.
Whether that information is then shared with the Chinese government wasn’t explored by Knockel—and couldn’t be
learned from TOM-Skype.
Knockel’s project began in April 2011, when one of his advisers at the University of New Mexico, computer science
Knockel’s project began in April 2011, when one of his advisers at the University of New Mexico, computer science
professor Jedidiah Crandall, referred him to a 2008 paper by Nart Villeneuve, a Canadian security researcher.
Villeneuve had identified Chinese servers that stored TOM-Skype’s flagged messages, yet he couldn’t tell for certain
which terms had triggered the surveillance. “He didn’t know what the keyword list was,” says Masashi Crete-Nishihata,
research manager at Citizen Lab in Toronto and an author of the upcoming paper on Knockel’s findings. “What was
interesting about what Jeff did was grab the keyword list.” To get the words, Knockel downloaded TOM-Skype
onto his computer and watched how the monitoring worked. Every time he went online, servers in China would
silently send his machine an updated blacklist that would serve as the surveillance filter on his laptop.
