- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
Network World - The Chinese version of Skype contains spyware that searches for blacklisted words and phrases, blocks instant messages that contain them, copies them to servers and captures the rest of IM chats that have been flagged in this way, according to researchers.
This is all done without being disclosed to customers by the Chinese wireless Internet provider TOM Online that distributes the TOM-Skype software client.
The behavior of this software is being refined over time to better track messages about ever-changing politically sensitive topics as well as other categories, according to Jeffrey Knockel, a Ph.D. candidate at the University of New Mexico, the lead author of a research paper about the client and its behavior.
The spying and censorship is carried out with the knowledge of Microsoft, which owns Skype and its peer-to-peer communications software and describes TOM-Skype as "a modified version that follows Chinese regulations."
Knockel and researchers from the University of Toronto are preparing a second paper that analyzes shifts in how TOM-Skype responds when it comes across keywords and phrases and also how changes to the blacklist over time correlate to news events, he says. This analysis may reveal the motivation behind the monitoring, although a breakdown of key words gives a hint.
Analysis so far shows 42.2% of the blocked words are associated with politics or political dissidents (Tiananmen Square, Gao Zhisheng), 5.2% are related to government officials (Zeng Qinghong, Jia Qinglin), and 5.8% have to do with information about spying (contact phone tapping software, undercover software download). Keywords related to news and information sources account for 10.1% (AOL News, Canadian Broadcasting Corporation). 15.2% are associated with prurient interests, and 7% name specific locations (Chun Xi Road McDonald's, Hangzhou Department Store), according to Knockel.
[ INTEGRATION: Microsoft promises stronger ties between Lync, Skype ]
Over time, the software has changed its behavior. Earlier, it blocked messages that contained trigger words and sent copies of those messages to a server. Now more frequently it imposes surveillance on chats that contain the words and sends both ends of the conversations to the servers, he says.
This new approach is less likely to tip off users that they are being observed and to yield more information, Knockel says. "Surveillance-only is much sneakier and harder to detect, and may give them more information about what is going down," he says.
Knockel and his colleagues found that TOM-Skype maintains separate lists of words that trigger blocking and those that trigger surveillance.
The software is also gathering and reporting more information about who is participating in monitored chats. Before it was just the sender's identity, but now it also includes the recipient's, which can help track which users of regular Skype are communicating with TOM-Skype users, he says.