Heise Security noted that messages sent in chat can result in an unannounced visit to Redmond.
After a Skype chat with colleagues, he noticed some unusual network traffic. His server pointed to a possible relay attack.
Heise conducted an experiment. It sent two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service. A few hours after their Skype messages, they observed the following in the server log:
18.104.22.168 – – [30/Apr/2013:19:28:32 +0200]
“HEAD /…/login.html?user=tbtest&password=geheim HTTP/1.1”
The IP address, 22.214.171.124, is controlled by Microsoft. This seems to imply that someone at Skype is following links from its customers and trawling through everything they write.
After the test, Heise also had the strange server conversation with Vole’s servers.
When Heise asked Microsoft about it, redmond said that they were testing hyperlinks to see if they’re safe – in other words, routine malware screening.
Skype referred Heise to a passage from its data protection policy which said that Skype may use automated scanning within Instant Messages and SMS to “(a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links.”
Heise Security said that Microsoft/Skype would not have to look at the contents of a given page to determine whether it’s a phishing site or spam.
This is not the first time that someone has questioned Microsoft’s ownership of Skype. The Electronic Frontier Foundation and Reporters Without Borders fear that Skype could be forced to bend to daft US snooping laws as a result of the take over.
Heise claims that this URL method shows that anyone who uses Skype must agree that Microsoft can use all data transmitted.
The company did not say why the Vole would work in this way, nor could it prove that any data was stored.
Skype was once reknowned for its encryption but privacy minded users sought alternatives, such as the open source Jitsi.