Slashdot Mirror
Microsoft Won't Say If Skype Is Secure Or Not. Time To Change?
jetcityorange writes "When asked repeatedly a Microsoft spokesperson refused to confirm or deny that Skype conversations [could be monitored]. Microsoft was granted a patent a month after purchasing Skype that covers 'legal intercept' technology designed to be used with VOIP services. Is it time to consider more secure alternatives like Jitsi like Tor's Jacob Appelbaum suggests?"
The more shocking idea is the assumption that any major VOIP service based in a major country does not allow intercepting on their services.
If you are serious about privacy Skype was never even an option! ;)
Earn Cash and Prizes, and get free stuff!
If there is a third party running the server in the middle, there can be no trust. Run your own server if you need security. There are lots...
Anything transmitted online - whether it be VOIP or cleartext or whatever - can be tapped
Even when you tunnel your channel, even when you employed all the evading/security technologies that you can think of, if TPTB wants to know what you do, they could find ways to _CAN_ tap you
But of course, we _are_ talking about Microsoft in this case, which makes it even more poignant to understand how frail our security situation really is, online
Muchas Gracias, Señor Edward Snowden !
It's been assumed for a long time that Skype is insecure, as one would expect from a prominent closed-source solution like that. The thing that's new (to me, I hadn't heard it) is that Microsoft purchased Skype. I have no particular fondness for Microsoft but they're more upstanding than Ebay, which gave up a lot of customer information after 9/11 without warrants and denounced other companies for not doing the same.
We've used OTR when we want to IM about something sensitive - is there any sort of similar plugin for Skype? It appears there's a text chat OTR plugin... but a video version would be more useful for most people.
#DeleteChrome
I just tried Jitsi while /. was in maintenance mode. It does not work on this very standard Win7 box. Incoming audio is missing; logs are missing. Uninstalled already - not usable. Bria works fine. My VoIP server (3CX) is on the local subnet.
But even beyond that, Jitsi is not a solution; it's a component. The only way to make it into a solution is by selling your soul for cheap to the likes of Google and Facebook. That would be counter-intuitive for a product that sells itself as a secure thing.
The only reasonably secure way is to run Jitsi on your own SIP server. However that is not an exercise for everyone. A geek can deploy a SIP server, but a common man cannot even understand what we are talking about here.
I'd say that 3CX people already have a solution. First, they have a TCP tunnel that you can use to go through firewalls and specifically NAT. Then they support encryption. And finally, their stuff works. (This is important, despite what some geeks say.) They also have a client for Android (besides the usual suspects.)
However in terms of simplicity Skype leads the pack.
. . . with my Family are of interest to any government. Come on, Skype is for keeping in touch with the old folks at home. For anything serious you would use something more peer to peer without any 3rd party involved. And even then . . .
Cheers, Nostrada
Here we go: Microsoft is a major multinational corporation, with a substantial base, substantial assets, most of their higher-ups, and a fat load of juicy contracts within the jurisdiction of the United States(and a number of other countries that have less clout; but are no more savory)...
Now, according to the feds"CALEA Compliance for Packet Equipment, And Equipment for Facilities-Based Broadband Internet Access Providers and Providers of Interconnected VoIP
All facilities-based broadband Internet access providers and providers of interconnected[with the POTS legacy telephone system] VoIP service have until May 14, 2007 to come into compliance with CALEA."
So, how lucky do you feel? Skype in and Skype out are definitely 'interconnected VoIP service', but it isn't entirely clear whether PC-PC skype connections would be treated as part of that 'interconnected VoIP service' or whether, because they aren't directly interconnected, they are treated separately. Do you fancy hoping that Microsoft feels like belaboring that decision in court to no obvious benefit for themselves?
Here's my question - I'm hoping some knowledgeable slashdotter with some IP nouse can clear up my confusion. Are there any technical, or any legal reasons, why a 3rd party app cannot simply wrap Skype, at least for voice calls (leave video aside for now). Lots of 3rd party apps present as printers to the OS, and when you print to that virtual printer, they create an eps file or a PDF file or whatever.... Why is it hard for a 3rd party app, similarly, to present as a headset (mic + speakers) to the OS, allowing the user to run Skype as well as the 3rd part VOIP app, and select that headset in the Skype audio options. You could then run your 3rd party VOIP solution, and have Skype set up to start in the background. calls in either direction to others on Skype could be handled transparently in the 3rd party VOIP app, and that would give users the chance to gradually get their network of friends and family swapped over to open, standards compliant VOIP solutions, without having to give up on contact with those running Skype (face it, that's everyone), or switch between 2 apps for calls (I understand the API already exposes things like accept call...) If this is a viable way to overcome the powerful networking externailities that Skype now has working in its favour as a barrier to new entrants, has it not been done because of a)legal b)technical c)marketing or d)other issues?
ceci n'est pas un sig
Microsoft Won't Say If Skype Is Secure Or Not. Time To Change?
