dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3522
share rss forum feed

DanteX

join:2010-09-09
kudos:1

OPENVPN and SKYPE

Since there are now theories that Skype has a backdoor and the user to user encryption can be tapped bu authorities, is it possible to block such attempts by using sky over a private encrypted VPN ?



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5

So what are you trying to hide?


cptmikey

join:2013-02-14
Annapolis, MD
reply to DanteX

Yes you can use skype over a VPN, at least over our VPN (portdefender.net) but I don't recommend it. There are many alternatives to Skype. One of those might be a simpler answer. Check out »gigaom.com/2011/05/10/9-great-al···eo-chat/ Maybe you'll find something useful.


HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to DanteX

If you're tunneling skype over a VPN with strong encryption (AES128 / SHA1 minimum) that should
scramble the data well enough no certain 3-letter agencies can recover the call. Just keep in mind
both ends of your VPN tunnel HAVE to be trusted as once skype leaves that encrypted tunnel, its no longer
encrypted by the VPN.

Regards



Rexter
YeeHaw

join:2002-11-17
cloud 9
reply to DanteX

If your concern is the security of Skype a VPN tunnel will not help you. You cannot tunnel around "Skype central" where the potential leak is, and still use Skype. Time to look for a new VIOP solution bud.
--
I'm with the Central Government. I'm here to help you. Now bend over, really, I'm helping you, just, just stay still. You'll feel better in a moment.


DanteX

join:2010-09-09
kudos:1
reply to Anav

SO Because I value my privacy means I must be hiding something? How about I come by and rummage through your mail? After all you have nothing to hide right?

Thanks for all the replies I thought tunneling around Skype would not defeat Skypenet. Was just something I was curious about thats all.



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5

Well there is security and then paranoia. Sometimes its a fine line and you will note I removed the third leg of criminal activity.
Most security issues are from within and own doing not external tampering of well managed and secure processes. For example I can do the best I can but if my signif other clicks away mindlessly on the computer sooner or later sheite will happen. Child x, comes home with an app on a USB stick that they want to load up....... need I say more. Using skype from a clean computer and a solid password is the least of your worries but hey each to his own. Stress yourself out!!

By the way If I was a 3 letter org in the US, I would run as many VPN third party programs as possible. Why make it hard on yourself when those most likely to have something to hide come to you for assistance LOL.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment



Rexter
YeeHaw

join:2002-11-17
cloud 9

There is never something wrong with asking the question; and concerns about privacy are not un-warranted. Each person must decide how much trouble, and expense they are willing to bare in the name of privacy/security. People ask questions such as this, in order to gather information so that such a decision can be made intelligently. It always disappoints me to see people labeled, and called names for merely asking a question.
--
I'm with the Central Government. I'm here to help you. Now bend over, really, I'm helping you, just, just stay still. You'll feel better in a moment.



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5

Your byline explains your position but concur I was too harsh.
If the Op wants to pursue his intent far be it from me to block. I was just pointing out that skype is less of a security concern than many other networking related activities-entities. Heck people complain about privacy but think nothing of using their Grocery Card or Airmile Card which gives up all their shopping habits.

So the question I have is.......
a. Since Skype traffic passes through skype servers, how do the VPN packets get treated at the skype server. If there are bits the server needs to read, can it do this through a VPN protected packet??

My understanding was that skype already encrypts the data. Which begs the further question, do they encrypt the transmission bits and the data bits and unencrypt the transmission bits at the server for forwarding onto the recipient etc etc...... or just the data??
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment



Rexter
YeeHaw

join:2002-11-17
cloud 9

said by Anav:

Your byline explains your position

Yes.

said by Anav:

So the question I have is.......
a. Since Skype traffic passes through skype servers, how do the VPN packets get treated at the skype server. If there are bits the server needs to read, can it do this through a VPN protected packet??

His question was generalistic, and shows a lack of knowledge about VPN functionality. It struck me as a question of fleeting thought. Perhaps he's moved on to thinking about that Grocery Store rewards card by now.
--
I'm with the Central Government. I'm here to help you. Now bend over, really, I'm helping you, just, just stay still. You'll feel better in a moment.

