Skype
Skype icon | |||||||||||||
File:Skype windows.png | |||||||||||||
Developer(s) | Skype Technologies S.A. | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Stable release |
| ||||||||||||
Operating system | Cross-platform | ||||||||||||
Type | P2P/VoIP/Instant messenger | ||||||||||||
License | Freeware | ||||||||||||
Website | www.skype.com |
Skype (IPA pronunciation: /skajp/, rhymes with type) is a proprietary peer-to-peer Internet telephony (VoIP) network, founded by Niklas Zennström and Janus Friis, the creators of KaZaA and competing against established open VoIP protocols like SIP, IAX, or H.323. The Skype Group is headquartered in Luxembourg with offices also in London and Tallinn. The system has a reputation for working across different types of network connections (including firewalls and NAT) because voice packets are routed by the combined users of the free desktop software application. Skype users can speak to other Skype users for free. Skype also has paid services allowing users to call traditional telephone numbers (SkypeOut), receive calls from traditional phones (SkypeIn), and receive voicemail messages.
In September 2005, eBay acquired the company for €2.5 billion in cash and stock, plus an additional 1.5 billion in rewards (earn out) if goals are met by 2008. [1]
Features
The basic computer-to-computer service allows users to speak, to send instant messages or to send files to one another from their computers via the Internet at no cost. Conferences of up to five users are supported.
SkypeOut
SkypeOut is a paid feature of the Skype Internet telephony service, which allows Skype users to call virtually any non-computer-based landline or mobile telephone in the world.
Unlike international long-distance calls made from conventional telephones, which are traditionally rated according to the relative distance between countries, SkypeOut bills all calls according to the level of telecommunications liberalisation of the destination country, the volume of calls made from and to a given country, and access charges such as those to mobile (cell) phones. This rating method is used due to the fact that calls are rated the same regardless of place of origin.
This way, a SkypeOut user will be billed the same for a call placed to a telephone number in London, whether the user is calling from his/her computer in London itself, or from a different country. The Global Rate which is the one used for many countries, including nearly all First World countries, is currently 1.7 euro cents per minute. Credit, which is necessary to use SkypeOut, is usually purchased via credit card, personal check or money order, or online services such as PayPal or Moneybookers. The current deposit is either €10 or €25, which automatically expires after 180 days of inactivity — a timer is reset after each successful SkypeOut connect. In European Union countries, Luxembourg VAT of 15% is added to the charge, which makes the actual prices closer to €0.02 per minute.
It is possible to dial British, French, Polish and U.S. freephone numbers with Skype without having purchased credit. However, dialling some freephone numbers generates a "call failed" error. This is likely to be due to the fact that some freephone numbers only allow calls from their own country, which may not be where Skype's outgoing calls originate from.
SkypeIn
SkypeIn allows Skype users to receive calls on their computers dialed by regular phone subscribers to regular phone numbers. Beta released on March 10, 2005, SkypeIn permits users to subscribe to numbers in UK, USA, France, Hong Kong, Denmark, Finland, Germany, Sweden, Estonia, Switzerland, Poland, Brazil and Japan. (Although France, Germany, Switzerland and Japan give SkypeIn numbers only to residents).
Cost is €30 for a twelve-month subscription, or €10 for a three-month subscription. Users can have multiple SkypeIn phone numbers bound to the same account (a separate subscription is required for each). For example, someone who does business in both San Francisco and Helsinki could create a local telephone number in each city, and callers from those locations would pay cheap or free local rates.
Skype Voicemail
Skype Voicemail was released on March 10, 2005. This service allows callers to leave voice-mail messages for Skype users who are not online, on another call or otherwise indisposed. This can be purchased separately and is automatically bundled in with SkypeIn.
Skype Voicemail has experienced numerous problems over the past year and users complain that many voicemail calls are never received and at times callers are never prompted to leave a voicemail message. Additionally, the SkypeIn service at times never records certain incoming calls on the program's history page. These current problems have not yet been resolved completely.
Skype Chat
Skype supports group text chat with an interface similar to IRC.
Skype Video Calling
Skype 2.0 has a Skype Video Calling feature which has been implemented to enable videoconferencing. This feature is only supported when running Windows XP - the feature is not available for Linux or Apple [OSX]] users.