Can all the alternatives solemnly promise me that they're secure too? And to jump to the end of the ensuing discussion, where do I gain the expertise to be a subject matter expert (in several areas) and length of time in which to review all relevant code?
Shai Schticks:"You don't make peace with friends, you make peace with enemies"
Into what?
“He’s not deformed, he’s just drunk!”
If you are getting concerned _now_, then you have been asleep at the wheel.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Encryption is not illegal in the U.S.
Why doesn't someone create an open source encryption solution which encrypts the conversation with a public key prior to routing it over Skype then decrypts on the other end with the private key. I know encrypted land line phones exist i've seen and used one, any intercept or wire tap just gets something similar modem sounds. Their major disadvantage is the encryption key has to be set in advance of the call usually by sneaker net. When someone listens in, warrant or not all they get is nonsense. A truecrypt for VOIP.
If its not possible than we may see the return of the land line for secure conversations.
When I heard Microsoft had purchased Skype, my first thought was "Skype is dead". It only remained to find out in what way it met it's demise.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
I just tried Jitsi while /. was in maintenance mode. It does not work on this very standard Win7 box. Incoming audio is missing; logs are missing. Uninstalled already - not usable. Bria works fine. My VoIP server (3CX) is on the local subnet.
But even beyond that, Jitsi is not a solution; it's a component. The only way to make it into a solution is by selling your soul for cheap to the likes of Google and Facebook. That would be counter-intuitive for a product that sells itself as a secure thing.
The only reasonably secure way is to run Jitsi on your own SIP server. However that is not an exercise for everyone. A geek can deploy a SIP server, but a common man cannot even understand what we are talking about here.
I'd say that 3CX people already have a solution. First, they have a TCP tunnel that you can use to go through firewalls and specifically NAT. Then they support encryption. And finally, their stuff works. (This is important, despite what some geeks say.) They also have a client for Android (besides the usual suspects.)
However in terms of simplicity Skype leads the pack.
I have been using Oovoo for a number of years now. It has a better interface than Skype, and you have a number of security options.
You don't need a third party. For some reason we have gotten away from the very sensible solution of direct connections. We're not talking adhoc peer-to-peer in the Gnutella sense, we're talking about "I open a port and you connect to me". The only thing you need the cloud for is a way for two people to exchange IP addresses.
Then check out his latest venture
https://silentcircle.com/
They patented VOIP wiretaps so no one else could do it. You can sleep soundly tonight knowing that if anyone* even tries to wiretap your calls, they'll slap them so hard with a patent infringement suit their grandkids will still be indebted to Microsoft.
*The term "anyone" does not include government agencies, Microsoft business partners, affiliates or Microsoft itself.
Perhaps it's not the intention of the Slashdot editor who titled this story, but you know the saying where if a news title is phrased as a question the answer is always "No"? Well this is the case here as well.
You should always have been aware that Skype might be monitoring your calls, since you don't control the network. Nothing has changed ever since Microsoft took over, so what makes it the case that NOW it's time to change? Besides, change to what? There's nothing else out there which is accessible to most locations around the world with the ease of use and easy of configuration which is comparable to Skype (along with video support). What, Google Voice? How is that better for secure communications? Ekiga? No-one uses it because it doesn't fucking work properly.
Wasn't the FSF supposed to be working on some sort of free Skype alternative? Yeah, go them. In the end you need to bring people across from Skype in addition to finding alternative software, and if those apps aren't even available for your Phone for example, then you'll be hard pressed to get anyone to convert.
Most people on Slashdot are fucking idiots.
All of their conversations are encrypted with the same key. If they had any interest in protecting your privacy then they would have built in OTR or some other FOSS end to end encryption.
