In 2009 some bright sparks at Microsoft decided that they should patent how to legally intercept VoIP (explicitly SIP traffic in the patent) and other network protocols. The SIP attack basically boils down to tweaking the SDP packets to remove an option:
If SIP invite messages are intercepted on their way to the call server or in the call server then the “a=candidate” lines referring to a direct peer to peer voice connection may be removed from the SDP parameters. As a result, the terminating call VoIP entity is not offered local paths and will not respond with them in the answer SDP. This forces the call through the NAT and into the public network where it can be transparently recorded.
But of course this is a patent and so the broad principles are couched in heaps of legal mumbo-jumbo and so what is actually covered is impenetrable.
One interesting point, given recent developments, is:
For example, VoIP may include audio messages transmitted via gaming systems, instant messaging protocols that transmit audio, Skype and Skype-like applications, meeting software, video conferencing software, and the like.
This is long before they bought Skype, but I’m sure that won’t stop conspiracy theorists.. 🙂