Slashdot Mirror
Does Your Employer Ban Skype?
neutralino asks: "This morning, we received an company-wide email stating that the Max Planck Society (a German government funded research organization) has outlawed the use of P2P software at all of its institutes (including ours). The statement specifically singled out the use of Skype for internet telephony. The reasons given for this were that 'the exchanged data cannot be controlled' (therefore it might be illegal) and that 'Max-Planck or research resources in general might be abused, if "only" for commercial purposes.' This caught us by surprise, since many of us use VoIP to communicate with friends and family and collaborators, in our respective home countries. Is it now standard practice for companies, government organizations, and universities to outlaw Skype? Should it be?"
I'm not going to tell you what company I work for but it is easily in the top 50 of the Fortune 500. And, yes, Skype is banned--my employer would never let anyone use Skype.
On top of that, I don't have administrative rights to install anything on my computer. I have to go through a large control process to achieve that which requires me to explain what the software will be used for (and it better be a company resource). Therefore, it's almost out of the question to ask for it to be installed.
My company (and I have the feeling that many others are like this, too) would far rather throw truck loads of money at AT&T rather than risk something going wrong with the P2P aspects of Skype.
Furthermore, any kind of free software scares my employer. Big time. I know Skype isn't necessarily free so this is about other software I may want to use. They have this fear that they would be a large target if whoever wrote said software decided to take legal action upon discovering that employees of company X all used it to complete their daily jobs.
Not even stadiums full of lawyers claiming that, due to some software licenses, there's nothing to worry about could convince them otherwise.
My work here is dung.
From their point of view it is simple.
You want to talk to friends or family do it on your time.
If it is work related use their phone system.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
My employer doesn't ban Skype. I can get to the homepage just fine.
.exe or .zip files is kinda a drag, though...
Not being allowed to execute any
My employer (which is pretty small, but spread out) currently embraces skype for free voice communications between our many offices and telecommuniting employees. My employer also embraces most OSS software not only for the fact that it is more cost effective in most situations, but our inhouse programers can tweak the crap out of it.
Can all fish swim?
" Does Your Employer Ban Skype?"
As soon as I get a job, I'll ask him.
It's the Minesweeper of the future!
My employer bans Skype (yes, also singled out by name in the company-wide memo), and the explanation we got is (and, I'm paraphrasing here) "it takes a lot of bandwidth to support all that streaming, and you've already got a phone."
Kinda makes sense from that point of view.
And SSH has a million more uses, including tunneling Skype.
Why is skype targeted? How does that lead to more uncontrolled data exchange than if I start uploading or downloading data with FTP which they probably don't include in the ban.
Your right to privacy just about disappears when you walk into your employer's offices.
Of course the telephone system is itself a p2p application. When you can't reach your correspondent using the telephone, but can reach them using Skype, your work will be impeded. It's a luddite reaction similar to those which one can hypothesize occurred when the PSTN was still a novelty, and
employers reacted strongly against the possibility that their employees might phone home on company time. Of course that was similarly wrong-headed.
-I like my women like I like my tea: green-
I personally run a VPN back to home and well, no filtering, monitoring, etc.
Any sensible admin would do that.
Skype eats network traffic, and when you multiply a Skype call by several hundred that's a lot of resources being consumed. Not to mention the impact on productivity and the security risk that is presented by unverified software.
Also, any corporate lawyer will tell you that no company wants to risk legal problems caused by employee misconduct. They certainly don't want to get blindsided because of a Skype call that they have no way of monitoring, tracking, or keeping record of.
120 characters for a sig? That's bloody useless.
then it would be the perfect spyware.
The perfect spyware would punch through firewalls. Skype does just that for its legitimate purposes.
The perfect spyware would encrypt its outgoing communication. Skype does also.
The perfect spyware would be a program with plausible-sounding reasons to connect to unknown computers without notice. Skype has to do just that to take advantage of its supernode system.
The perfect spyware would be hard to reverse engineer. Skype refuses to run under SoftICE (apparently to inhibit development of competing clients).
