Skype has been a boon for people looking for cheap and easy ways to communicate with people around the world, but it seems the encryption that the software uses has made it impossible for police to tap phone calls between possible terrorists and criminals.

Wire-tapping, or lawful interception, as the authorities prefer to call it, has been around almost as long as the telephone itself. New technology however, particularly VoIP (Voice over Internet Protocol) services such as Skype, has harmed the police’ ability to freely tap in and listen to callers phone conversations.

The Globe & Mail are reporting that Joerg Ziercke, president of Germany’s Federal Police Office (BKA) was speaking at an annual gathering of security and law enforcement officials when he said:

“The encryption with Skype telephone software… creates grave difficulties for us. We can’t decipher it. That’s why we’re talking about source telecommunication surveillance – that is, getting to the source before encryption or after it’s been decrypted.”

According to experts, the reason VoIP software is difficult to intercept stems from the way the data is broken up in to small packets, which are then sent along multiple routes to the other end of the coversation. Traditional calls however maintain a constant circuit between both parties at all times.

Ziercke isn’t asking Skype to divulge encryption keys or allow back door entry for authorities, insisting they are not even talking to Skype about the issues involved:

“There are no discussions with Skype. I don’t think that would help. I don’t think that any provider would go for that.”

Instead, German police are looking at an altogether murkier plan to regain control of the communications sector. The part of Ziercke’s quote about getting to the source before encryption is the scary part, because it refers to controversial plans by German authorities, yet to be legally approved, to develop ‘remote forensic software’, or in simpler terms a ‘law enforcement Trojan’.

This idea has sparked a fierce debate in Germany, amongst both civil liberties groups, and the IT security community.

What do you think? Should there ever be an argument for so called white malware, where Trojan horses and other spyware are allowed because of a greater good?

Related:

Entry was posted on Friday, November 23rd, 2007 at 3:04 pm under Security.

Read more entries by Dave Parrack.
Stumble It!