Releases
Skype Version 1.2 for Windows was released in March 23, 2005. Its most significant new feature is the provision of centrally-stored contact lists so that a user's contact information is available from any computer that is connected to Skype (in other previous versions, contact information was stored on the local computer).
On 2006-03-16, version 2.0.0.97 of Skype for Windows was released.
Versions now exist for Microsoft Windows (Windows 2000, Windows XP and Windows CE (Pocket PC)), Mac OS X and GNU/Linux. The Linux version runs on FreeBSD through its Linux binary compatibility.
Technology
Each Skype user must have the Skype software running on his/her computer. This software is currently available free of charge and can be downloaded from the company website, but the software is proprietary.
The main difference between Skype and other VoIP clients is that it operates on a peer-to-peer model rather than the more traditional server-client model. The Skype user directory is entirely decentralised and distributed among the nodes in the network, which means the network can scale very easily to large sizes (currently just over 70 million users) without a complex and costly centralised infrastructure.
Skype also routes calls through other Skype peers on the network, which allows it to traverse Symmetric NATs and firewalls, unlike most other VoIP programs (The two most common VoIP protocols, SIP and H323 are usually UDP and point-to-point, making NAT traversal problematic; see article). This, however, puts an extra burden on those who connect to the Internet without NAT, as their computers and network bandwidth may be used to route the calls of other users. The selection of intermediary computers is fully automatic, with individual users having no option to disable such use of their resources. This fact is not clearly communicated, however, and seems to contradict the license agreement which would limit Skype's utilisation of the user's "processor and bandwidth [to the] purpose of facilitating the communication between [the user] and other Skype Software users" (section 4.1).
The Skype code is closed source and the protocol is proprietary which has raised suspicion and drawn broad criticism from software developers and the VoIP user communities.
The Skype client's application programming interface (API) exposes the network to software developers. The Skype API allows other programs to use the Skype network to get "white pages" information and manage calls.
The Windows user interface was developed in Pascal using Delphi, while the Linux version is written in C++ with Qt and the Mac OS X version is written in Objective-C with Cocoa. [2]
Security
General
Since the Skype code is proprietary and closed source the security of the software cannot be readily established by lay-users. In 2004, Niklas Zennstrom, co-founder of Skype, appeared to admit in an article on The Register that the current security model used a relatively short key size, relied upon security by obscurity, and would not withstand open-source scrutiny:
- Would he make Skype open-source? No, that would make its strong 1024 bit encryption and security vulnerable: "We could do it but only if we re-engineered the way it works and we don't have the time right now."
Since that time, at least two analyses of the Skype code have been published. Tom Berson of Anagram Laboratories, an encryption and security specialist of 30+ years standing, was invited by Skype to analyse their source code in October 2005. Separately, a reverse engineered study of the actual Skype release package in action by Philippe Biondi and Fabrice Desclaux was presented at BlackHat Europe in March 2006. Tom Berson study (PDF) Biondi and Desclaux analysis (PDF)
The conclusions were broadly as follows:
- There are two sets of issues - discussion of the Skype system in general, and review of the security within its various parts and communications.
- Skype is a "complete black box" -- that is, it is extremely hard for the lay user to identify what it is doing, or what it might be doing, or how appropriately it is doing it. It relies on security through obscurity to make itself troublesome to analyse or reverse engineer without a significant amount of work, or use of emulation.
- Every package virtually, including the actual software itself, is encrypted, often by means of public/private key signing methods or AES.
- The Skype software itself uses a great deal of code obfustication and decryption in memory, including hundreds of checksummers and other anti-reverse-engineering devices.
- The protocol includes 1536 and 2048 bit public/private key pairs. These are not considered excessively long by modern standards, but are a strong barrier to decryption. Apparently using paid services obtains a replacement 2048 bit key (the 1536 bit key being standard). It also uses 256 bit AES over 128 bit blocks, which is considered strong.
- The Skype system automatically selects certain users with fast CPUs, good broadband connections and no firewall issues to be "supernodes", through which other users may connect. Skype can therefore utilise other users bandwidth. (Although this is allowed for in the licence agreement there is no way to tell how much bandwidth is being used in this manner). There are some 20,000 supernodes out of many millions of users logged on.
