Silk Road forums
Discussion => Security => Topic started by: vlad1m1r on April 13, 2012, 08:26 pm
-
It's true that no true privacy aficionado would be caught dead making calls over VOIP.
Skype in particular has been proven to be vulnerable to call interception and the German Police have admitted to listening in on conversations but occasionally I do encounter clients who insist on having a conversation via the internet to talk business. This is particularly common amongst older clients who are less comfortable with computers.
One solution is to encrypt your calls using Public Key cryptography in a similar way to how we encrypt messages and e-mails using PGP on SR.
A friend of mine has written an excellent and easy to follow step by step guide on how to secure your calls through a procedure known as SSH Tunneling to do just this using my favourite SSH service "Shellmix":
https://hassoon3.wordpress.com/2011/08/06/tunneling-skype-through-ssh-using-shellmix/
There's also a video tutorial if like me you grow bored with written instructions.
A few words to the wise. Firstly if you want an end to end secure conversation, both you and the person you want to speak to must channel your calls through an encrypted tunnel as outlined above.
Secondly Skype is quite aggressive about how it connects to the internet and so may try to connect directly using the old, unsecure method. The above page shows hows to tinker with your Firewall rules to stop this from happening.
Finally, this type of encryption doesn't give you deniability in that it may still be possible to prove your Skype software made a call to another Skype user. It just makes sure the contents of the call won't be retrieved.
If you use the chat feature bear in mind that the text will be encrypted during the conversation but may be backed up locally in plain text and even archived on Skype's servers. Ditto file transfers. Use at your own risk!
V.