I’m a little skittish about that question. I asked Greg, our I.T. guy, to give his opinion. He answered,
– They say they encrypt everything on their American site.
– Many orgs who do communications as a business from inside those areas feel that Skype is their most secure communications channel
– China has its own version of Skype, called Tom-Skype: It’s clearly marked, does not encrypt at least the IM part, and is only downloaded when you download from inside China and don’t use the VPN.” (Thanks Greg)
So my conclusion is — we’d better not totally trust the instant message portion of Skype. It would be more easily filtered, searched, and monitored. And once someone had a bumped-up profile, sensitive lands could possibly choose to listen in on Skype too – and here’s the really weird part: If the listener has a deal worked out with the execs in the national leadership of Skype (e.g., like China), then even if you operated within a VPN, the conversation might not be entirely secure because the listener might be operating from within the circle of security (i.e., from within the Skype firewall). Bottom line: Better not pass out all the family secrets on Skype. Trust a POP3 inside a VPN before you trust Skype. That’s my conclusion.
If your house is bugged, it doesn’t matter if Skype is secure. They can still listen to your conversation. Any cell phone can be hijacked and the microphone engaged remotely without you knowing it. The only safe way to make sure your own cell phone isn’t a listening device is to remove the battery. Can’t do that on an iPhone.
I am told by folks who know that skype is not secure and it should only be used inside your secure VPN
Ps check out our free study environment at http://netbible.org
I am told by folks who know that skype is not secure and it should only be used inside your secure VPN
Ps check out our free study environment at http://netbible.org
/s/ David Austin exec director bible.org
Skype is encrypted, but not necessarily secure, because the company may share the “keys” with anyone they wish (including “unfriendly” governments). As a user, you can’t trust it for sensitive communications. If Skype is your only avenue of communication, the most secure way to do it is carry on a “normal” conversation in a video chat, while passing sensitive information using sign language.
Using sign language in video chat in interesting. Thanks for that tip.
If you talk on Skype, your voice is audible and a bug in your house could transmit your conversation via another channel (like radio). So it wouldn’t matter if you were using Skype on a secure VPN.
the NSA recently offered up billions to anyone or team that could crack the Skype Encryption…
http://www.theregister.co.uk/2009/02/12/nsa_offers_billions_for_skype_pwnage/
http://www.zdnet.com/blog/ip-telephony/expert-skype-calls-nearly-impossible-for-nsa-to-intercept/919
Wow Damon. That’s actually a very cool find. Even if NSA succeeds, history says we might actually never know, nor is it relevant. Because they aren’t filtering for the kinds of messages that church-going people send/receive. :-) So this is very good news.
If Skype gives someone the keys, they don’t have to crack the encryption.
http://en.wikipedia.org/wiki/Skype_security#Flaws_and_potential_flaws