Search Mailing List Archives
[liberationtech] NYT: For Syria’s Rebel Movement, Skype Is a Useful and Increasingly Dangerous Tool
liberationtech at lewman.us
liberationtech at lewman.us
Tue Dec 4 15:10:54 PST 2012
On Tue, 04 Dec 2012 14:13:23 -0700
<frank at journalistsecurity.net> wrote:
> Quotes CL and EFF's Eva on risks. Main news here that sticks out for
> me is that Syrian activists largely seem aware of the risks, yet many
> are still using Skype due to a lack of alternatives.
Syrian activists aren't much different than activists anywhere else in
the world. The ones with which we've worked are activists first,
technologists second/third/fourth. They don't go through an evaluative
process upfront. They use what technology their friends use.
> “I saw this incident right in front of my eyes,” Mohamed said. “We
> put his info on Skype so he was arrested and killed.”
> In August, an activist named Baraa al-Boushi was killed during
> shelling in Damascus. Activists later circulated a report saying that
> a Saudi Arabian claiming to support the revolution was actually a
> government informant who determined Mr. Boushi’s location after a long
> conversation on Skype.
Stories like this are powerful, but make me ask lots of questions and
to go find evidence. At tor, we ran into this problem when working with
southeast asian activists. They used skype, believed it was encrypted,
and therefore they were safe. They did zero vetting of other activists,
and they completely ignored the fact that government agents were
sitting across the street with parabolic microphones recording the
conversations. Skype is not going to solve the problem of moles and out
of band recording.
> A Skype spokesman, Chaim Haas, said calls via the service between
> computers, smartphones and other mobile devices are automatically
> encrypted. But just like e-mail and instant messaging can be
> compromised by spyware and Trojan horses, so can Skype.
> “They’re listening to the conversation before it gets encrypted,”
> Mr. Haas said. “That has nothing to do with Skype at all.”
Mr. Haas is likely correct here. There are technicalities of some
phones disabling encryption in calls because the either the phone
operating system or the cpu cannot handle skype's encryption routines.
However, for the most part, skype uses some sort of variable voice
encoding with encryption.
However, if the govt is infecting people with spyware, then no matter
which technology is used, the activist has already lost. If you cannot
trust your laptop/desktop/phone, then no application on it is going to
make it safe. Using a livesystem (such as tails, liberte, or any number
of linux/bsd livecds) is going to help, but only if you can assess risk
correctly. Knowing about installed hardware keyloggers, ram snapshot
devices, gps trackers, imsi catchers, covert audio/video recording
devices in the area, etc will help you make better risk assessments.
This is as true in Syria as it is in Germany.
However, all of this knowledge takes time to accumulate, internalize,
and practice. There is no app for that.
More information about the liberationtech