Aside from not padding its encrypted packets, thus leaking data via phonemes, etc., MS will certainly be complying with the "law" to furthest of their abilities -- and then some, I suspect. MySpace was known to essentially gift-wrap user data and send it to law-enforcement, probably with chocolates too. Although it's not an entirely unreasonable question, I think paranoia can be liberally applied to the question of Skype's security.
One thing that really peeves me about Skype is their assignment of a generic number which my contacts sometimes receive. If a contact attempts to return my call, an audio recording essentially indicts the user with a ridiculous legal disclaimer, blabbing about illegal activity and so on. A little vid I made describes it: http://www.youtube.com/watch?feature=player_embedded&v=9ie_0aY1DM4 -- I would love an alternative to Skype, but such would require a serious amount of funding.
It is also odd that the NSA offered so much money to get into Skype, all whilst it was leaking. Perhaps I am missing something.
Forward! -- Emperor Norton, 2012
My mom's Skype account was recently hacked. Apparently the hackers were able to abuse the Skype Manager system to gain control of her account without her authorization, transfer her account balance, and reset her password. Skype's customer service has acknowledged the problem but has not been able to restore access to the account yet.
(I don't know any more details than that, as I haven't been involved.)
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
"When asked repeatedly a Microsoft spokesperson refused to confirm or deny that Skype conversations [could be monitored]
Then it's not. When you have to guess, in this case, whether skype is secure, assume the worst. Absence of proof of security is proof of no security.
--
BMO
We need to be reminded constantly, because of our short attention kittens.
Jesus when did 4chan get a moderation system and how did I manage to mistype slashdot.org?
Skype is about as secure as your mobile phone's GSM chip which has a deliberate flaw (backdoor) to allow hacking of your phone call.
Take Nobody's Word For It.
Why now? How does Microsoft change anything? It was time to consider more secure alternatives from day zero!
God, root, what is difference ?
The only thing I use Skype for is to talk to my litle boy who lives with his psycho...er..um, I mean mother in Finland (step-dork works for an American company there) and to talk to my oldest son who lives in Kentucky. No high security stuff there. Younger son talks about who he has "pwned" in HALO. Older son talks about married life and jobs stuff... So, if they have to listen in on that...then, as my teen daughter would say, "It's like, whatever"
But if you're calling someone else who's also using the internet, it shouldn't require anything more than software running on the two end machines, with strong end to end encryption
That works well right up until someone wants to set up a firewall and/or NAT between the two end machines...
http://blog.nexusuk.org
What do you mean, change? I never used Skype in the first place, _because_ it's an obscure binary blackbox.
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
4 8 15 16 23 42
- Mike
When asked repeatedly a Microsoft spokesperson refused to confirm or deny that Skype conversations [could be monitored]
Skype was just purchased by Microsoft. This is a wild guess, but the software may not be well written, and MS may still have some hard time to figure out what it does exactly, and where. The MS guy may just have answered out of incompetence.
Slashdot, fix the reply notifications... You won't get away with it...
Of course it isn't secure in that sense. Of course your calls can be monitored and recorded.
If that is not the case then Microsoft are in breach of US laws regarding telecommunications (some brought in over recent years under the banner of national security, some that have been around longer).
If calls could not be monitored when they bought Skype, they will have changed that soon after, or if they still haven't sorted that yet they will be actively working towards that goal as we speak. Whether the law is right to expect this is a completely different discussion, MS and legal entities like them do not have the luxury of ignoring that law just because doing so might upset their customers (after all if they could get away with ignoring those regulations, what else might they try the trick with?).
tl;dr: No, it isn't truly secure. I'm, not sure why people thought it might be.
Can anyone tell whether Skype, Jitsi or any other similar service now works w/ IPv6? From what I understand, these sort of applications require end to end connectivity, and since it's increasingly rare in cases of IPv4, I was wondering how they are w/ IPv6. Any idea?
"Citing âoecompany policy,â Skype PR man Chaim Haas wouldnâ(TM)t confirm or deny, telling me only that the chat service âoeco-operates with law enforcement agencies as much as is legally and technically possible.â"
Well, what do you expect? He is a PR person. He can't answer that question, unless the legal department has told him what answer to give. And we haven't actually seen the exact question that was asked and the devil could very well be in the details. Slight difference in questioning might give completely different answer.