- There are notable "holes" in security in the area of the global Skype network -- that is, searches for contacts, and connection via supernodes, are trusted rather than authenticated. In some areas, "Skype trusts any computer that speaks Skype".
- Skype's file transfer function does not contain any programmatic interfaces to antivirus products, but Skype claims to have tested its product against antivirus "Shield" products. If the EICAR test file is sent over Skype's file transfer service, every major antivirus product appears to catch the virus and halt its transmission or reception via Skype.
- In addition, the lack of clarity as to content means that firewalls and systems administrators cannot be sure what Skype is doing (although the combination of an invited and a reverse engineered study taken together suggest Skype is not known to be doing anything hostile, does not mean it could not). Firewall rules for Iptables were given to block skype for corporates.
- The full functionality of Skype was not reviewed, both studies appear to have focussed upon its security. So it cannot be said what else may or may not be present.
- However the actual communication of any given skype conversation is reported to appears relatively secured; both cryptographic analyses concluded that Skype had made good use of modern encryption techniques, and had coded the actual encryption algorithms correctly within the software.
Resource usage
Skype accesses the hard disk several times per minute. This can be verified either by observing the HDD's activity LED or by using a file access monitor such as Filemon. Although those accesses are small, extremely fast and safe in the short term, they can be harmful in the long term. In particular the continuous access pattern does not allow the disk to enter sleep or idle modes while Skype is active, even when offline. This will cause the computer to consume more energy then otherwise, even when idle, but will not affect the lifespan of the HD (a hard disk will actually last longer if left spun up compared to being constantly spun up and down. Spinning down a hard disk is strictly a power-saving feature). Stronger HDD caching does not seem to improve this behavior.
Also, as mentioned above, certain users are selected by software to act as "supernodes". Under certain conditions, Skype is reportedly willing to accept thousands of connections, and sufficient traffic to saturate a 100 mbit bandwidth on such nodes. [3] [4] and [5]
Confidentiality of data
Since a Skype connection may be routed through an intermediate peer, 256-bit AES encryption actively encodes the data stream of each call, or file transfer. Skype uses 1536-bit RSA (2048-bit RSA for customers who have purchased any "paid services" such as voicemail) to secure the pairwise negotiation of an AES symmetric session key over an untrusted channel. Skype claims that the proprietary session establishment protocol is efficient and prevents both man-in-the-middle and replay attacks. The Skype server certifies each user's public key at log in.
That said, Skype currently fails to protect against multiple ghost logins: if a hacker is able to obtain a user's login password, the hacker could login as that user, and change their status to "Hidden". Thereafter, any chat sessions involving the real user are copied to the hacker's "ghost" account. This makes the content of chat sessions relatively insecure despite the fact that the packets being intercepted are fully encrypted.
Integrity/authenticity of data
The integrity of the data, i.e. data modified while traveling though peers, even if encrypted, is unknown and undocumented. The mechanism and implementation has been examined in Bernson's report - referenced below.
Authenticity of user identity
Skype provides an uncontrolled registration system for users: registration requires no proof of the identity of the user at all. This works two ways: you can use the system without revealing your identity to other users of the system, but on the other hand you have no guarantees that the person you communicate with is the one they say they are. The down side of this is that it is easy to use the identity of a trusted person and trick a user to reveal information or execute a program sent to them.
Prank program
In September 2005 a prank program was launched online. This unauthorised patch allowed a Skype user to masquerade as another user. The technique was for the joker to put up an attractive profile with a girl’s name and picture, and put that profile into "Skype me" mode. Within minutes generally another user would invariably try calling/chatting. The patch running the whole time would then partner up another call to the first caller, and send messages from the first person to the second, and vice versa. This way both people thought they were talking to a middle user whose profile of course was entirely fake. The patch only supported text messaging.
History
- April 23 2003: Skype.com and Skype.net domain names registered
- August 29 2003: First public beta version released
- June 15 2004: Beta release of version 0.98.0.28 with first support for SkypeOut. Credits by voucher only.
