Entries tagged proxy

Making Skype secure via VPN or SSH Tunnel

Posted on 13. April 2011 Comments

//update: recent events show that Skype is not secure anyway and Microsoft centralised the supernodes. I wouldnt bother with a VPN.

Since you just can not convince people not to use Skype because it really is insecure(signalling obfuscation with RC4, voice data is still AES-encrypted) , I decided to make Skype more secure by adding extra encryption, which is, as I found out, pretty simple. Just for written conversations you might want to try cryptochat, an extension just for skype(128-bit RSA), but no guarantees, I just googled it myself. Also consider using another service besides Skype(de) for as many connections as possible.

VPN (Virtual Private Network) (easiest)

A VPN creates a tunnel to a service provider you trust, preferably in a country where providers are allowed not to store traffic data(oh, well: http://en.wikipedia.org/wiki/2013_mass_surveillance_disclosures). This means every bit of traffic is as good secured as the encryption to the end of the tunnel is. Between you and your computer, there is nothing(not your ISP or eavesdropper) that could intercept the data. On the other hand, you have to trust the VPN Provider.

For a few bucks a month(~5€) you can rent a VPN Service from several providers, see list below. Be sure not to use PPTP, because this (theoretically) is fairly insecure as well, a good choice might be OpenVPN or IPSec/L2TP. Most of the providers also have an idiot-proof introduction and how-to on their homepage.

SSH(Secure Shell)(advanced)

With both putty under Windows and OpenSSH under Linux it is possible to create a tunnel and use it on your computer like a socks5 proxy server. For creating a really secure SSH connection, don’t use passwords but public-keys. Without any programming you can set up the encryption up to 4096bit which is quite strong. Some of the latest OpenSSH Versions even support ECC (e.g. for mobile..(?)). Use this tutorial to create a tunnel with windows, for Linux use this command:

ssh -D 42 user@host

Where 42 is the port, user is the linux username and host is the hostname of your provider. Then configure your Skype with the following settings(not for VPN!):

Important

All the tweaks shown here don’t make skype secure(!), just a little more secure as it was before, adding extra encryption (see RC4). It doesn’t prevent Skype or Intelligence Services from intercepting what you’re skyping. If your computer is insecure e.g. because of keyloggers, trojan horses etc, VPN/SSH is just useless.

Providers

  • https://www.shellfire.de/
  • https://www.vpntunnel.se/de (only e-mail adress, nickname and a payment method(see below))
  • http://strongvpn.com/
  • https://www.relakks.com/
  • http://unblockvpn.com
  • http://www.google.com/search?hl=en&q=rent%20vpn

Payment

//edit: make sure you check out jitsi !

flattr this!