In our own real world, Skype's been minding its own business. Nobody's lost a machine due to having Skype on it (at least not since the callto: buffer overflow). Nobody's reported suspicious activity in filemon while Skype was running. By normal standards it's trustworthy. But to a business which lives by "you can EXpect what you INspect" Skype is a terrifying unknown.
See the definition here: http://www.thefreedictionary.com/dict.asp?Word=ill egal
if you are going to be a pedantic jerk, at least be right!
if it is against the rules it is illegal!
Last year, we started recommending that employees use Skype for most routine meetings (most sensitive meetings are still recommended to use phone lines since people questioned Skype's author's previous company's business model).
Why skype? It was the best cross-platform (Mac & Windows & Linux) voice conference system we could find.
http://www.thefreedictionary.com/dict.asp?Word=out lawed
Unless it comes up as an issue under SOX or HIPPA we are not worried about it, we can't be all our time is taken up fxing the uncompliant parts of our systems/network.
"Tolerance is a virtue of a man without convictions." G.K.Chesterton
My employer already has a contract for telephone services. My employer can control and audit use - if they need or want to. If confidential information is divulged / threats promulgated/ illegal activity conducted through the existing telephone system, there are clear employment practices and laws to deal with that. Skype is not easily audited. Skype use -may- define the bandwidth provider (the employer) as the telephone service provider; leaving them open for subpeonas and other unwanted attention. Skype users might configure workstations to act as relays, giving away company resources. Right or wrong, they'd rather use POTS.
No need to ban it if you already block it. Many companies have strict firewalls which will block it and many other peer-to-peer applications that connect to unusual outbound ports. Strict firewall policies can be a good thing, and Skype requires opening a lot of random outbound ports, unless you have something like a SOCKS/SSL proxy set up on the gateway.
Has this hit the US yet? Any papers showing solidarity with the Danes?
t oons+upset+muslims&btnG=Google+Search&meta=
http://www.google.co.uk/search?hl=en&q=danish+car
http://www.mediawatchwatch.org.uk/
http://www.welt.de/
http://news.bbc.co.uk/2/hi/europe/4670370.stm
My employer bans it, and one of the reasons is that *any* type of VoIP system is banned in some of the countries we do business in (UAE being one of them). If the ISP in the region (effectively a state monopoly) found evidence of VoIP on their links, then they'd cut the links, simple as that. Interestingly, we examined the ToS of the link in UAE & we believe it's actually a criminal offence to use VoIP services on the connection we have.
When the boss is on the road, why pay for long distance through the hotel circuit when you can just use the cheap/complimentary Internet to place a Skype call?
I don't see how Skype is any different from ANY other Internet traffic! If you're communicating to the net, you could potentially be sending secrets out. Better Skype than SSH.
I don't use skype on principle; closed source proprietary protocols can go to hell.
I'm happy to interact with systems based on unencumbered open protocols and open source implementations.
This means I like Free World Dialup with the Asterisk gateway, and I like asterisk and its inter-asterisk protocols. Nice.
But skype can go to hell.
Sam
blog.sam.liddicott.com
Yes, Skype is blocked where I work. Ostensibly, this is primarily because it opens a hole in the firewall, thus making it a security threat.
It might also have something to do with the fact that we're a phone company.
And they even have a fab website outlining it.
While they're at it, they should ban email and telephones too if they want to stop information leaks.
Just how does an application know when it's running under a good emulator?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I work in the IT department of a local authority. We don't 'ban' Skype as such, but it is blocked at the firewall just like any other non-essential traffic. Out of several thousand users we have had two or three requests to use Skype, which we've complied with. If we had hundreds of requests we'd have to review the situation, since we obviously have limited bandwidth just like everyone else.
MacBook Pro. Worst name since the Bicycle
I work for a small software company that is widely distributed; we have developers in 3 different countries and 5 different time zones. We use Skype almost exclusively for all of our voice communication as well as for casual IM'ing. Every employee is required to install Skype and create and publish a Skype ID. I can't even imagine how much time and money we save this way.