- June 27 2004: SkypeOut credits first available for purchase on Skype website.
- July 27 2004: Release of Version 1.0 for Windows.
- October 20 2004: First time 1 million Skype users are online at once.
- February 14 2005: First reached 2 million online.
- March 10 2005: SkypeIn Public Beta starts.
- March 11 2005: Skype press release reports 1 million Skype-out users and 29 million registered users.
- March 11 2005: Software has been downloaded 84 million times and 5.98 billion talk minutes served.
- April 15 2005: Downloaded more than 100 million times.
- May 18 2005: 3 million online at once.
- June 19 2005: Ten billion minutes of voice conversation served.
- August 31 2005: Skype launches the new "1.4 beta" containing improved sound and call forwarding.
- September 2005: SkypeOut Banned in South China.
- September 12 2005: eBay announces purchase of Skype (see GAMEY)
- October 18 2005: eBay completes purchase of Skype (announcement)
- December 1 2005: Skype launches Skype 2.0 in beta for Windows, a major new feature is videotelephony to other Skype users [6]
- January 6 2006: Skype 2.0 general release is announced.
- January 19 2006: Skype 2.0 official release.
- February 3 2006: Skype becomes fully integrated with popular online message board Bebo allowing registered users to call and IM each other directly from their profiles.
- March 27 2006: Six million concurrent Skype users on line.
Skype business ecology
Distribution partners
Skype has partnered with online web properties including Tom.com, PcHomeOnline, Daum, Livedoor, Bebo and Onet and hardware manufacturers including Plantronics, Logitech, Motorola, VTech, RTX, Siemens and Linksys.
Third party software product
This article contains promotional content. |
SAM is a simple voice answering machine for Skype users. When you are away from your PC and there is no one to answer your incoming Skype calls, SAM will pick up the call, play a greeting message and the "all-time classic beep", so the calling party will leave a voice recorded message. You can also Record all your Skype Conversations for later reference with the business version.
Amy is a free Skype companion program that provides personalized voicemail, delayed messaging, voicemail forwarding, and the option to send calls to voicemail. Amy supports full integration with YapperBox, which is a USB hardware device that allows for both PSTN and Skype calls on standard telephones, and YapperMouse, which is a regular USB optical mouse that doubles as a Skype phone.
Skylook comprehensively integrates Skype into Outlook. Features range from basic one-click calling to Outlook contacts through to call recording and automatic call answering. Skylook makes extensive use of existing Outlook features to enhance Skype - e.g. archiving of calls and IMs to Outlook folders, routing of Voice Mails to the inbox and automated call answering to the inbox.
Festoon is a Skype add-on product for Windows computers (2000 or XP with Internet Explorer 5+) that "adds video and sharing to Skype. Built on top of the Skype messaging platform, Festoon enables Skype users to securely conduct video calls in groups from 2 to 200 and share applications, spreadsheets, presentations, or photos with others on a call" (from official website).
HansaWorld is an international provider of integrated business solutions including financials, ERP, CRM, e-Business, retail and production. The HansaWorld applications allow users seamless integration of Skype with ERP and CRM in business since version 4.3.
Morgle is a comprehensive world wide online business directory for Skype users. Morgle provides searchable links to Skype user web sites, provides each entry with a spam free business enquiry form, and allows users to display product or company pictures with a searchable advertising message. Skype Id's are automatically displayed on search results allowing enquirers to speak to the business directly off the web page or send an email enquiry to the business.
WizzTonesis a new and easy-to-use software product that works in conjunction with Skype. WizzTones provides Skype users a simple and convenient way to create, manage and use multiple ringtones for a compelling, personalized communication experience. By downloading WizzTones, Skype users may create customized ring tones and assign every individual on their Contacts list a distinct and different sound, giving Skype users the freedom to walk away from their computers but still be available to identify and take an important call, or avoid an unwanted one. Visit the WizzTones Website.
Skype voice services
Skype has partnered with Tellme Networks, Voxpilot and Voxeo to enable content providers to create new voice services. These platform partners enable the voice services, provide development resources and manage the submission process for new services.
