Skype used a huge behind-the-scenes change in VoIP service architecture to add messaging monitoring systems, insiders claim, following Microsoft’s acquisition of the company in 2011. According to the industry officials speaking to the Washington Post, the installation of server-based supernodes – hubs through which Skype traffic is routed to improve uptime and reliability as the service gains traction – has had the side-effect of making instant messaging conversations more easily tracked, much to the delight of the FBI and other law-enforcement organizations.
Supernodes are the numerous hubs through which networks of Skype traffic are routed, and were shifted into data centers in recent months after calamitous periods of service downtime. Previously, Skype communication was routed direct from computer to computer; some computers also became supernodes, acting as directory services to help route calls and messages around the dynamically-changing network.
Skype decided, however, to end this system and move the supernodes to dedicated servers. In the process, however, it also apparently gained greater ability to monitor text conversations that passed through them. Voice and video calls, meanwhile, are not routed through supernode servers.
Microsoft dealt with the recent security concerns with “tremendous sensitivity and a canny awareness of what the issues would be,” an industry official familiar with the company’s plans told the newspaper on condition of anonymity. That built upon Microsoft’s “long track record of working successfully with law enforcement here and internationally.”
Personal information, such as credit card data, can also be shared with law enforcement, it’s said, though logs of that and instant messaging chat are only kept for thirty days. Neither Skype nor Microsoft would comment publicly on the idea of a “backdoor” to the service, only confirming that they would cooperate with law officials in as much as it was possible.
The presence of a “backdoor” has been wrongly cited in recent months in the high-profile Megaupload case, where a crack in the VoIP service was for a while believed to have been used to track conversations between Kim DotCom and his team. However, it was later indicated that the FBI had instead loaded a spyware tool onto the Megaupload team’s systems that allowed it to store keylogs and other data.