I read Usenet for the articles.
Since we have an internet setup with unlimited bandwidth, there's no cost overhead for using Skype. And not to pimp Skype or anything, but we've saved a couple of grand a month on phone bills :-)
(We have offices in three countries, so we make a LOT of overseas calls just within the company.)
I wish my employer would use something else. Something standard like SIP/RTP over IPSec. Skype is not open source, and uses a proprietary protocol, with a non-inspectable encryption implementation.
Skype is gratis, not libre.
Just how does an application know when it's running under a good emulator?
SoftICE isn't really an emulator - it's really an advanced debugger, and carefully written applications can detect that they're being run under a debugger (either by hooking the debug interrupt, scanning Windows memory, instruction timing, or even just making a few deft software calls which end up returning distinct results whether or not it's running on a debugger). A book called "Crackproof your Software" (No Starch Press) details some methods of detecting debuggers.
Now, it would be far harder of Skype was running under say, Bochs and being debugged at the same time since the debugger runs independently of the virtual processor. Timing attacks don't work since the performance registers can also be freely altered, and since there's no real hook that can be grabbed, special instruction sequences won't reveal the presence, either.
If you read the EULA, you are agreeing to allow Skype access to your bandwidth should your machine become a supernode. Well, employees don't own the business's bandwidth and so are generally not in a position to accept those terms. In our case, they are absolutely not in a position to accept those terms.
Since our users cannot agree to the EULA, our organization has banned Skype. While I dislike the traffic, the deciding issue for administration was that the license was totally inappropriate.
I'm not sure. I'll try it and let you know, because I was getting sick of being employed anyway.
https://www.eff.org/https-everywhere
I work for a major US cell phone carrier, and we have the exact same problems. Pretty much all non-HTTP, FTP, or SSH traffic outside of the LAN is blocked. We don't have administrator rights to our laptops, and there is a huge bureaucratic lag on getting things installed that requires a lot of justification. Getting log-ins on machines we need access to do our jobs can take two weeks to get approval. Personally, I'm of the opinion after butting heads a few times that the job of our IT department is to prevent work from getting done.
(Our excuse du jour is "SOX compliance." What's yours?)
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
So are they going to ban mobile or cellular communications also? They aren't under the control of the company, can be used at work, and therefore can be used to leak information. Same goes for SMS, Blackberry (using BWC, NOT BES which obviously ties in to the companies server), MMS, etc.
Heck, take a camera phone picture of a document and sent it to someone using MMS. completely untracable by company audit logs.
Firewalls that are "deny by default" are standard at most large corporations. I know it's been the default at every large corporation I work at.
No need to explicitly ban Skype, even without corporate policies, Skype wouldn't be able to get through many firewalls. It's designed to do NAT traversal, not punch through firewalls that block everything and only allow through whatever the proxy machine lets through. (Plus even if Skype could fake the proxy into thinking it was one of the allowed protocols, the latency through the proxy would make Skype practically unusable.)
retrorocket.o not found, launch anyway?
I am a network security manager at my company, and we do ban Skype as well as most other protocols outside of NTP, HTTP(S), and FTP, for two very simple reasons:
1. Bandwidth. We only have a T1 for our office Internet connection, because that's all we need to run our business. Streaming media crushes it pretty quickly with 100 employees sharing 1.544 MBit.
2. No valid business purpose. This is a business. People are paid to do a job. They don't need Skype, AIM, RealPlayer, etc etc to do that job. We run WebSense (though the filter set is not at all harsh, and we disabled logging and reporting) to filter web traffic for the same reason.
The company you work for has every right to control exactly what what comes in and out of its network. Heck, most companies disallow personal phone calls anyway, so why do you need Skype?
Over here, in the small software company I work for - we specifically use skype for all intra company communication. We have a number of offsite works and this helps alot.
snowulf.com
I work for a major Australian university. We haven't exactly banned Skype, but we've certainly come very close. Our policy is basically, "If you need to make a call using Skype, you can start up the software, but you must shut down the program completely as soon as the call is over."
