The interception system is implemented on Skype Chinese servers
Canadian human rights defenders from Citizen Lab, together with computer security experts, have found evidence that a global system for monitoring and archiving Skype traffic has been deployed in China. Voice traffic is not analyzed, but all text messages are checked against a list of suspicious words.
The list of “forbidden” words is on Tom Online servers, through which all Tom-Skype traffic passes (this is a localized version of Skype). As soon as such a word is found, the program immediately sends a copy of the message to a separate server for analysis, and can even instantly block traffic from this computer. In addition to the message, all personal information about the user, which only Skype can collect (IP address, account name, etc.), is sent to the server.
As it was possible to find out, the Chinese authorities have at least eight servers available that monitor Skype. To date, they have already accumulated more than a million text messages, each of which contains one or another word from the list of “suspicious” words. In the past two months alone, more than 166,000 new messages from 44,000 users have arrived on the servers.
Human rights hackers managed to get to the “secret” servers, because those were incorrectly configured. As it turned out, in addition to the texts, the following user logs are stored there:
')
Interestingly, the list of “forbidden” words contains not only obvious terms like “democracy” and “freedom of speech”, but also, for example, the words “earthquake” and “dried milk” (these are topical issues on which the Chinese authorities are now criticized opposition parties).
All information Canadian researchers have published in a report (PDF).
The list of “forbidden” words is on Tom Online servers, through which all Tom-Skype traffic passes (this is a localized version of Skype). As soon as such a word is found, the program immediately sends a copy of the message to a separate server for analysis, and can even instantly block traffic from this computer. In addition to the message, all personal information about the user, which only Skype can collect (IP address, account name, etc.), is sent to the server.
As it was possible to find out, the Chinese authorities have at least eight servers available that monitor Skype. To date, they have already accumulated more than a million text messages, each of which contains one or another word from the list of “suspicious” words. In the past two months alone, more than 166,000 new messages from 44,000 users have arrived on the servers.
Human rights hackers managed to get to the “secret” servers, because those were incorrectly configured. As it turned out, in addition to the texts, the following user logs are stored there:
')
Interestingly, the list of “forbidden” words contains not only obvious terms like “democracy” and “freedom of speech”, but also, for example, the words “earthquake” and “dried milk” (these are topical issues on which the Chinese authorities are now criticized opposition parties).
All information Canadian researchers have published in a report (PDF).
Source: https://habr.com/ru/post/41486/
All Articles