UPDATE: See the 2008 report which shows that:
- The full text chat messages of TOM-Skype users, along with Skype users who have
communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and
if present, the resulting data are uploaded and stored on servers in China. - These text messages, along with millions of records containing personal information, are
stored on insecure publicly-accessible web servers together with the encryption key required to
decrypt the data.
Skype’s partner in China, Tom Online, has implemented filtering of Skype’s text chat for Chinese users. Skype is not being transparent about the filtering fucntionality that has been introduced. Here is my initial attempt at trying to figure out Tom-Skype’s filtering.
Tom-Skype can be downloaded from skype.tom.com and I installed in in Chinese and English. I also installed the 2.5 beta version, all appeared to function the same. The tests below are from Tom-Skype 2.0 installed in English.
The first thing I noticed is that Tom-Skype is bundled with an executable called ContentFilter.exe. It is an application developed by Tom Online called Tom Word Review. It is digitally signed by Skype.
Tom’s ContentFilter.exe loads after one logs into Skype and runs in the background. It is visible in the process list.
After logging in to Skype several plain text connections are made to Tom’s web server, in addition to some to Skype’s server. Some are just to get the version number of Skype the user is running while others are for the content that appears in the Tom content tab — mine had to do with the FIFA World Cup :) . But there are two rather odd connections:
Connection 1
GET /agent/skypever.php?md5=nofile HTTP/1.1 Content-Type: text/html Host: skypetools.tom.com Accept: text/html, */* User-Agent: Mozilla/3.0 (compatible; Indy Library) HTTP/1.1 200 OK Date: Tue, 13 Jun 2006 17:39:14 GMT Server: Apache Connection: close Transfer-Encoding: chunked Content-Type: text/html 1 0 0
This looks like its checking for a version number.
Connection 2
GET /agent/keyfile HTTP/1.1 Content-Type: text/html Host: skypetools.tom.com Accept: text/html, */* User-Agent: Mozilla/3.0 (compatible; Indy Library) HTTP/1.1 200 OK Date: Tue, 13 Jun 2006 17:39:15 GMT Server: Apache Last-Modified: Mon, 07 Nov 2005 11:02:50 GMT ETag: "1a73b-8166-436f345a" Accept-Ranges: bytes Content-Length: 33126 Connection: close Content-Type: text/plain
This connection downloads a file called “keyfile” into Skype’s installation directory. I assume its a keyword list file of some sort. It has 123 lines that look like this:
006F00000000000000C600EA007B00EF000100C900190080007 E000C001B00E7003C006900F80003002B00C000790084008D00 900002005E0018005C00C60067004400B8007C00F5002500F60 061009F00A900F4005600AE0065009100AE007F002A00D400D5 0024005800930033004600A90055005A008500E4006100A30025 00FA00F10030005A005F00E00096005700A6009C00F9008600E5 0083005100FF00A0007700FD000800B70037000300B7006F004C0 0E70047002D00BE00DA004300AB00A500B800210009002B00E1008F 00560055000A004F001900C60004009A004000D20051007B
I have not been able to decode this. It looks like hex but does not convert nicely (utf-8, utf-16, gb18030, gb2312 etc…)
(By the way, when you uninstall Tom-Skype the “keyfile” is not removed form your computer.)
However, I could only trigger the filtering with the work “fuck”. I tried all the words from the QQ list plus list of political words and phrases. I also tried some mandarin slang and some Chinese sex related words.
Here is what it looks like. I sent text chat from one Skype account using Tom-Skype on one computer to another with the same set-up. (I was able to make a Skype user name through Tom-Skype called “falun99”, I thought they may want to filter screen names, but they do not seem to.) When you receive any text — a word, a sentence or a paragraph — that contains a keyword, in this case “fuck”, the entire message is not displayed to the user using Tom_Skype.
The message sender, using Tom-Skype, can see the text, including the banned keyword. And if that message is sent to a normal Skype user, the receiver can also see it.
However, if a message with banned words is received by a Tom-Skype users (from a normal Skype user or a Tom-Skype user) the message will not be displayed at all.
- Tom-Skype is bundled with ContentFilter.exe which makes two connectiopns to Tom Online’s web server, one appears to download a keyword file.