...
Because of our bandwidth -- we have a very large pipe to the Australian network, and most of our desktops have gigabit ethernet -- any desktop running Skype is going to become a supernode. Because of our connection, we get charged a bucketload for data coming through our links. Combine the two, and basically, Skype would be getting us to pay for its traffic, with relatively little benefit to us.
It's a good idea, but the fact that it will grab bandwidth where it can and basically freeload means it would cost us more than it's worth.
All it will take is one user not following that policy for Skype to be banned outright, I believe
IT has been instructed to remove/disable Skype software from all computers accessing the corporate network, effective immediately.
IT, in conjunction with our lawyers, has recognized Skype software as a threat to Yoyodyne's intellectual property protection practices and has authorized the removal of the Skype application from Yoyodyne's systems. In addition to application removal, IT will now be monitoring and blocking Skype-related traffic to mitigate the threat to the global Yoyodyne's computer operating environment.
How is Skype a Threat?
Skype enables users to place uncontrolled and unregulated voice calls and chats (Instant Messages) and perform file transfers via the Internet to another end user running the Skype application. Such behavior leaves enterprise organizations open to a variety of liabilities and potential virus infections as well as loss of intellectual property.
Due to Skype's encryption, it is impossible to monitor the contents of communications via this medium. Additionally, recent Skype software exploits have increased the susceptibility of system compromise for those computers with the Skype application installed.
[Lightly editted, names have been changed to protect the innocent.]
but it does block the ports that are used by Skype and other popular VoIP services.
As I walk through the valley of death I fear no one, for I am the meanest sonova bitch in the valley!
I'm always amazed at the willingness of small companies to "out source" such essential communication mechanisms to parties over which they have no control at all. I can imagine it for small companies without a decent IT "guy". But a software company should know better.
Article 2 License and Restrictions
2.1 License. Subject to the terms of this Agreement, Skype hereby grants You a limited, personal, non-commercial, non-exclusive, non-sublicensable, non-assignable, free of charge license to download, install and use the Skype Software on Your computer, phone or PDA for the sole purpose of personally using the internet telephony applications provided by Skype and any other applications that may be explicitly provided by Skype. For the avoidance of doubt, You are allowed to use Skype Software at work, in accordance with the terms of this Agreement.
I also work for a Fortune 500 firm, in the security department. I don't have any particular problem with Skype as a product, but we opted to advise our userbase against it.
The lack of control is the #1 reason, since we can't ensure confidentiality (not that the probability of eavesdropping is worth discussing, but risk management demands a level of due diligence here,) and bandwidth was another concern, not because of the supernode issue, our network would wreck that, but rather because we have enough crap to deal with and didn't need another "free product" to muck up our works with issues of code validation, accountability, confidentiality and service availability.
I don't like the way things have gone, but at least in Corporate America, I don't have enough peers to cover all the bases and management above me is expecting risks to be minimized, and even that is a huge challenge with just the stuff we paid for.
Hey, at least you have IM!
I don't understand your comment at all. As if we have control over the regular phone system? What exactly should we know better? That we should be paying huge $ to some long distance phone company when a newer, better technology provides a superior service, and for free?
If Skype should fail (which it does sometimes, the connection quality can be bad due to internet connection issues) we simply switch back to the regular phone at that point.
I read Usenet for the articles.
Well, some small companies use MSN for same thing - communications between offices... Poor people. Skype atleast works when servers are down, in MSN you just have to wait...
Should you be chatting to your friends and family at work?
If so, it shouldn't be banned.
Collaborators? For work? Then use the phone.
My company does not ban most software, but only agency approved (Read directly work related) software can be loaded.
This policy came about from people loading every cute program, screen saver and online streaming viewer which would slow the computer and clog bandwith.
it still gives the users some latitude in using software to increase producivity with out breaking the computers and slowing the networks.
Programs which has a negitive effect on the network and productivity are tracked and removed.
