It turns out that Microsoft is browsing messages exchanged between users of Skype

ByCesarastudillo

Besides allowing free voice communication between users, it also has the function of instant messenger and file transferSkypeHowever, it became clear that the instant message (IM) exchanged by Skype is seen by Microsoft's subsidiary.

Be careful when Skype - Microsoft reads | H Security
http://www.heise.de/security/meldung/Vorsicht-beim-Skypen-Microsoft-liest-mit-1857620.html

This is a German news siteHigh Security · SecurityThings revealed. The origin of the thing was reporting to Hythe Security that one reader discovered unrest network traffic in IM that he exchanged on Skype. As a result of the investigation, it turned out that there was access from Microsoft's IP address for the URL which started with Skype's IM sent with HTTPS.

Having suspected this fact suspiciously, Heis Security decided to send two URLs in Skype's instant message and test what happens. Of the two URLs sent in this test, one was a URL containing login information, and the other was a URL indicating a personal account of cloud file sharing service.

By* Saxon *

A few hours after sending the test message with Skype, HIGS Security found the following logs on the server.

65.52.100.214 - - [30 / Apr / 2013: 19: 28: 32 + 0200]
"HEAD /.../login.html?user=tbtest&password=geheim HTTP / 1.1"

From the logs left on the server, to the two URLs sent in the test,Redmond, Washington StateIt was found that there was access from Microsoft's IP address at. Also, when Microsoft accessed two sitesLogin informationandURL created for personal use of cloud file sharing serviceI also found out that I was using.

Heis Security asked Skype for opinions on this test result,Skype Privacy PolicyI got a message like the one quoted from the following.

Skype uses an automatic scanner within instant messaging and SMS to identify (a) a suspected spam message, or (b) a URL that was previously warned as being spam, fraud, or phishing link You must to do something before you go on. In limited circumstances Skype may capture instant messages or SMS and check the content manually as part of spam prevention measures. Skype, in its sole discretion, may block messages suspected of spam or prevent delivery, and may remove suspicious links from those messages.

According to the above privacy policy, Skype will check IM and SMS exchanged on Skype to identify spam and phishing links. Normally spam and phishing links are found in URLs that contain HTTP, not HTTPS URLs. However, it is also clear that Skype has never accessed URLs that contain HTTP, which is more likely to contain spam and phishing links.

Also, the survey found Skype is not sending a GET request to retrieve the resource of the specified URL, but also sends a HEAD request to the server to receive only the HTTP header. According to Hyth Security, if Skype really wants to discover spam and phishing links, it should have sent a GET request to the server that can check the content of the site, so Skype's explanation is totally against the facts about.

By@ Yakobusan Jakob Montrasio Meng ‧ Ke

In January this year, we sent an open letter on the safety of communication on Skype to Microsoft, which the citizenship movement campaign group acquired Skype. In the background of sending the letter of acceptance, Skype says that government agencies and secret services should allow Skype to access from the impact acquired by MicrosoftElectronic Frontier FoundationWhenReporters Without BordersIt seems there was concern.

Finally, Skype users firmly understand that Skype users are browsing messages exchanged between users, and that they do not disclose what they do with the information Microsoft collected from users I insist that I should think about it.