[pieter]

Skype has always relied on a central authentication server, which means that anyone with control of that server would be able to MITM any conversation. The recent changes of ownership and centralization of the service have nothing to do with this. Presumably the US government has been able to tap into any Skype conversation they want for a long time.

[pandog]

I'm not sure if it makes it easier to listen in on calls but Microsoft have made changes to the skype infrastructure: http://arstechnica.com/business/2012/05/skype-replaces-p2p-s...

[eps]

> would be able to MITM any conversation

Sure, in theory. In practice, eavsdropping on two Skype users required presence on a network route between the callers, which might have been entirely in some random country's Internet segment.

[pieter]

Not really -- the directory server can just direct a user to connect to a MITM server. There's no need to control the entire network, you only need access to Skype's servers.