At Oxford University P2P is strictly banned from University servers. Ostensibly the rationale for this is that it prevents outside users from using resources paid for by Oxford. They expressly stipulate that Skype is among the banned applications. I find this bizarre because while I would vastly prefer to use Skype - I can also use google talk or msn. Using msn for voice chats however uses more bandwidth, so instead of distributing the load, they prefer more bandwidth to be used on a matter of principle.
This is pretty much situation normal where I work (Australian federal government). P2P of any description is banned for data-control/big brother reasons. It's simply not possible to keep tabs on material transmitted via P2P at this point given our relatively onerous data retention requirements. We have a legislative imperative to retain records of activity for seven years - email, files (paper and electronic), phone call logs, diaries, etc.
Until relatively recently, Google Talk and Skype were functional on the network, but they have now been locked down, along with the rest of the common IM protocols. Stuff like BitTorrent is also banned outright, with no option of it being opened up.
I recently moved out of our IT security policy area for several reasons, not least of which was my inability to reconcile my personal views with the business approach to reasonable (as opposed to totally unchecked) and legal use of IM and P2P tools, as well as what I saw as an unthinking approach to the blocking of websites which had material that could be considered offensive and might be inadvertently accessed by users (for example, we block stuff like deviantart.com and flickr as they are known to contain nude imagery).
My employer (a Swedish university) does not ban Skype. (although they don't have any explicit policy permitting it either)
There is, however, a general policy not to abuse computer resources, although I doubt they'd go after anyone for this. They're quite liberal, and someone running Skype off their desktop wouldn't be considered abuse unless it seriously affected their work.
I'd say the experiences are on the opposite side, for instance we have several starving post-docs from foreign countries who routinely use it to talk to their families back home without going broke. That is probably very good for their morale, and therefore their work.
That assumes that the time you spend using their computer system isn't "your own time."
While that's true for an hourly wage type in an office building, it certainly isn't true for everyone, especially at a government lab.
At least around here, it isn't too uncommon for people to work many dozens of more hours than they're officially paid for in a week. In situations like that, allowing them to do something personal with the network that has negligable impact on anyone else is a no-brainer. Restricting it would just piss them off for no reason.
In my case, I'm in the lab during just about all hours that it's polite to call people in the local time zones. If I want to talk to anyone on the phone, I pretty much have to do it from work. That gives me two choices: use a cell phone and pay an outrageous fee, or use an online application like Skype. (Or use the land line and *really* abuse the lab resources.)
Fortunately, there's been no attempt to ban Skype or other telephony apps here.
At some of the security conscious national labs, there may be more restrictions. But applying them system wide to an institute as huge as Max Planck is just crazy.
If you ask me, any place that you're allowed to bring a cell phone, you should be allowed to install a telephone application. (Unless perhaps you're out in the field in some remote location with very limited network bandwidth.)
My employer does ban Skype but goddamn it's hard to stop. The latest version tunnels over HTTPS and even autoauthenticates (with NTLM) against the proxy. It's like fricking magic. I have read the mailing list entry where somebody suggested banning all CONNECT statements to IP addresses (using a simple regexp in Squid) but that's no good for any Fortune 500 because there is so much going on that banning all IP addresses will almost certainly break an important application; our own audit found dozens of examples of legit B2B traffic using IP addresses in the CONNECT statements and we'll be buggered if we can identify them all. Also that strategy is doomed because you just know the next version of Skype will do a reverse lookup and CONNECT to the hostname.
The desktops aren't locked down well enough to stop people installing Skype and that's unlikely to change in the near future. The desktops are not even my department so it's not something I can directly influence. I have influence over the proxies, the firewalls and the routers. I'd love to know how to effectively ban Skype. Please tell me.
All non free software is this way. Why pick on Skype?
The only thing you missed in your "perfect spyware" specification was this: the perfect spyware does nothing useful for the victim. Removing the program that installed the spyware often leaves the spyware.
