Oct 02 2008
The WSJ – China Journal blog covered a recent report (pdf) by Nart Villeneuve of the Citizen lab that details some very interesting findings about PRC government monitoring of “Tom-Skype“, the Chinese localized version of Skype.
It probably isn’t suprising to anyone that Tom-Skype is being monitored. “Breaching Trust” details the process by which conversations with matching keywords are uploaded to a webserver. The suprising bit is that the server is pretty much accessible to anyone. From the report:
The full text chat messages of TOM-Skype users, along with Skype users who have
communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and
if present, the resulting data are uploaded and stored on servers in China.
These text messages, along with millions of records containing personal information, are
stored on insecure publicly-accessible web servers together with the encryption key required to
decrypt the data.
Update (2 Oct 08, 1617GMT): Some other news organizations have picked this up:
11 Responses to “Detailed report on PRC.gov monitoring Tom-Skype”