Microsoft has applied for a patent on technology that may let its user secretly intercept Voice over IP (VoIP) communications, amend the content and store it.
The application was filed in December 2009 and was recently made public.
The technology could allow the monitoring of conversations, voice messages and video conferences over a variety of devices, including smartphones, laptops and gaming devices.
This technology may have been developed with an eye to selling it to government agencies.
“Sometimes a government or one of its agencies may need to monitor communications between telephone users,” the patent application reads.
Microsoft spokesperson Emma Mahoney pointed out that the application is still being processed.
“The [U.S. Patent office] will publish patent applications approximately 18 months after a company files a patent application,” Mahoney told TechNewsWorld. “It is one stage of the application process.”
Mahoney declined to discuss the technology further.
Surfing and Spying
The patent application, number 20110153809, states data associated with a request to establish a communication is “modified to cause the communication to be established via a path that includes a recording agent.”
Such modification may include “adding, changing and/or deleting data within the data.”
That modified data is then passed to a protocol entity that uses it to establish a communication session using a path that includes the recording agent, which is “then able to silently record the communication,” the application says.
Communications that can be intercepted may be conducted over computers, laptops, set-top boxes, programmable consumer electronics devices, personal digital assistants (PDAs), smartphones, gaming devices, printers, computing devices in automobiles and home media centers, the application states.
The technology can be used not only on VoIP devices but also on any other form of packet-based communication used to transmit audio over a wireless or wired network, Microsoft’s application reads.
In other words, the technology would allow the government can spy on a user when using any Internet-enabled device.
The recording can be done in secret by indicating there are no direct paths between the two parties trying to communicate.
SIPping on the Datastream
In the Session Initiation Protocol (SIP), which is widely used in VoIP audio and video communications, for example, Microsoft’s technology will remove local candidates from a list of available candidates in the protocol’s parameters when the two parties do a handshake to set up the communication.
This will force both parties to go through a Traversal Using Relay NAT (TURN) relay server.
TURN is a simple protocol that allows for a device behind a NAT (network address translator), or firewall, receive incoming data over TCP or UDP connections
UDP, or User Datagram Protocol, is one of the core elements in the Internet Protocol Suite. It lets computer applications send messages, known as “datagrams,” to other devices on an IP network.
Privacy and the State
Governments at all levels in the United States have been battling with civil liberties groups and citizens over the question of privacy.
Security activist Christopher Soghoian, who is also a PhD candidate at the University of Indiana, in April published a paper on the law enforcement surveillance reporting gap, which states, in essence, that most modern surveillance takes place entirely off the books and its scope remains unknown.
He proposed legislative reporting requirements “in order to enable some reasonable degree of oversight and transparency over all forms of law enforcement electronic surveillance.”
“This patent points out the high cost that business, and by extension customers, pay for surveillance,” Christopher Calabrese, legislative counsel for the American Civil Liberties Union, told TechNewsWorld.
“Because government doesn’t bear the full cost of these services they will be more likely to use more surveillance because it is, in essence, subsidized by businesses and consumers,” Calabrese added.