There’s been much buzz around Skype’s recent change to their internal network structure. Skype, owned by Microsoft since 2011, has begun routing calls from peer servers to their own supernodes which has left many asking why they’ve done this and what will be the consequences of the move?
The Skype system update seems to fly in the face of their peer-to-peer (P2P) system where users connect directly to each other and not through Skype’s servers. What most are worried about is that their calls can be tapped if they pass through Skype supernodes rather than being solely P2P, and it seems like people have good reason to worry, or do they? This whole update has originated from MS, where they’re reorganizing the Skype service to fit in with their future VoIP strategy. It’s very difficult to implement a P2P VoIP service like Skype across a platform, where MS will most likely want to incorporate the service with Xbox, Windows 8, and other platforms in the future. Many believe this isn’t their motivation, but it’s instead to allow law enforcement agencies to have access to any Skype calls they wish. To further support this idea is that MS acquired a patent for legal intercept technology to discreetly copy communications transmitted soon after they purchased Skype. Quite the coincidence I’ve got to say myself. Skype has responded that the “supernodes simply allow users to find one another,” in other words calls don’t pass through their supernodes but are in fact P2P, although they have never provided hard documents or evidence to support this. It sounds like there are theories and weak evidence for both camps, leaving the issue up in the air.
The thing is that this update doesn’t change the fact that all activity via the internet can be viewed by anyone that has the right resources and motivation. It should be assumed that as soon as you turn on your computer all activity could be accessed, with Skype being no different even before being taken over by MS. For example, there is a program that exists, very possibly many different versions at this point, that is meant to intercept Skype calls no matter how good the encrypting is. It’s believed that is was Swiss programmer Ruben Unteregger that developed the program back in 2006, where it’s meant to pick up calls on either end of the communication, not en-route. The program may be loaded onto a “victim’s” computer somehow, where it will then copy calls and save them as mp3 files and send them to pre-determined destinations. The program is open-sourced, so that anyone can get their hands on it relatively easily and from there make modifications to it as they choose. This program and programs like it aren’t made to hit larger numbers, but are targeted attacks.
So now that we know that Skype calls haven’t been secure for some time now, the question remains as to what MS and Skype’s true intentions are with these modifications that begun a few months ago? Skype has officially neither confirmed nor denied allegations, but have said that “Skype co-operates with law enforcement agencies as much as is legally and technically possible.” This doesn’t seem to say all that much either, although maybe that’s the point, since it would not be the most responsible idea for them to say that their service is in fact 100% secure so to attract criminal or terrorist elements to their service.
Personally, I think that MS wants Skype’s service in line with their strategy, although they’re very aware of and welcome the side effects of the move. Leave your comments below as to what are your thoughts about privacy on Skype and their true motivations for the restructuring?