- Tom-Skype message blocking is done on the client side while receiving messages, normal Skype users can receive messages from Tom-Skype users that contain banned keywords.
- The total amount of keywords appears to be low, so far only “fuck” has been found.
[…] Nart@CitizenLab of the University of Toronto has the first detailed investigation into the filtering of the Tom-Skype, cobranded version of the VoIP/chat client in China. As you may well know, Skype has partnered with Tom.com, but has agreed to filtering the text chat. […]
Posted by Andrew Lih » Blog Archive » Tom-Skype Filtering on June 18th, 2006.
[…] Internet censorship tech-expert Nart Villeneuve reports that Skype’s Chinese client installs censorware on the user’s computer without telling: Skype’s partner in China, Tom Online, has implemented filtering of Skype’s text chat for Chinese users. Skype is not being transparent about the filtering fucntionality that has been introduced. Here is my initial attempt at trying to figure out Tom-Skype’s filtering. Tom-Skype can be downloaded from skype.tom.com and I installed in in Chinese and English. I also installed the 2.5 beta version, all appeared to function the same. The tests [that follow in this blog-post] are from Tom-Skype 2.0 installed in English. The first thing I noticed is that Tom-Skype is bundled with an executable called ContentFilter.exe. It is an application developed by Tom Online called Tom Word Review. It is digitally signed by Skype. […]
Posted by newsBreaks.net » Report: Skype’s China client installs censorware on users’ PCs on June 22nd, 2006.
Tried sensitive phrases like “falun gong”?
Posted by J. Random Commenter on June 23rd, 2006.
This content filtering technique may prove to be just another possible scam, where Tom Online might dump in some excess codes on to your PC. Whatever for do you really need to filter off what others say?
Posted by Keith on June 23rd, 2006.
i skype chat with an english learner in china. We were discussing hand gestures and some vulgar terms. When I tried to teach him about “fuck you” he was uncharacteristically unresponsive. I thought maybe i crossed some cultural barrier that left him insulted and quiet. Thanks for the explanation. My wife’s school filtering is gotten around with flick. So flick the censors.
Posted by jack on June 23rd, 2006.
[…] Un informe de Nart Villeneuve revela que el cliente de Skype distribuido en China, llamado Tom-Skype, contiene un programa censorware (ContentFilter.exe) que filtra el texto de las conversaciones de chat. Añade este artÃculo a: […]
Posted by despuesdegoogle » Archivo del weblog » China: Censorware en Skype on June 23rd, 2006.
So, no problems with “Tiananmen” or “Tibet independence” then?
Not so bad considering it’s China.
Posted by Alan on June 23rd, 2006.
What about such words as democracy?
Posted by dudeland on June 23rd, 2006.
Tried again today, there was no cultural barrier, Fuck can’t get through. Makes you wonder why that word is one they chose to censor. Is it dangerous?
Posted by jack on June 23rd, 2006.
[…] China se ha convertido en el paÃs donde existe más censura en el ciberespacio, y no solamente ahÃ. El gobierno pretende aislar a los internautas chinos del mundo real. Primero fue Google, y ahora es el turno de Skype. El cliente del software VoIP más popular del mundo instala un censorware de forma oculta, lo cual implica que el usuario no puede iniciar conversaciones instantáneas (chats) ni acceder a ciertos contenidos que son filtrados por el software que corre en segundo plano. La versión internacional de Skype no contiene ningún tipo de filtro o censorware, pero en cambio, la versión disponible para China si. Skype no está siendo transparente con los tipos de filtros de contenidos que está aplicando en su software. Hay un reporte más detallado con capturas de pantalla, de la censura del gobierno Chino a Skype […]
Posted by Bitperbit - Actualidad y Tecnologia hoy » Skype instala Censorware en computadoras de usuarios Chinos on June 23rd, 2006.
[…] “Skype’s partner in China, Tom Online, has implemented filtering of Skype’s text chat for Chinese users. Skype is not being transparent about the filtering fucntionality that has been introduced. Here is my initial attempt at trying to figure out Tom-Skype’s filtering.”read more | digg story • • • […]
Posted by Peppery’s Blog»Blog Archive » Skype’s China client installs censorware on users’ PCs on June 23rd, 2006.
