Almost confirmed that Microsoft censors Skype messages stealthily


By@ Doug 88888

German news siteHigh Security · SecurityRevealed byMicrosoft was browsing IM for SkypeOne Internet user, Adam, who was disappointed in one thing saying that it was disappointing in one case, confirmed that Skype 's IM is censored by Microsoft in a way that it can be more certainly discriminated, unlike the method used by Hyth Security.

[Cryptography] skype backdoor confirmation
http://lists.randombit.net/pipermail/cryptography/2013-May/004224.html

Adam's tests were first tested by file name search engine, so that it will never be displayed as a search result so long that randomly generated file namePHPSet up. Make this PHP automatically jump to a specific pageMeta refreshI set it to jump to the malware site by incorporating the tag and clicking PHP. Also,ArgsAlso create HTML that does not contain refresh tags. For PHP? User = foo & amp; password = barTransfer user name and password via. Adam sent two links of PHP and HTML that I created to my friend Ian Grigg at Skype's IM. Please do not click on the link sent to Mr. Grig absolutely! I was told that the message was also sent.

45 minutes after Adam sent a link to Mr. Grigg at IM of Skype, the following HEAD requestApache HTTP ServerIt was confirmed in.

65/16 / May / 2013: 13: 14: 03 - 0400] "HEAD / CuArhuk 2 veg 1 oOtiTofAryib 7 CAjVisBeb 8. Html HTTP / 1.1" 200 -
65 / / 16 / May / 2013: 14: 0 8: 52 - 0400] "HEAD / CuArhuk 2 veg 1 oOtiTofAyarrUg 5blettOlyurc 7. Php?user=foo&pass=yeahright HTTP / 1.1" 200 -


Apache HTTP ServerThe meaning of the two logs confirmed in the above means that someone just accessed the link which should have known only Adam and Mr. Grigg just set up. Besides, since the link is longer than random generated randomly, no one knows that unless Adam and Mr. Grigg's IM are read. Who accessed it?HEAD requestIt is possible to distinguish from the IP address included in. The IP address of the logs left in Apache HTTP Server in this testRedmond, Washington StateIndicates Microsoft at65.52.100.214was.

ByAmit Chattopadhyay

It is 99% certain that Microsoft is watching Skype IM from this test conducted by Adam. According to Adam, if you are concerned about using Skype, you can operate on Mac OS X and link with SkypeAdiumIt can be substituted by another IM service such as.

in Note, Posted by darkhorse_log