Chicago (IL) - After word begin to spread across the Internet yesterday that China was monitoring and filtering conversations in Skype, the company’s president addressed the issue stating that Skype was unaware of any privacy breaches that were affecting their Chinese users.

In an open blog post on the Skype blog, company Josh Silverman stated that the company was not aware that the Tom-Skype software (developed by China-based ISP Tom Online), which is distributed to all China-based users, was logging private chat messages and then storing them on a server that was accessible to the public. "It was our understanding that it was not Tom's protocol to upload and store chat messages with certain keywords," Silverman wrote.

This statement comes after a report published by Toronto University individuals who found that the Tom-Skype chat client had been storing certain text messages and user information on a public server. The data had been encrypted, but the encryption key was left publicly available.

The software seemed to sequester messages that were of a political nature, referencing items such as the Falun Gong spiritual movement, and any opposition to China’s Communist Party. Additionally there were even messages flagged due to the discussion of China’s handling of the earthquake aftermath. Apparently, the computers are also logging details of voice calls that were placed to Tom-Skype users, though they only stored who the call was from and when. No actual voice recordings were found.

Silverman stated that just as any other ISP in China, Tom Online had an obligation to monitor the communications of their customers. However, Skype thought that the Tom-Skype software was only filtering certain words from the chat messages and not actually storing them on a server. Silverman also stated that "We are now inquiring with Tom to find out why the protocol changed."

Tom Online reportedly has corrected the security issue the researchers discovered. "We are currently addressing the wider issue of the uploading and storage of certain messages with Tom," Silverman said.

On Thursday the parent company of Tom Online, Tom Group, stated that they comply with Chinese law and will continue to do so.

no knowledge

Oct 03, 2008 13:53     

yea right. You send anything in china's network, just assume by default it's monitored. End of story.
Andy report abuse vote down vote up Votes: +8

@Andy

Oct 05, 2008 13:13     

Only in "china's network"?? you wish.......................
Q report abuse vote down vote up Votes: -3

To what end?

Oct 05, 2008 13:56     

I'd love to see the list of words being filtered, and the actions taken by their government for communications that spoke against the communist party. I still just don't understand why the Chinese people haven't revolted yet.
Señor Poopenmier report abuse vote down vote up Votes: +0

i thought skype was encrypted?

Oct 06, 2008 17:16     

i remember reading that skype communications were more or less all encrypted, is that not the case? or did the chinese government/tom find a way to man-in-the-middle the thing? i'm not too knowledgeable on computer security, but i thought that would be hard to do? or is it because it's their software?
area51 report abuse vote down vote up Votes: +0