Microsoft Promises Not To Open Skype To Russian Spooks

Microsoft has backtracked on a suggestion that – once its acquisition of Skype is complete – it would be prepared to open the VoIP service’s encryption algorithms to the Russian security services.

At a press conference on Wednesday, Microsoft’s representative in Russia, Nikolai Pryanishnikov, implied that the company would be prepared to open the popular Internet voice service up to scrutiny by the Federal Security Service (FSB), the successor to the feared KGB of Communist Russia.

Microsoft has shared source code with Russia

Asked a question on that possibility, Pryanishnikov made an ambiguous statement, saying “I would be glad to do it”, pointing out that Microsoft has given the Russian government limited access to Windows source code since 2003, but pointing out that Microsoft cannot do anything with the Skype code until the $8.5 billion acquisition is approved and finalised.

The idea was picked up by Russian news agencies, and denied by Microsoft’s PR department within a few hours, with an explanation that Microsoft shares source code, rather than opening encrypted communications. “The matter was not about the encryption algorithms but about the fact that Microsoft submits to the FSB the source code of its software products for inspection, and that such may be the case with Skype in the future,” should the acquisition of the company be finalied.

The confusion was understandable, as in April, the FSB had proposed tbanning Skype and Gmail because they allow encryption which the authorities would not be able to easily break, claiming that “the uncontrollable use of [these services] could lead to a major threat to Russia’s security”. The idea was quickly abandoned.

In this case, Microsoft explained that Pryanishnikov had been talking about allowing the authorities to inspect code for features which might weaken security.

“Such inspections are necessary for detecting the software’s ‘hidden possibilities,’ such as leaking the encrypted information to a [remote] server owned by a third party,” RIA Novosti quoted Alexander Kovalyov of SecurIT as saying. The FSB has been conducting these inspections since 2002.

In an exchange with Russian business daily Vedomosti, Microsoft also underlined its commitment to protecting personal data, which can be disclosed to state authorities only when based on a court decision.

Skype’s protocols have also been subject to reverse engineering in Russia, where programmer Efim Bushmanov has published a “black-box” version version of the Skype protocols.

Story from East-West Digital News, edited for eWEEK Europe by Peter Judge