Wow, the coder of that program really did a crappy job. Instead of doing all the coding by himself, it added the indy libraries to do it completely. The coder should have mentioned the indy copyright in the binary file or he has violated the indy license:
“Portions of this software are Copyright (c) 1993 – 2003, Chad Z. Hower (Kudzu) and the Indy Pit Crew – http://www.IndyProject.org/”
… –>
“User-Agent: Mozilla/3.0 (compatible; Indy Library)”
Check the binary for the copyright and if it isn’t there you should be able to sue them. Mmmmmm deja vu *Sony Spyware* =D .
Posted by michielh (eprog) on June 25th, 2006.
国外的月亮和ä¸å›½çš„月亮…
应该说,国外的月亮,呃,还有国外的太阳和国外的星星,都和ä¸å›½çš„没有什么分别。
但è€å¤–在国外用的产å“,和国人在国内用的åŒæ ·å“牌的产å“,å´æ˜¯ä¸ä¸€èˆ¬ï¼šæ¾³å¤§åˆ©äºšäº§çš„柯达胶片æ‹å‡º…
Posted by PODCAST PODIUM æ’客å®å…¸ on June 25th, 2006.
[…] Nart Villeneuve 这个è€å¤–è¿‘æ¥å°±å‘çŽ°ï¼Œå¦‚æžœä½ ä»ŽTom的网站skype.tom.com下载Skype,Skype软件里就会多出一个3760Kçš„ContentFilter.exeå°è½¯ä»¶ï¼š […]
Posted by PODCAST PODIUM æ’客å®å…¸ » 国外的月亮和ä¸å›½çš„月亮 on June 25th, 2006.
[…] China se ha convertido en el paÃs donde existe más censura en el ciberespacio, y no solamente ahÃ. El gobierno pretende aislar a los internautas chinos del mundo real. Primero fue Google, y ahora es el turno de Skype. El cliente del software VoIP más popular del mundo instala un censorware de forma oculta, lo cual implica que el usuario no puede iniciar conversaciones instantáneas (chats) ni acceder a ciertos contenidos que son filtrados por el software que corre en segundo plano. La versión internacional de Skype no contiene ningún tipo de filtro o censorware, pero en cambio, la versión disponible para China si. Skype no está siendo transparente con los tipos de filtros de contenidos que está aplicando en su software. Hay un reporte más detallado con capturas de pantalla, de la censura del gobierno Chino a Skype […]
Posted by Agregador » Blog Archive » Skype instala Censorware en computadoras de usuarios Chinos on June 25th, 2006.
[…] Nart Villeneuve has discovered that Skype’s partner in China, Tom Online, has implemented filtering of Skype’s text chat for Chinese users without informing the users. […]
Posted by little bridge » For your own safety - beware of Chinese net-ware on June 26th, 2006.
It’s OK for such thing. But what I can’t bear is they filter the technical website.
FUCK GFW
Posted by Kent Wei on July 26th, 2007.
try “GFW”?
Posted by DreamXWay on June 18th, 2008.
Not so long ago I had a conversation on skype with a friend in China. This friend told me the following in Chinese on skype: “I can provide you some info you want to know but don’t know” Then the next message appeared but in a flash was removed and replaced by the following notice: “[15:34:40] This message has been removed by the host” This happened two times. It was very possible that this person mentioned “Falun Gong” on that moment (but i dont know since the message was removed) But what really made me wonder was whether this host was a person or a computer. So my question is whether any sentence with the words “Falun Gong” automatically is removed? Did anybody ever try that? (i dont want to send it to a chinese skype user because i fear it might already put the chinese receiver in a dangerous position)Can anybody give me some feedback on this?
Posted by peter on October 4th, 2008.
great information. i have seen this stuff 4 years ago also, but you have done a good job in properly documenting it. good luck. don’t get into trouble…
Posted by jan geirnaert | tropicaljantie on October 5th, 2008.
So what happens if you end the cotentfilter.exe process with clt-alt-del? Is there no response or does it close down the program? Sorry if this on has already been asked
Sam,
laowise.com
Posted by Leumas on May 24th, 2009.
Also, this is how you can get the original version of Skype if you are living in China: http://www.laowise.com/blog/view/10
Posted by Leumas on May 25th, 2009.