Usage
Jan in Malaysia Reported six million concurrent Skype users on line as of March 27th 2006. Skype Journal reported, five million concurrent Skype users on line Jan 20, 2006 and expects that during the summer of 2006 to expect 7 million users on line and by March 2007 to expect 10 million concurrent Skype users on line.
SR Consulting reviewed 4 million Skype user profiles in October 2005 and produced some demographic information reported by Mathaba.net and Skype Journal. Some findings:
- Average age: 29.7 years old.
- About 46% of Skypers are in Europe, but Brazil and China have the most Skype users of any country, each with 8.1% of the Skype population.
- Gender information is inconclusive so far. More than half of all users declined to state their sex.
Criticism
As of July 2005, the line quality varies from excellent (comparable to traditional telephony) to barely usable. The main drawbacks are:
- time lag, often around 0.5 seconds, but occasionally up to two or three seconds, apparently caused by distant remote routing or the low bandwidth of either or both parties;
- dropout and fizz;
- reliance on a network (the Internet) over which there is little or no control of quality of service (QoS). This is the main contributor to its poor performance.
These problems can be minimised by using the service when the network traffic on the Internet is minimal between the ingress and egress to the network. This is however sometimes impossible. The issues are common for all VoIP applications; in fact in restricted networks many of them don't work at all due to firewalls and NAT routers in large private networks from which users attempt to use Skype; while Skype, and other VoIP services are at least able to connect through properly configured third party relay hosts. There are open standards protocols such as SIP and STUN which do the same thing.
A broader criticism leveled at Skype is over its use of a proprietary protocol, instead of an open standard like H.323, IAX, or SIP, making it impossible for other providers to interact with the Skype network. There are of course clear business and technical reasons for this, such as protecting the SkypeOut revenue stream.
A design limitation of Skype is, if given access to an unrestricted network connection, Skype clients can become supernodes. These supernodes hold together the peer-peer network and provide data routing for those behind restrictive firewalls. Unfortunately, these supernodes can generate a significant amount of bandwidth—saturating a high speed, 100 Mbit/s connection is not unheard of. For this reason some network providers, such as universities, have banned Skype.
User count and acceptance is often no indicator as to the quality of a service. There may be superior services available whose number of users look poor in comparison with Skype as Skype has been more successful in marketing its service than other pre-existing VoIP telephony services such as VocalTec (established in 1995). The number of users quoted as Skype users are taken from the number of people that have downloaded the software and not necessarily used the service to make voice calls.
SkypeOut rates do not always keep up with the general downward trend in rates charged by conventional telephone companies. For example, in the United Kingdom, the trend is for companies to charge a fixed price per call, for example 3p to 6p for an inland call of unlimited or long duration. With SkypeOut, calls are still charged at a per-minute rate as opposed to a per-call rate, meaning that SkypeOut can be comparatively expensive for inland calls.
The Linux community criticized Skype for not doing any further development for Linux due to the fact that the last release was in October, 2005. The only proof to counteract the criticism is that Skype fixed a Mandriva installation problem on January 6th, 2006 (Release # 1.2.0.21) and also the .deb broken dependancies in late March, 2006.
Prohibitions and Warnings
Legal and other barriers have been erected by companies, government regulators, and school systems. Reasons given include perceived threats to an economic interest, to national or enterprise security, to system reliability.
China 2005
SkypeOut was recently blocked in some regions of mainland China (notably Shenzhen) by the operator China Telecom for undisclosed reasons, believed to relate to SkypeOut's ability to take lucrative international and long distance business away from the People's Republic of China's state controlled telecoms companies.
France 2006
In September 2005, the French Ministry of Research, acting on advice from the general secretariat of national defence, disapproved the use of Skype in public research and higher education; some services are interpreting this decision as an outright ban. The exact reasons for the decision were not given, but computer security professionals point out that:
- Skype is a proprietary software program using undocumented protocols, and laws prohibit reverse-engineering it;
- Skype implements some kind of "peer-to-peer" network over client machines, with clients on fast connections becoming major exchange points; since research centers typically have very high speed connections, machines running Skype in those centers may generate very high traffic; some networks were reportedly nearly saturated by Skype traffic;
- the information flow implemented by Skype is unknown; though encryption is used, it is unknown where traffic goes.