DanteX

join:2010-09-09
kudos:1

1 edit

LOL If i wrap the card in tinfoil then swipe it will I be protected? LOL I kid and yes the question could have been more then a simple generalization.

Say you have a encrypted VPNtunnel whith three points

A Skypcommand B

The VPN encrypts the data right so all SKypecommand would see are encrypted packets but is that enough thats the question



Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5
reply to DanteX

All Skype-to-Skype voice, video, and instant message conversations are encrypted. This protects you from potential eavesdropping by malicious users.

If you make a call from Skype to mobile and landline phones, the part of your call that takes place over the PSTN is not encrypted.

For example, in the case of conference calls involving two users on Skype-to-Skype and one user on PSTN, then the PSTN part is not encrypted, but the Skype-to-Skype portion is.

Voice messages are encrypted in the same way as Skype calls and instant messages are encrypted. However, after you have listened to a voice message, it is transferred from our servers to your local machine, where it is stored as an unencrypted file.

Skype uses the AES (Advanced Encryption Standard*), also known as Rijndael, which is used by the US Government to protect sensitive information, and Skype uses the maximum 256-bit encryption. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates.


When you sign into your account on our site all the information is sent over SSL. SSL encrypts all the information before it leaves your computer and can only be decrypted by our server. This is the technology in place on, for example, your online banking site or when you make a payment on an e-commerce website. When you sign in via Skype itself your information is also encrypted and kept safe from malicious third parties.

Skype also uses a technology called digital certificates to provide further assurance that you are in conversation with whom you think you are. Everyone using Skype is issued this digital certificate and it forms part of the protection that is provided to ensure that your Skype account can only be used by you and help to ensure that third parties can't impersonate you. Remember, this identity is protected by your Skype Name and password.


An interesting alternative perhaps to consider.....
»jitsi.org/

A method of using skype and an additional encryption application
»null-byte.wonderhowto.com/how-to···0131804/

This one looks a tad nebulous
»www.cryptochat4.com/skype/default.aspx

If your going to create a VPN tunnel then create the tunnel to talk to your other party directly, its secure and private, no need for another third party app. Even if you could setup a vpn tunnel or use a third party vpn provider, it means all your contacts will have to subscribe as well.

Personally after a bit of research due to the required access of skype servers, it is probably not possible to router skype through a vpn tunnel from one user to another.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment



Rexter
YeeHaw

join:2002-11-17
cloud 9
reply to Rexter

If you call is handled by Skype is is subject to monitoring. Subject to monitoring, just like the phone on your desk, wall, and the phone in your pocket.

Microsoft has obtained a patent for specifically intercepting Skype conversations. This is their application 20110153809 called "Legal Intercept." And in the abstract at the top of it, it said - I'm reading now from this: "Aspects of the subject matter described herein relate to silently recording communications. In aspects, data associated with a request to establish a communication is modified to cause the communication to be established via a path that includes a recording agent. Modification may include, for example, adding, changing, and/or deleting data within the data. The data as modified is then passed to a protocol entity" - this is all patent speak - "that uses the data to establish a communication session. Because of the way in which the data has been modified, the protocol entity selects a path that includes the recording agent. The recording agent is then able to silently record the communication."
~Steve Gibson GRC.com

Microsoft Patent Application for Skype back-door technology:
»appft1.uspto.gov/netacgi/nph-Par···10153809

Don't get me wrong. I'm not pointing this out to make a big deal about it, just to illustrate my answer to your original question.
" is it possible to block such attempts by using sky over a private encrypted VPN ?
The answer is simply "NO"
--
I'm with the Central Government. I'm here to help you. Now bend over, really, I'm helping you, just, just stay still. You'll feel better in a moment.


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5

Nice quote!, Before Skype could know who you were contacting and it seems they are now getting at the content too.
I guess I better stop my illegal love notes to Rexter over skype