That’s the inflammatory allegation that a UK-based security blog made in a post earlier today:
Anyone who uses Skype has consented to the company reading everything they write. The H’s associates in Germany at heise Security have now discovered that the Microsoft subsidiary does in fact make use of this privilege in practice. Shortly after sending HTTPS URLs over the instant messaging service, those URLs receive an unannounced visit from Microsoft HQ in Redmond.
That’s a pretty dramatic conclusion, based on very thin evidence.
Heise Security, the German branch of the same publishing company, received a tip from a reader alleging that he had “observed some unusual traffic” following an IM session over Skype. So they performed a single experiment:
Heise Security then reproduced the events by sending two test HTTPS URLs, one containing login information and one pointing to a private cloud-based file-sharing service. A few hours after their Skype messages, they observed the following in the server log:
126.96.36.199 – – [30/Apr/2013:19:28:32 +0200]
“HEAD /…/login.html?user=tbtest&password=geheim HTTP/1.1”
That IP address, 188.8.131.52, is indeed controlled by Microsoft, as a cursory inspection of DNS records confirms. But after doing some investigating of my own, I’ve concluded that the reason for the mysterious visit is almost certainly innocent.
Microsoft doesn’t normally discuss the details of its security infrastructure. However, I’m reasonably certain that address is part of Microsoft’s SmartScreen infrastructure, which the company uses to identify suspicious and dangerous URLs so that it can block malware, phishing sites, and spam in Internet Explorer, Outlook.com, and other Microsoft services. Presumably, Skype picked up SmartScreen filtering when it took over the functions previously handled by Windows Live Messenger. (Microsoft has not publicly confirmed that change and has not yet responded to a request for comment.)