Friday, June 21, 2013

Project Chess: Skype’s secret program aimed at making calls readily available to intelligence agencies

Skype provides a "backdoor" for government employees access to everything on your computer and every keyboard stroke

Project Chess: Skype’s secret program aimed at making calls readily available to intelligence agencies

 
(Image credit: Spinstah/Flickr)

In yet another instance of a report indicating that tech giants worked directly with intelligence agencies to enable government surveillance, it is now being reported that Skype began a secret program called Project Chess to enable intelligence agencies and law enforcement to easily get a hold of calls.

This comes after it was revealed that Skype was part of the massive National Security Agency (NSA) surveillance program known as PRISM

The latest revelation about Skype’s secret program is quite interesting given the controversy surrounding the privacy and security of Skype. Indeed, the NSA leaks hinted that Microsoft may have lied about the security of Skype, though many suspicions were raised last year after they filed for a patent for “legal intercept” technology.
 
According to a New York Times report citing people briefed on the program, Project Chess was limited to less than a dozen people inside Skype and focused on exploring both the legal and technical issues in making Skype calls readily available to individuals in the intelligence and law enforcement communities.
 
The report also details the close relationship between Internet giants and the NSA. Max Kelly, former chief security officer for Facebook, for example, left the company in 2010 in order to join the NSA.
Silicon Valley companies work closely with the NSA because it is a mutually beneficial relationship. The Internet giants have the data the NSA wants along with the data analytics tools they need while the NSA has an unknown amount of money to spend.
 
Precise numbers for the NSA budget are impossible to maintain given that the budget is classified.
However, Steven Aftergood, director of the Federation of American Scientists’ government secrecy program, told CNN that he thinks about $10 billion go to the NSA.
 
Former White House budget official for national security Gordon Adams, on the other hand, said he wouldn’t be surprised if the NSA’s resources exceed $20 billion per year.
 
It’s hardly surprising that tech companies would want to work with such a massive, powerful agency. If the New York Times report is correct, they’re doing precisely that.
 
Project Chess reportedly began around five years ago, even before the majority of the company was sold by eBay to outside investors in 2009. Skype was then purchased by Microsoft in a deal valued at $8.5 billion which was completed in October 2011.
 
The project was developed as the company had “contentious talks with the government over legal issues,” according to one person briefed on the project.
 
Interestingly, it seems that when a Skype executive stated last year that recent changes in the operation of Skype were not made at the request of Microsoft in order to make government spying easier, they were actually being truthful.
 
That is because the PRISM documents leaked by Edward Snowden showed that Skype joined the program on Feb. 6, 2011, before Microsoft even took over the company.
 
It’s important to note that Microsoft will no longer affirm statements made by Skype back in 2008 indicating that Skype calls couldn’t be wiretapped.
 
Unsurprisingly, Frank Shaw, a Microsoft spokesman, declined comment to the Times.
Yet, as Ryan Gallagher pointed out, Skype did attempt to alleviate surveillance fears in March of this year by releasing a transparency report that claimed the company did not hand over any Skype communications content to any agency anywhere in the world.
 
“Now, though, the disclosures about PRISM and Project Chess appear to flagrantly discredit Microsoft’s Skype eavesdropping denials,” Gallagher noted.
 
“While publicly portraying Skype chats as beyond government intrusion, the company was apparently working to grant U.S. authorities covert access to them,” he wrote.
 
Ultimately, “the recent revelations illustrate that you can never be too skeptical, and that blindly trusting large U.S. companies’ public relations claims is unwise in an age of gag orders and secret surveillance programs,” according to Gallagher.
 
The NSA’s reach extends into the hacker community, as I recently highlighted in pointing out that NSA director and chief of the Pentagon’s Cyber Command Gen. Keith Alexander will be giving the keynote speech at the upcoming Black Hat Conference.
 
Alexander also showed up at Defcon, one of the largest hacker conferences in the world, last year to recruit hackers for the NSA.
 
“They’re very open about their interest in recruiting from the hacker community,” Jennifer Granick, director of civil liberties at the Stanford Law School’s Center for Internet and Society, said to the Times.
 
They also work with people like career Air Force intelligence officer and former director of the NSA Kenneth Minihan, who is now managing director of Paladin Capital Group. After he retired, Minihan also ran the NSA’s outside professional networking organization.
 
Paladin is a Washington, D.C.-based venture capital firm which, according to the Times, “in part specializes in financing start-ups that offer high-tech solutions for the N.S.A. and other intelligence agencies.”
 
Richard Schaeffer Jr., a former NSA executive, also sites on the strategic advisory board of Paladin.
This makes Minihan essentially an advanced scout for the NSA, helping the agency in their efforts to get a hold of the latest technology to analyze and exploit the immense amount of data at their fingertips.
 
Paladin is one of the private companies that work closely with the intelligence community while In-Q-Tel is directly financed by the Central Intelligence Agency to invest in tech startups.
A wide variety of companies have received funding from In-Q-Tel and an even wider range of companies have directly benefited from the technologies developed thanks to intelligence community dollars.
 
To say the intelligence community has their fingers in just about everything in Silicon Valley would be a bit of an understatement.