One Comment

  1. It’s actually two diefrfent issues. The program is mainly about conducting traffic analysis, which the most simplistic example would be finding traffic in- or outbound from an IP address known to be used by Al Qaeda. Of course, that would also capture traffic of Americans who simply decided to view an Web site, whether they knew it was Al Qaeda-related or not.Skype traffic is routed, even if peers do the routing, so it can be tracked for purposes of traffic analysis. P2P doesn’t offer any significant advantages, since the traffic travels over backbones known to be monitored by the NSA.Then, the NSA selects traffic of interest for more analysis, which may include decryption, if it is encrypted.The second part of the question is whether the Skype encryption is secure. The answer to that question is a matter of conjecture, but I’d say no. Skype uses a U.S. government-used standard, AES, which has a 256-bit key size, but we have to assume that: a.) The NSA has massive amounts of computational power to crack messsages they select (traffic analysis, per above, lets them apply that computational power more efficiently), and; b.) As a U.S. government-approved code, AES is suspect, because there is always the hubris in government that they can put backdoors in code because only we will know how to use them and, otherwise, the message is secure. That’s the old only the guilty need to worry argument. This has repeatedly proved to be the case with public encryption standards offered by the U.S. government.

Leave a Reply

Your email address will not be published.