The reason given by the company against Skype and P2P, "the exchanged data cannot be controlled" makes no sense. Do they think they can control the post in and out? Phone calls? Email? Better lock it all down. How stupid of them.
Friends don't help friends install M$ junk.
What EULA can your employees agree to? I'd say none and that no non-free software of any kind could be installed by end users. Surely, you would not consider an employee's installation of WMP or other M$ "upgrades" that make M$ root?
Do you monitor your network for bandwith wastage by spy and malware?
Friends don't help friends install M$ junk.
Means they can't data mine your communications as easily.
Germany is cracking down on Alqueda .
It would appear that you are a really bad liar.
If the employee was prosecuted it is a matter of public record, let's see some detail so we can confirm your pathetic story.
...all are investors, and read fairly conservative old mainstream investment periodicals. (Note: many good replies so far, security concerns, etc, this is just another take on it from a psychology POV)
/. anecdotals to the contrary could be used,that isn't the point)
All those places are pushing heavy (follow the latest telco propoganda) for the telcos to limit such things as skype, so, knowing how monopoly cartels work, they are assured this will happen, by law or otherwise. Even if some places are using things like skype, or open source freebie ware, they get *nervous* when big costs aren't associated with something, they instinctively think it's a con, or a dodge, or something that eventually will get them screwed. They simply can't conceive of themseves giving something useful away, so they assume anyone else doing it has to be insane or a crook or both. If it's a con or dodge THEY think up, swell, most of them will try it out, but someone elses, with the word "free", just gives them the trembling buckwheats. The telcos are a big part of most execs portfolios. They want to support their "investments". The telcos hates the skypes and vonages, and are much bigger, and older and more entrenched and more bluechip, hence, they are the "good guys" and "real businesses" to most (not all, but most) management/boss class investor types. Even when they take a flyer on something like a google, look what just happened when google posted a slightly smaller profit increase,(still huge but apparently not huge enough) most of those boss-class investor types bailed out screaming. Because in their minds they knew it was too good to be true, because deep down google doesn't charge money for searching, and they can never understand how not charging for something will ever work. Intellectually they might understand how it works, they will even drop a few of their extra poker chip money bucks on some stocks, but in their hearts they just don't get it, and are hard wired in their brains to *never* get it..
This is also why there is such a struggle to get open source adoption, management level stock portfolios, both in corporations and in government. They see the word "free" and they start to sweat, free means somehow they get no money in their eyes,or their drinking buddies at ye olde skull and bones brewery get no money, and big business and entrenched big government (it's the same really) is completely based on the profits at any cost, got to keep growing and kill the competition theory. If it can't be owned and closed off and exploited, it's a threat, even it's in an industry outside their own interests, they still have to preserve their "way of life" with "investments". Anything outside that club is..outside, the enemy, jumpstart interlopers.
It's easier if you think of it this way, managers and above and big politicians and entrenched bureaucrats (in net parlance this is called the "monied elite") are Ferengi, there are some things they are never going to "get" no matter what. They are not normal working level human in their outlook for the most part.(note, still very generally speaking, I am sure any number of immediate
To them, Bill Gates = good. They understand a fellow completely ruthless pirate. Part of the gang. Linus Torvalds (if they recognize the name) = someone who should be hung or deported at a minimum as a threat to society. A long established bell = "good" something like a skype is suspect. They don't get it, it must be e-vile.
I don't see this as terribly good or bad, just "is" is all. Been that way since the first cave dude offered wholesale clubs for trade at very great expense and would brain the competition with his expensive product.
