The method for detecting those sneaky little eavesdroppers was pretty ingenious though. The researchers sent two urls in their skype messages to each other. The urls pointed to servers that the researchers owned. For all practical reasons these urls were made specifically for the purpose of the test and should not be receiving any traffic from anywhere–unless of course Microsoft was listening.
Then they sat at wait at their servers to see if they received any traffic, and lo’ and behold barely a few hours later they received some rather funky traffic from an IP address registered to Microsoft in Redmond. *busted!*
The urls didn’t just end with the .com, but had sensitive material appended to it (or at least that’s what the researchers made it look like), and Microsoft used the url which meant they had to be eavesdropping on Skype messages and conversations. More importantly these urls were made to look like they held sensitive material, such as bank logins..etc etc, but Microsoft still used it, and worse even visited the sites to see what was on it.
Even more shocking is that Microsoft isn’t even denying the charge–yet, but they point out that they do scan urls once in a while to flag spam, but H-online isn’t buying it.
For more info, check out this brilliant post from them here.
Don’t be surprised folks, if you can’t even trust Jay Leno these days, what makes you think you can trust Microsoft. Reminds me of the time Nokia thought it was a good idea to look at the detailed web browsing habits of their customers–guess what happened then. I’ll give you a hint–the customers weren’t too happy.
Now–here’s a thought. How many foreign leaders do you think use Skype to phone home when their abroad?