Just as an example: The headline here says "Microsoft won't say if Skype is secure or not". The summary asks whether Skype conversations [could be monitored]. The article headline asks whether Skype can eavesdrop on your conversations. These are three different questions within five minutes, so we cannot possibly know question the PR man refused to answer. My guess: None of those three.
and pay no attention to that man behind the curtain.
NSA whistle blowers warn that the US government can use surveillance to 'see into your life'
Just knowing who you're talking to can be all the info they need.
http://xkcd.com/1085//
Most of time noone cares what you have to say
When someone cares they will have the means to listen in
http://xkcd.com/538//
If you think companies are going to let all their systems talk to the internet at large just because they use IP6 then you're off with the pixies. Its almost certain that most corps will limit ip6 devices to link local only addresses and use some form of address translation as a "security" measure. The only thing IP6 will gain us is huge increase in general network complexity.
IMHO Microsoft is ruining skype! Skype has overall degraded in quality would not dail on my android phone and from my computer the voice & video is choppy. My internet has not changed.
I don't use Skype, but I assume they are not happily wasting bandwidth. I'm pretty sure the audio is being reinvited whenever possible (meaning it's just signalling going between you and the skype server, and it just tells you the IP of your peer, and you send your media straight over there through RTP.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
To...what?
Last time i looked for an alternative, the only thing I could find was a crappy HP knockoff.
What do I know, I'm just an idiot, right?
Apparently MS got the go ahead to drive users who care to Jitsi. This way they know where to listen for the good stuff.
The problem is doing it properly yourself requires at least a basic understanding of networks (so you can find the IP addresses involved, let stuff through the firewalls or NATS involved etc) and crypto (so you can manage keys without letting the software do it for you).
While using centralised software is as easy as installing a program and creating an account with a username and password.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
Stop with this nonsense.
Jitsi is not a real alternative for grandma and grandpa.
I'm a big retard who forgot to log out of Slashdot on Mike's computer! LOOK AT ME.
Like my facebook account, i don't publish info i don't want strangers to know... And i don't care is someone see me or hear me saying to mi gf "i love you" over Skype... it's very simple ppl, you don't want your info open? well..leave it at home...
And no, we will not switch to your unheard-of, no-name, pet-fav, video conferencing software. Definitely not because some guy from the tor project said we should.
Standards. They were written for some reasons!!!
There are already standards for handling VoIP calls: :-P) :-P).
- SIP, The Jingle part of XMPP (and H323 althoug it's more akin to "ISDN-over-IP"
(and basically SIP and Jingle are just fancy protocols to open a RTP media connection between two peers).
Anything software supportin SIP or Jingle can call any other software supporting it.
You could be using Jitsi and I could be using Pidgin and you could still talk over VoIP (over a RTP connection to be precise
Or we could use any other software SIP or Jingle (like Ekiga, Twinkle, Goolge's GTalk client, psi, etc.) or we could be using an actual hardware phone which support SIP (there are SIP IPphones in enterprises, there are SIP phone wireless over Wifi for home use, there are SIP application for Android phone, etc), or we could even be using one of these fancy modems with SIP telephony support and connect it with any DECT wireless phone or plug any wired POTS into it (for exemple we have a Fritz! modem with my housemates).
- There are already NAT traversal solutions beside skype (which use Kazaa's NAT traversal if I remember correctly).
The current top of the best is ICE which combines several older techniques (STUN, UPnP, TURN, relay servers) and is widely supported.
As long as your software supports ICE (as most of them currently do) you can call or get called behind a NATed router.
(I think virtually any modern VoIP client support some NAT traversal and lots support the full ICE standard spectrum).
- There are way to implement complete end-to-end encryption over an RTP connect and ways to detect for a Man-in-the-Middle attack/eavesdroping.
SRTP (for encryption) and ZRTP (for key exchange).
And by complete I mean anything leaving your trusted part is completely encrypted and is only decrypted when arriving at the destination PC.
It's not a black box like Skype, it's opensource that can actually get audited for bugs/exploits/backdoors.
And again as it is a standard, any ZRTP/SRTP software can communicate with any other.
Jisti to Twinkle just to give a possible combination.
- For accounts there are a lot of providers, including very well known.
If you have a Google account, you can connect to the GTalk XMPP server (and on Windows, you can even install a plugin to do VoIP from within their web application, without even needing an actual Jingle client - though it doesn't support encryption for obvious reasons).