...all are investors, and read fairly conservative old mainstream investment periodicals. All those places are pushing heavy (follow the prooganda) for the telcos to limit such things as skype, so, knowing how monopoly cartels work, they are assured this will happen, by law or otherwise. Even if some places are using things like skype, or open source freebie ware, they get *nervous* when big costs aren't associated with something, they instinctively think it's a con, or a dodge, or something that eventually will get them screwed. They can't conceive of themseves giving something useful away, so they assume anyone else doing it has to be insane or a crook or both. If it's a con or dodge THEY think up, swell, most of them will try it out, but someone elses, with the word "free", just gives them the trembling buckwheats. The telcos are a big part of most execs portfolios. They want to support their "investments". The telcos hates the skypes and vonages, and are much bigger, and older and more entrenched and more bluechip, hence, they are the "good guys" and "real businesses" to most (not all, but most) management/boss class investor types. Even when they take a flyer on something like a google, look what just happened when google posted a slightly smaller profit increase,(stilol huge but apparently not huge enough) most of those boss-calss those investor types bailed out screaming. Because in their minds they knew it was too good to be true, because deep down google doesn't charge money for searching, and they can never understand how not charging will ever work. intellectually they might understand how it works, but in their hearts they just don't get it, and are hard wired in their brains to *never* get it..
This is also why there is such a struggle to get open source adoption, management level stock portfolios, both in corporations and in government. They see the word "free" and they start to sweat, free means somehow they get no money in their eyes,or their drinking buddies at ye olde skull and bones brewery get no money, and big business and entrenched big government (it's the same really) is completely based on the profits at any cost, got to keep growing and kill the competition theory. If it can't be owned and closed off and exploited, it's a threat, even it's in an industry outside their own interests, they still have to preserve their "way of life" with "investments". Anything outside that club is..outside, the enemy, jumpstart interlopers.
It's easier if you think of it this way, managers and above and big politicians and entrenched bureaucrats (in net parlance this is called the "monied elite") are Ferengi, there are some things they are never going to "get" no matter what. They are not normal human in their outlook for the most part. To them, Bill Gates = good. They understand a fellow ruthless pirate. Linus Torvalds (if they recognize the name) = someone who should be hung or deported at a minimum.
I don't see this as terribly good or bad, just "is" is all. Been that way since the first cave dude offered wholesale clubs for trade at very great expense and would brain the competition with his expensive product.
We use it here all the time to save money.
P2P will kill all the internet bandwidth it is allowed to eat. And we pay for this.
Skype and most IM software allows file transfers, and these will not be virus scanned at the perimeter.
Before we will open for P2P, there must be a business case for this. We do not even use VoIP between locations, and we have a good deal with the telecoms.
Then there is also the productivity issue. With 30.000+ employees, not all have Internet access, and many only has to whitelisted web pages. People should work when they are at work. They can play at home.
I do not work in a computer company, but a company with mostly unskilled labor (1000+ stores).
We sometimes reviews employees internet usage, and there are always people who can not control it. And when we catch people using webmessenger, P2P or other IM, then either they usage is way too high, or their machine is full of software or music the company did not pay for.
Not only is Skype not banned, its use is encouraged. There is a requirement to use a company-specific modified client (IIRC we paid Skype to produce a variant for us) - I think it adds VLAN tags to prioritize the traffic.
It isn't oficially supported by IT, rather there's a "you guys know what to do" kind of attitude, and to that end there's an internal Wiki for users to exchange tips on setup and use. There's also talk of creating a Skype endpoint that hooks into the internal phone system so that employees can call any employee worldwide for free if they have an Internet connection, including the internal conference bridges.
We use Skype as the official company VoIP and conferencing sw. We are a small company, and we have a persistent Skype chat open with all our globally travelling workers, and we cut global phone costs with Skype. Internal meetings are often done is Skype. The two good things are that it works through many kinds of firewalls, and that it encrypts.
Anssi Porttikivi / app@iki.fi
I have worked for a Max Planck Institute in the past, and I must say that a society-wide policy on something like Skype is really unusual for the Max Planck Society. First of all, it engages in fundamental research, so the institutes usually have a very easy-going, academic attitude -- don't regulate too much, let the members get away with a lot, as long as they produce results. And the institutes are usually very independent on each other, they do not share any IT services or network connections (internet connectivity is provided by the DFN, the German research network). So what one institute does with its IT doesn't concern any other institute.
