NSA offering 'billions' for Skype eavesdrop solution

This can only mean that they have already broken the Skype encryption - and want their opponents to use it.

Heise reported last year that the Austrian police is able to listen in on Skype connections. Neither Austria nor Skype confirmed or denied the story back then.<p><a href="http://www.heise.de/english/newsticker/news/113353" rel="nofollow">http://www.heise.de/english/newsticker/news/113353</a>

Related: <a href="http://zfoneproject.com/faq.html" rel="nofollow">http://zfoneproject.com/faq.html</a> (from the creator of PGP software)

I don't think the encryption issue is the big problem. I am sure skype's codec has been hacked already. The p2p issue could be addressed by just placing giant routers in isp's like the US did at the telcos. The bigger problem would be transcribing a million streams at once. Also, transcribing arabic words. Thats probably what they are mostly interested in.<p>There are good acoustic models for english but I doubt there are for arabic. Even if there were, the processing power requirement would be insane. I doubt amazon EC could handle a million streams at once even if they used smaller grammars focusing on suspicious words.

That's bizarre, considering Skype already has built-in hooks for the police force to use

Offering "billions" sounds a bit ridiculous. Wouldn't you start with a couple million and see if there are any contenders before you break out the big blank check? Something's fishy...

By its very nature, eavesdropping on P2P is a tough. How do you monitor all the packets that are routed through different paths? The only way would be Deep Packet Inspection. But again the packets are encrypted with 128 bit key. So even if you get the packets, you'll have a tough time decrypting it.<p>The Skype binary also is heavily obfuscated. It wont even run if a ring 0 debugger is on your system.<p>It definitely deserves a billion dollar bounty.

In other news, Google is launching a free phone service called Google Voice. Perhaps this is their monetization strategy.

Iam not sure if NSA is serious about the money. However, iam sure NSA can force skype to provide them with the encryption algorithm for wiretapping. So instead of spending billions of money on third-party vendor, they might as well can work with skype. My 2 cents

The Register on Cryptography and Security is always a good laugh.

Does anyone here actually believe that the NSA would pay billions to crack the protocol for an app that runs primarily on Windows machines?

this sounds like a diversion - it doesn't address what would seem to be a much larger problem of knowing which conversations are worth listening to. also wouldn't help establish the context of the conversation/decode its actual meaning.

Doesn't Skype make money(as in profit not just revenue)?

You only need to read a few books on the history of spying to know GCHQ, NSA et al have repeatedly made major technological breakthroughs and kept them hushed up to exploit a new edge over their adversaries. You wouldn't expect them to say Skype was easily compromised, would you? They would say the opposite.