Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

That Chinese Internet companies censor communications is well known, but a new report from a Canadian computer scientist reveals a new front in their efforts to monitor users online. The study shows that users of TOM-Skype, a Chinese voice and chat service that is compatible with the popular Internet phone system Skype, have been subject to extensive surveillance. To make matters worse, the records of their chat conversations, as well as detailed personal information, were stored insecurely on the Web.

Skype has previously acknowledged that its Chinese partner, TOM Online, blocks chat messages containing certain politically sensitive keywords. The new findings, however, reveal a level of surveillance that goes far beyond this.

Nart Villeneuve, a research fellow at the Citizen Lab at the University of Toronto’s Munk Centre for International Studies, uncovered the surveillance scheme by examining the behavior of the TOM-Skype client application. He used an application called Wireshark, which analyzes traffic sent over a computer network, to see what happens when different words are sent via chat using the software. Villeneuve discovered that an encrypted message was automatically sent by the client over the Internet when some words were entered. Following this encrypted packet across the Net, Villeneuve uncovered a directory of files on an open Web server. Not only was the directory publicly accessible, but the data within it could be unlocked using a password found in the same folder. Within these files were more than a million chat messages dating from August and September 2008.

Villeneuve used machine translation to convert the files he found from Chinese into English, and he analyzed the contents to determine likely trigger words. The list he came up with includes obscenities and politically sensitive words and phrases such as “Falun Gong,” “democracy,” and “Tibet.” But Villeneuve also found evidence that completely innocuous messages–one, for example, contained nothing more than a smiley face–were logged. This suggests that certain users were targeted for monitoring, he says.

6 comments. Share your thoughts »

Credit: Technology Review

Tagged: Communications, Web, security, Internet, China, censorship, communications, Skype, Internet censorship

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me
×

A Place of Inspiration

Understand the technologies that are changing business and driving the new global economy.

September 23-25, 2014
Register »