So, what might have provoked the MPG into this policy? I could understand a ban on p2p -- the MPIs are usually part of a university, there are lots of student assistants, also in the sysadmin groups, so there is lots of filesharing going on. I could understand them banning filesharing, because (beside being illegal) it sucks an ungodly amount of bandwidth, in addition to the bandwidth the institutes have to use for their work (because have to exchange huge chunks of research data, or operate huge mirrors.)
But why Skype? The only explanation I can find is last year's Skype scare from the Swiss Federal Institute of Technology in Zürich (see this article). They found out, ooops, Skype is a P2P program, it uses our bandwidth for routing calls by other users, quick, shut it down! But would that be enough for a ban on Skype?
I don't really believe the cited reasons (sensitive data, misuse of MPG resources, etc.) It's usually up to the individual institutes (and their sysadmin groups) to devise a security policy and make sure that MPG resources are not misused.
So ... I left the MPI three years ago, so I'm not aware of the current state of the MPG. I'd like for someone to shed more light on this issue. It's really unusual.
Regards, Felix.
If you were to look again for a good, free cross-platform VoIP setup, you wouldn't go wrong to look at SIPPhone's Gizmo Project system. They provide clients for Windows, Mac, and Linux, and unlike Skype, they use open standards, most importantly SIP. This means you can use the plethora of SIP-enabled hardware, as well as communicating with outside systems, such as Google Talk. SIPPhone also provides POTS gateways with *very* reasonable rates.
I'm not affiliated with SIPPhone, but I'm a very satisfied customer. Don't believe the Skype!
My employer is a large IT company, and it has banned the use of Skype.
The reason they give is because it is P2P and that is bad (even though they are rollout out their own VOIP program, which I doubt will be routing through defined servers and hence also be P2P).
Is pretty much standard now if you are using a Unified Threat Management device like one from SonicWall or Fortinet.
We monitor security in real-time and can correlate all kinds of data including P2P, IM, web, mail, you name it.
It's somewhat funny in my company. The group wide controller has encouraged all employees world wide (16 countries, many many offices) to use skype for internal calls. Our local IT department however has discouraged us to use skype due to bandwidth reasons. In reality hoewever, nobody cares. Some have adopted the use in daily work, others don't.
For telephone conferences and joint work on documents, netmeeting is still the tool of choice here (regrettably).
In Korea, all your base are Only For Old People
And my 60gig IPOD really only has music on it. Honest.
My employer embraces it. We have offices split in San Diego, Colorado, and Washington D.C., as well as a few telecommuters in various corners of the U.S. We use Skype (along with AIM, VNC, Subversion, etc) to create a really collaborative environment, no matter where you are.
In any big setup you often have to set up rules like this. It may not be VoIP that is the issue but any third party software. You really can not tell what it is going to break.
A good example happened at my office.
We are a small software development company. We used to let the support techs install what they wanted on their systems.
One day a support tech wanted to try his hand a programing. We told him that he could write a little utility that he wanted but NOT to give it to the other techs until it was tested. He didn't listen and it broke one of the main application that we use here by leaving a database record locked. The main application which I wrote reported errors so I got a bunch of people telling me that my program broke. Grrr... After a few hours trying to find out why my code broke since I couldn't duplicate it on my system I found out what he had done.
Another example is AOLs new IM. It breaks our product by stealing a hot key even when it doesn't have the focus.
When you have a few hundred of a few thousand systems to deal with things get ugly. If something is a one out of a hundred problem you end up dealing with it several times a day.
Next you have the security issue. The fewer programs you are running the less chance of a buffer exploit or some other vulnerability.
I am glad that your location doesn't seem to have any of these issues but they can be a real problem. With networked systems even programing tools can be a real issue. Back in the day a user could only mess up his own system. Now they can create havoc for hundreds of people.
I would love to work at a place full of smart and responsible people. Very few of us have that luxury.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Not only is Skype NOT banned, we have people that have called into conference calls (via Skype-in, and directly to computers in the conference room) to participate.
What cheaper way to communicate with your cheap offshore developers?