As such, Skype is considered a security hazard for research networks, in which there may be significant intellectual property.
Legal Challenges
Streamcast lawsuit
In January, 2006, Streamcast Networks filed a complaint in U.S. District Court in Los Angeles, accusing Skype of stealing its peer-to-peer technology. The $4.1 billion lawsuit does not name eBay, Skype's parent company.
Skype vs traditional phone companies
Phone companies have traditionally charged users a large amount, often proportional to the distance, for long distance calls. Skype, arguably the first major VoIP software, allowed people to talk over the Internet for free. This led to many home users with broadband capability to switch to Skype for placing their calls over the Internet. Skype being secure and encrypted end-to-end, has also attracted large corporations who are beginning to switch from their traditional phone companies for their internal calls. Phone companies were all of a sudden out of favor in the markets which patronized Skype.[7]
Compatible products
Netgear newly announced a Skype preloaded phone which does not have to be connected to a computer to use Skype; it uses a WiFi wireless router connection instead.[8]
Nokia has also announced the 6136 mobile which switches automatically to VOIP when a WiFi router is within range.[9]
It has been announced that Motorola will release a similar product (CN620 WiFi cell phone). The Accton Skyfone WM1185-T cell phone is also preinstalled with Skype. The i-mate PDA2 also comes with a preinstalled Skype.
Recently, Intel and Skype entered into a partnership resulting in Skype providing advanced conference-calling features exclusively on PCs that run Intel chips. With this deal, customers who want to take advantage of multiperson conference calls cannot do so on AMD-based machines.[10] AMD has questioned the legality of this agreement as part of its anti-trust lawsuit against Intel. [11]
Free and Open Source alternatives
- WengoPhone Classic: An free VoIP application based on SIP open standard [12]
- Zoep: A VoIP extension for Firefox using Windows(c)
- amiciPhone: An open source peer-to-peer VoIP application
- Google Talk: A proprietary application using Jabber/XMPP with Jingle extension
See also
- Voice over IP
- Skype Journal: An independent online magazine about Skype
- Comparison of instant messengers
- Comparison of VoIP software
- Nuvvo eLearning Service: an on-demand service with SkypeWeb Presence integration
- Horizon Global
- Gizmo Project: A closed source VoIP application based on SIP open standard
- Jajah: Alternative where no headset, no download, no installation and no broadband connection is necessary. A VoIP call gets activated between two normal phones.
- Vbuzzer: A VoIP softphone and service as well as an active advocator of SIP open standard
- Zfone is a solution of Phil Zimmermann (inventor of PGP) to encrypt VoIP sessions
External links
- Official Skype website
- Skype Podcast
- Paper on the Skype protocol
- White paper on Skype, focus on supernodes
- Skype Security Evaluation by Tom Berson (Anagram Laboratories)
- Comparison of landline and mobile rates of Jajah, Skype, Gizmo, Voipbuster
- Jan Geirnaert on multiple-login security hole
- A real-world example of multiple-login security hole
- Skype plugin unified messaging platform based on Outlook
- Website dedicated to Skype news
- Skype plugin providing Skype services and speech enabled unified messaging from cell and WiFi handsets
- Website dedicated to Skype voice services
- English language lessons with Skype
- Mixxer, language exchange site with Skype
- Black Hat 2006 Skype Analysis
- The Standalone Skype telephone project
- Skype, Zennstrom, Friis Et Al Sued for RICO Violations
- ^ a b c d "Release Notes for Skype for Windows, Mac and Linux". Skype Support. Retrieved 2024-12-20.
- ^ a b c "Get Skype". Skype. Retrieved 2024-12-20.
- ^ "Skype". Microsoft Apps. Retrieved 2024-12-20.
- ^ "Install Skype on Linux". Snap Store. Retrieved 2024-12-20.
- ^ a b "Release Notes for Skype on Mobile". Skype Support. Retrieved 2024-12-20.
- ^ "Skype". Google Play. Retrieved 2024-12-20.
- ^ "Skype 8.134.0.202". APKMirror. 2024-12-11. Retrieved 2024-12-20.
- ^ "Skype". App Store. Retrieved 2024-12-20.