skype - keystroke indicator

During skype sesions, an icon appears whenever a correspondent is typing unsent text.

Does skype monitor keystrokes?

Isn't this a little creepy?

RL

Reply to
legg
Loading thread data ...

On a sunny day (Wed, 04 Mar 2015 11:31:43 -0500) it happened legg wrote in :

Not only that, the typing rhythm is analyzed for emotions, and the right pills are displayed in the window on the right. Your person has a C structure, where all data is kept.

It is interesting that if I use ebay search I see advertising for things I used google to look for.

Maybe NSA misplaced a wire [or 2].

Reply to
Jan Panteltje

I had the impression that the program was inactive, unless it was actually transmitting or recieving text or images. For text, I'd assumed that no transmissions occured until the 'send' feature was invoked.

The skype window doesn't have to be active, when the program is running, to receive transmissions in the background.

Does background transmission of keyboard activity also occur? Wouldn't this be a security issue?

RL

Reply to
legg

On a sunny day (Thu, 05 Mar 2015 07:25:13 -0500) it happened legg wrote in :

OK, I was joking a bit, but that google thing is true. I once did a video interface for Skype, at someone's request, and that streams, just looked it up, 2008, so say 7 years ago. I don't if Skype has changed a lot since then, I never use it. But why should it not send the keystrokes with the audio video stream? It could wait for ENTER too, but who knows.

The whole issue with those programs (like Skype and other proprietary ones), in Linux with a few scripts you can make your own.. and KNOW what happens. the power of netcat and ffmpeg. You can then encrypt it too, in whatever way you like.

Reply to
Jan Panteltje

It's hairy enough getting that package to run smoothly on my my sainted mother's machine, 2000 Kms distant, as is. Is Linux really granny-compatible under those circumstances? Lessons on cutting and pasting text are considered cruel and unusual punishment under most circumstances.

I wonder if there's any way to block the keyboard monitoring service in W7pro, other than turning Skype off completely when not in use. That would sort of defeat it's function as potentially spontaneous method of communication.

RL

Reply to
legg

On a sunny day (Thu, 05 Mar 2015 10:26:39 -0500) it happened legg wrote in :

Oh no, absolutely not. Some will state it is all easy, but for me Linux (Unix) is for profies. I really do not like people writing GUI stuff to make it look like a MS desktop (with all its shortcomings).

I have no idea, absolutely no experience with MS software here (win 98 was last).

If some thing pisses me off by doing web access without me asking, then I add that port and / or IP to the firewall. In Linux I have written ONE command for that: 'ireject' (IP)

just block whatever outgoing, but to do that every time seems problematic.

I just looked it up, indeed Skype's architecture was changed in 2012 by MS:

formatting link
so now all your packets go via Microsoft, are probably stored, used to update your personal structure, and shared with whoever has money or authority.

In my personal view, teaching the people the basics of Unix, pipes, and the use of a few simple programs, allows them to bypass all that commercial shit^H^H^H^Hstuff using a fraction of the processor power for a fraction of the cost (zero), and puts them in the programmers realm, unlike the zombies realm that is maintained by that company in Redmond.

Reply to
Jan Panteltje

I run Skype on a tablet under a rooted android and there is no info to grab. It "gets" Skype messages whether the app is running or not.

On a PC, it is not monitoring what your keystrokes are, merely the fact that you are typing into the Skype text box. DUH. It sends THAT flag to the recipient, so they know you are not simply ignoring them.

Think about the old two-way radio protocols... One had to wait until a response came, or risk "talking over" the senders response as they were on the same carrier.

This allows you to see that your most recent text to the person you are chatting with is being responded to.

At no time during your entry into the text box is any of the actual text ever transmitted to anyone. Until you hit send.

Also, if it is only text, you can get a free text only "phone number" and use the app called "text free ultra" on your PC and non-phone tablet, etc.

Reply to
DecadentLinuxUserNumeroUno

That doesn't mean you are not transmitting every key to the skype server immediately. When you hit send, the server send it out. Think about telnet & ssh sessions. Keys are transmitted and echoed back immediately.

Reply to
edward.ming.lee

Yes, it means exactly that. Read it AGAIN! AT NO TIME WHILE YOU ARE TYPING INTO THE TEXT CHAT FIELD DIALOG BOX ARE *ANY* OF THE CHARACTERS YOU TYPE BEING SENT *ANYWHERE*. When you hit SEND, then and ONLY then are your typed characters sent.

When you hit send, YOU sned it out, for the FIRST TIME. The server is just an authentication and connection relay server.

That is because it is set up just that way.

secure Web pages, and this application are NOT.

Reply to
DecadentLinuxUserNumeroUno

Chat systems have been doing that for decades. AIM, MSN (back when it was MSN Messenger, then later when it became Windows Live, and now it's finally fully defunct, what with M$ using Skype, Lync and such now) and others all do. Even Facebook, if you're that kind of user...

If you're worried about keystrokes, it's probably fair to assume that everything you type online will be visible by everyone, sooner or later. The incidence will be lower with a secured, peer-to-peer connection, but ultimately it's only a matter of interest and time.

Any medium that requires a centralized server (= most chat services?) can probably be assumed to log or record activity.

Tim

--
Seven Transistor Labs 
Electrical Engineering Consultation 
 Click to see the full signature
Reply to
Tim Williams

On a sunny day (Thu, 5 Mar 2015 17:49:08 -0600) it happened "Tim Williams" wrote in :

I think the main security problem is in if the characters are send when you type, or only after ENTER. Suppose I type this: My source of information King Gubbledonk ^H^H^H^H^H^H^H^H^H^H^H^H^H that I am not willing to reveal, told me this.ENTER Now you think you did not reveal King's name, but.. The user at the other end sees: My source of information that I am not willing to reveal, told me this. But NSA has the full text and now knows about the King. ^H is backspace BTW.

Only if we see source code of the program can we determine what is really send if it is encrypted. Else you can just run 'snort' or some other traffic sniffer. I run snort in Linux on a regular basis, lots of scripts from the time I was still running the webserver at home. Always have a terminal (rxvt) ready.

# trace-net Running in packet dump mode

--== Initializing Snort ==-- Initializing Output Plugins! Verifying Preprocessor Configurations!

Initializing Network Interface eth0 Decoding Ethernet on interface eth0

--== Initialization Complete ==--

,,_ -*> Snort!

Reply to
Jan Panteltje

snipped retarded horseshit.

You're a goddamned retard.

Reply to
DecadentLinuxUserNumeroUno

The windoze telnet client (now discontinued AIUI) did that. this made it a real pain to use it for debugging text based services (like POP3 or SMTP)

Real telnet clients switch buffering modes from local to remote on demand

--
umop apisdn
Reply to
Jasen Betts

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.