Surveillance of Skype Messages in China

The New York Times reported that a group of Canadian human right activist and a computer security researcher has discovered a surveillance system that monitors and archives web text messages and conversations. It is triggered when the conversation includes politically charged words. Researchers in Citizen Lab at the University of Toronto uncovered hundreds of message records after they decrypted the messages. Example words are “communist”, “quit the party”, “democracy”, “Tibet”, “Tiananmen” “SARS”, “Taiwan Independence”, and “milk powder”.

Media Monitoring Controvery
This new discovery again highlights the controversy of media monitoring by the Chinese government. The Chinese government filters out websites, images, stories from the web and makes them inaccessible through search engines. The most notorious was the removal of Tiananmen Square related information. The most recent controversy involved the accusation of the Chinese Gymnastic team being underaged. Hundreds of blog posts with screenshots of records of the Chinese Gymnastic team that was found through Internet research appeared on the web, but soon after each of the online records would mysteriously disappear. The investigation was recently dropped due to the lack of evidence.


Researchers in China have estimated 30,000 or more Internet Police monitors online information. This is also known as “Golden Shield Project” or the “Great Firewall of China”. The conversation captured also include words such as “earthquake” and “milk powder” as Chinese officials are facing criticism for the way they handled the earthquake relief as well as the chemicals found in milk powder.

Filtering System
These filtering system not only record who sent the messagew, but it often acts as a direct filter, blocking the conversation from ever getting to the server. It stops the transmission, copies the message and records the user’s information. In this case, Skype messages and Skype caller identification were both recorded. The voice calls were not recorded. In the past two months these servers recorded 166,000+ messages according to a report from the Information Warfare Monitor. These messages were discovered because the computers were improperly configured, leaving them accessible.

Skype executives had made a public statement in 2006 that the conversations were protected and private after it was discovered Skype had a content filtering system.

How was it done?
Nart Villeneuve, a senior researcher at Citizen Lab was using an analysis tool to monitor the data generated by the Skype software. He discovered that messages with particular swear words triggered an encrypted message to be sent to an unidentified internet address. He discovered it was stored on Tom Online computers (Tom Group created a joint venture with Ebay who owns Skype). He also discovered the computers were improperly configured so the directories were readable through his web browser.

He decrypted one such directory and found thousands of captured records that were stored by a filtering software. After translating the Chinese messages into English, he simply used at word frequency counts to identify the words triggering the filter.

Thoughts? Comment below!

You may also like

2 Comments

  1. I also believe in having every unit properly secured and watching each model, as an alternative to only monitoring holistically on the web, and after that reacting in a short enough time period for remediation.

Leave a Reply

Your email address will not be published. Required fields are marked *