In blog posts published earlier this week, the civil liberties group first took aim at Skype for ambiguity over encryption before revealing that internet service providers (ISPs) in the US and Thailand are “actively removing” encryption from customer data sent to email servers.
The EFF last week launched its Secure Messaging Scorecard which looked at which applications best protect messages by encrypting the message (at rest and in transit), verifying identities and reviewing and auditing code.
One of the main debates to come out of the review, however, was whether Skype's VoIP software uses end-to-end encryption so that the provider – which is now Microsoft following the £5 billion acquisition in 2011 - cannot read communications.
The group said that Skype launched back in 2003 on the secure P2P codebase and had emerged as one of the few communications software to encrypt users VoIP communications by default.
“Not only was the encryption present by default, but it operated end-to-end so that under normal circumstances, Skype would lack the keys to decrypt calls between its users,” the group said.
There was a caveat however, as earlier analysis from EFF showed that this protection was limited as Skype tells each client the public key to use for each other user. This can lead onto the spread of false keys, as well as man-in-the-middle (MiTM) or impersonation attacks.
Microsoft says of Skype encryption: “…For Skype your key is your Skype Name and password, hence the criticality of keeping that safe. Skype uses well-known standards-based encryption algorithms to protect Skype users' communications from falling into the hands of hackers and criminals.”
EFF's scorecard scores systems on whether they deploy ‘end-to-end' encryption so that the provider can't read communications, or whether they simply offer ‘some method of protection' against false keys and MiTM attacks, but where you get a check for ‘can verify your contacts' identities'.
In the case of Skype however, EFF - citing Snowden's leaks that revealed Microsoft could access Skype text, video and voice - questioned on if/how the firm's encryption could be compromised: “Was it a break against the RC4 cipher Skype used? Was it a method for compelling Microsoft to issue false keys to selected Skype users? Or was it some other flaw in the traditional Skype client?”
The issue is complicated somewhat but Microsoft moving Skype from RC4 to a new protocol which might give “Microsoft more visibility into Skype calls and /or messages.”
EFF says that it gave Skype ‘tentative credit' for end-to-end encryption but not for verifying contacts' identity.
“We did not give Skype credit in the third criterion – an ability to verify contacts' identity. We hypothesised that Skype may still have end-to-end encryption, though it certainly doesn't protect against man-in-the-middle attacks, and we asked Microsoft whether that analysis was accurate. Microsoft initially told us they would provide a prompt response, asked to schedule a meeting, but failed to do so before our launch deadline.
"We've determined that our tentative award of a check mark for Skype in the second column (encrypted so the provider can't read it) of the Scorecard was premature. In projects such as this, we must sometimes rely on statements from providers where we are not in a position to technically evaluate their veracity. In the case of Skype, we can't tell whether Skype lacks end-to-end encryption, or if it includes an implementation of end-to-end encryption that Microsoft is able to silently compromise in certain circumstances.”
Chris Boyd, a security researcher at Malwarebytes, said in an email to SCMagazineUK.com that Skype's situation should be noted by activists and others using the service for sensitive conversations.
"The EFF's caution in relation to Skype should be of note to activists and anybody using the service for particularly sensitive conversations. Having said that, there is no way to guarantee 100 percent privacy and every communication online carries an element of risk. It remains to be seen if this news generates fresh interest in some of the open source alternatives currently available."
One day later, the civil liberties group claimed that ISPs in the US and Thailand have been intercepting customer data to strip out STARTTLS encryption.
STARTLLS – which has been adopted by Twitter, Yahoo and Facebook this year - is used by email software to request encryption during the process of talking to another server or client but without it email is sent unencrypted and in clear text.
"By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted," explained EFF technologist Jacob Hoffman-Andrews.
He added: "It is important that ISPs immediately stop this unauthorised removal of their customers' security measures. ISPs act as trusted gateways to the global internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using. It is a double violation when such modification disables security measures their customers use to protect themselves."Simon Beattie, network security specialist at pentesting firm, RandomStorm, added in an email to SC: “ISPs began removing the STARTTLS flags from customer web requests as a way of combatting spam. However, this results in the web server sending unencrypted email, so for any organisation that may be sending sensitive information, such as a mortgage broker or healthcare provider, this could create unforeseen privacy issues for their customers.
"Most organisations that have a requirement to send sensitive information electronically will use internal email servers to ensure that messages are encrypted end-to-end. The stripping of STARTTLS flags is mainly a consumer privacy issue and, in the long-term, I foresee that vendors will step into the gap and offer solutions to enable consumers to apply their own encryption to their messages, rather than relying on their ISP to provide this."