Saturday, 9 March 2013

Skype's Been Hijacked in China, and Microsoft Is O.K. With It

Skype's Been Hijacked in China,
and Microsoft Is O.K. With It

Skype's Been Hijacked in China, and Microsoft Is O.K. With It
By Vernon Silver on March 08, 2013  Tweet Facebook LinkedIn Google Plus 8 Comments

Jeffrey Knockel is an unlikely candidate to expose the inner workings of Skype’s role in China’s online surveillance 
apparatus. The 27-year-old computer-science graduate student at the University of New Mexico, Albuquerque 
doesn’t speak Chinese, let alone follow Chinese politics. “I don’t really keep up with news in China that much,” he 
says. But he loves solving puzzles. So when a professor pulled Knockel aside after class two years ago and suggested a 
long-shot project—to figure out how the Chinese version of Microsoft’s (MSFT) Skype secretly monitors users—he 
hunkered down in his bedroom with his Dell (DELL) laptop and did it.

Since then, Knockel, a bearded, yoga-practicing son of a retired U.S. Air Force officer, has repeatedly beaten the 
ever-changing encryption that cloaks Skype’s Chinese service. This has allowed him to compile for the first time the 
thousands of terms—such as “Amnesty International” and “Tiananmen”—that prompt Skype in China to 
intercept typed messages and send copies to its computer servers in the country. Some messages are blocked 
altogether. The lists—which are the subject of a presentation Knockel will make on Friday, March 8, at Boston University, 
as well as a paper he’s writing with researchers from the University of Toronto’s Citizen Lab—shed light on the 
monitoring of Internet communications in China. Skype’s videophone-and-texting service there, with nearly 96 million 
users, is known as TOM-Skype, a joint venture formed in 2005 with majority owner Tom Online, a Chinese wireless 
Internet company.

The words that are subject to being monitored, which Knockel updates almost daily on his department’s website, 
range from references to pornography and drugs to politically sensitive terms, including “Human Rights Watch,” 
“Reporters Without Borders,” “BBC News,” and the locations of planned protests. (The system he traced does not 
involve voice calls.) Knockel says his findings expose a conflict between Microsoft’s advocacy of privacy rights and 
its role in surveillance. Microsoft, which bought Skype in 2011, is a founding member of the Global Network Initiative, a 
group that promotes corporate responsibility in online freedom of expression. “I would hope for more,” Knockel says of 
Microsoft. “I would like to get a statement out of them on their social policy regarding whether they approve of what 
TOM-Skype is doing on surveillance.”

On Jan. 24, an international group of activists and rights groups published an open letter to Skype, calling on it to 
disclose its security and privacy practices. Microsoft, when asked for comment on Knockel’s findings and activists’ 
concerns, issued a statement it attributed to an unnamed spokesperson for its Skype unit. “Skype’s mission is to 
break down barriers to communications and enable conversations worldwide,” the statement said. “Skype is 
committed to continued improvement of end user transparency wherever our software is used.” Microsoft’s statement 
also said that “in China, the Skype software is made available through a joint venture with TOM Online. As majority 
partner in the joint venture, TOM has established procedures to meet its obligations under local laws.” Hong Kong-
based Tom Group (2383), the parent of Tom Online, didn’t respond to e-mailed requests for comment for this story. In an 
October 2008 statement addressing TOM-Skype censorship, it said: “As a Chinese company, we adhere to rules and 
regulations in China where we operate our businesses.” China’s Ministry of Foreign Affairs didn’t immediately respond 
to faxed questions seeking comment.

When Internet users in China try to access, they’re diverted to the TOM-Skype site. While the Chinese 
version bears the blue Skype logo—and provides services for online phone calls and text chats—it’s a modified 
version of the program found elsewhere in the world. The surveillance feature in TOM-Skype conducts the monitoring 
directly on a user’s computer, scanning messages for specific words and phrases, Knockel says. When the program finds a 
match, it sends a copy of the offending missive to a TOM-Skype computer server, along with the account’s username, 
time and date of transmission, and whether the message was sent or received by the user, his research shows. 
Whether that information is then shared with the Chinese government wasn’t explored by Knockel—and couldn’t be 
learned from TOM-Skype.

Knockel’s project began in April 2011, when one of his advisers at the University of New Mexico, computer science 
professor Jedidiah Crandall, referred him to a 2008 paper by Nart Villeneuve, a Canadian security researcher. 
Villeneuve had identified Chinese servers that stored TOM-Skype’s flagged messages, yet he couldn’t tell for certain 
which terms had triggered the surveillance. “He didn’t know what the keyword list was,” says Masashi Crete-Nishihata, 
research manager at Citizen Lab in Toronto and an author of the upcoming paper on Knockel’s findings. “What was 
interesting about what Jeff did was grab the keyword list.” To get the words, Knockel downloaded TOM-Skype 
onto his computer and watched how the monitoring worked. Every time he went online, servers in China would 
silently send his machine an updated blacklist that would serve as the surveillance filter on his laptop.