Friday, November 23, 2012

Police want to covertly eavesdrop (spy) on voice over IP chats.

According to law enforcement agencies, the rising popularity of Internet chat services like Skype has made it difficult to eavesdrop on suspects’ communications. But now a California businessman is weighing in with what he claims is a revolutionary solution—a next-generation surveillance technology designed to covertly intercept online chats and video calls in real time.

Voice over IP (VoIP) chat software allows people to make phone calls over the Internet by converting analog audio signals into digital data packets. Because of the way the packets are sent over the Web, sometimes by a “peer-to-peer” connection, it can be complex and costly for law enforcement agencies to listen in on them. This has previously led some countries, like Ethiopia and Oman, to block VoIP services on “security” grounds. In the United States and Europe, too, VoIP has given authorities a headache. The FBI calls it the “going dark problem” and is pushing for new powers to force internet chat providers to build in secret backdoors to wiretap suspected criminals’ online communications.

Technology companies have rushed to develop new surveillance solutions. Dennis Chang, president of Sun Valley-based VOIP-Pal, obtained a series of patents related to online voice calls earlier this year. Among them is a “legal intercept” technology that Chang says “would allow government agencies to 'silently record' VoIP communications.”

Microsoft has applied for a patent on technology that may let its user secretly intercept Voice over IP (VoIP) communications, amend the content and store it.

The application was filed in December 2009 and was recently made public.

The technology could allow the monitoring of conversations, voice messages and video conferences over a variety of devices, including smartphones, laptops and gaming devices.

The Microsoft patent application, number 20110153809, states data associated with a request to establish a communication is "modified to cause the communication to be established via a path that includes a recording agent."

Such modification may include "adding, changing and/or deleting data within the data."

That modified data is then passed to a protocol entity that uses it to establish a communication session using a path that includes the recording agent, which is "then able to silently record the communication," the application says.

Communications that can be intercepted may be conducted over computers, laptops, set-top boxes, programmable consumer electronics devices, personal digital assistants (PDAs), smartphones, gaming devices, printers, computing devices in automobiles and home media centers, the application states.

With this technology, suspects whom authorities wanted to monitor could be identified through their username and subscriber data. They could also be found, according to the patent, by billing records that associate names and addresses with usernames, making not only calls but “any other data streams such as pure data and/or video or multimedia data” available for interception. Of course, savvy criminals—or citizens worried about privacy intrusions—could probably find a way to circumvent identification by using false subscriber data and by masking their IP address with anonymity tools. But the point is that Chang’s patent would make it much easier than it is currently for authorities to monitor VoIP calls, by fundamentally restructuring the basic architecture of how the calls themselves are routed over the Internet.

Civil liberties and privacy concerns due to increasing levels of surveillance have sparked huge interest in new encrypted communications platforms, deliberately designed to shield users from potential monitoring. So even if governments were able to successfully implement VoIP-Pal’s lawful intercept technology on a countrywide scale, they should expect their would-be targets to find new ways to circumvent surveillance.

No comments: