Until May 2011, Skype had a legendary reputation of keeping its large user-base private and secure. Prying eyes of various governments could not manage to get through to Skype’s user conversations for intelligence reasons. A 2007 report by V3 voiced complaints from the Germany Policy Forces that they could not spy on Skype calls. Techworld reportedly claimed that the same Germany Police Forces, out of desperation, hired a private company to try and record Skype conversations of its suspects. These series of events prompted Skype to put out a statement via CNET – that they cannot perform wiretaps of its users’ conversations because of its complex P2P architecture.
Nonetheless, things got murky when Microsoft purchased the company for a record fee of $8.5 billion in May 2011. Skype’s long-lasting reputation was then tarnished when Microsoft redesigned its whole infrastructure. Earlier reports by Forbes confirmed that hackers had raised concerns over the redesigned architecture, meaning law-intelligent units could now fetch user conversations. Moreover, Skype issued a statement to ExtremeTech, making bold claims that the restructured architecture had nothing to do with online surveillance as alleged.
Even more recent, various reports have been published voicing security concerns arising since Microsoft took over Skype. Although Microsoft tries to address the reported issues, they’re certainly not any closer to getting a permanent solution.
Why should you avoid using Skype?
Having known the historical logs of the meltdown at Skype over its security and privacy concerns, we took the liberty to look at the reasons why Skype is no longer safe to use.
- Skype is allegedly reluctant to solve its security vulnerability
A recently published report stated that a significant security vulnerability was discovered by a German security researcher known as Stefan Kanthak, and immediately reported to Microsoft. The security issue was found in one of Skype’s installer – which is prone to Dynamic Link Libraries (DLL) attacks.
However, Microsoft has since been reluctant to rectify the security breach simply because the solution will require a restructuring of the whole Skype architecture thereby forcing for a newer version. All this implies that potential attackers can easily get to user information, by simply exploiting the DLL functionalities of the Skype installer.
- Skype can share your data with governments and other companies
Skype will not hesitate to share your personal information upon requests from the government and other third-party companies. Skype undoubtedly made it evident in their law enforcement document which they published back in 2007. Even worse, Skype can still access your IP address session logs, and they will share it with the authorities wittingly – this is as per a 2006 criminal report published by Arstechnica’s Erick Bangeman.
- Skype’s end-to-end encryption of your messages keeps failing
Skype in their published privacy policies, they point out that in efforts to scan for spam and other fraud conversations, they will continuously pry on your messages. Back in the year, 2013 Arstechnica published a reporting warning that user messages were never protected with end-to-end encryption – this was after they conducted a test messaging to send web links and confirmed their suspicions.
However, this issue was recently solved when Skype partnered with Signal to offer its users end-to-end encryption of their data. Although, there have been security breaches reported – most recent being a report by CVE Details which listed that Microsoft’s Skype for Business was greatly affected. In their security log, they explained that there exists remote code execution vulnerability which is caused by failure to sanitize specially crafted content properly.
- Skype is not free software; you should be worried
The fact that Skype is not entirely free software is worrying, even worse many users are not aware of the truth. Skype tends to control its users more than it offers them freedom of use. Many instances have been reportedly published from users complaining about how Skype has mishandled their complaints of unverified charges from their premium accounts. We took notice of a white report published by NNSquad as received from a user complaining how a Skype support agent mishandled him. We are particularly worried about the behavior portrayed by the support agent, who decided to hide behind their updated Terms of Service.