If you have a Facebook account, you can connect to their XMPP gateway (and probably even manage to do VoIP as long as both ends use a Jingle-compatible software - I don't think Facebook's voice applet is bridged over their XMPP gateway)
So you don't even *need* to ask anyone opening some new account. Most of the people you know probably have some account that they can already use.
- For interconnecting with regular networks: there are tons of providers with various prices and conditions.
There's much more choice and diversity than Skype only SkypeIn/SkypeOut paid sevice.
But okay, it's a minor inconvenience, because encryption doesn't work for obvious reasons.
So in short, moving out of skype has nothing to do with starting to use just one obscure software that nobody has ever heard about.
It's just about using the standards that the rest of the world (the non-Skype part) are using wiht any software of your liking.
Our families all use Skype and it works fine.
Some of them use Google, which means they can start communicating securely with you simply by installing any Jingle/ZRTP software and login with their GMail/GTalk credentials (Jitzi is just a random example, cited because Tor's creator recommends it).
Same with any other service that provides XMPP
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Well and that's the small advantages of living in a true direct democracy.
Under those circumstance, the majority of the population *has* voted for it/against it.
In Switzerland, for example, there is no law forcing VoIP providers to cooperate with police. For such a "Mandatory backdoors" law to exist, it would need to get voted by the population.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
If I was going to be discussing anything which I felt required ANY level of security, I sure as hell wouldn't use Skype or any other centralized service.
Appart for a few basic log-in/bootstraping stuff, skype is NOT centralized. It's distributed and the traffic is either peer-to-peer or goes through a random supernode.
The problem of Skype isn't that it's centralized or not. (In fact, its pretty much possible to get some privacy even in the case of a centralized structure - in fact thats what the OTR plugin provides for text chat in Pidgin, Adium and the like put a layer of end-to-end encryption above anything).
The problem of Skype is that even its encryption layer is a blackbox. You can't have a guarantee that it is end-to-end. It might be that it uses some key encryption system for which Microsoft could give the private key if asked to. And then the encryption key of any intercepted data could be easily obtained with the private key and the data recovered.
The encryption layer it self, and anything staying above it (the interface) should be auditable.
But then again, I'm not going to go through the effort of setting up a highly secured comm channel just so I can hurl insults at the people who are shooting me in the back instead of laying down covering fire.
But you should. Not that your insults need to be protected from eavesdropping. But because for encryption to be really efficient, it needs to be pervasive.
If people only use occasionally encryption, when they need privacy, the use of encryption it self is an information. (Encryption = Hey he's speaking about something he doesn't want to know. I bet there is some material to blackmail him / to threaten him)
If everybody uses encryption always, there's no way for BigBrother to tell if you're discussing about bank account numbers, embarrassing personal history or political opinion which aren't inline with the ruling dictator, or if you're simply shouting insults about your raid teammate's genitalia or calling your grilfriends mushy names.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
OTR for text works with skype because skype just take text input and sends it as-is over its network. It doesn't make any difference if you're typing cleartext into skype's window. Or if Pidgin is sending OTR-encrypted text over the skype adaptor-plugins to skype.
Skype will transmit "Hello World!" as wel as "Uryyb Jbeyq!"
The problem is that Skype doesn't work that way for Audio and Video. Skype expects to receive plain Audio and Video from the webcam and then process the media stream it self (lossy compression and then encryption).
So Skype needs to receive regular video actual images in it and audio streams with actual sounds in it, you can't feed it with pre-encrypted streams like OTR does for text.
From that point on 2 solutions:
- You try to use some kind of analogue encryption (which produce an audio/video stream as output) and the "encrypted stream" will get compressed and sent.
But nowadays, with the available processing power, it's almost trivial to break an analogue encryption on the fly. (Nagravision for example).
- you use a modern very high performance compression, a modern encryption, and the encode the results in a form which could be fed to Skype as an audio/video feed (for example: send the data as video of QR codes, and modulate the audio data stream into a soundwave). But given the lossy nature of Skype's own audio/video processing, the resulting bitrate is going to be catastrophic.
At that point it's much more easy to simply install any SIP or XMPP/Jingle capable software, which can also do ZRTP/STRP encryption on its RTP streams.
the mentionned Jitzi is one solution, but as all these are standards (SIP, XMPP, Jingle, RTP, SRTP, ZRTP) any other software could do the trick and interoperate.
(You could be using jitzi, and i could be using twinkle. but as both support zrtp and sip, we could still get a secure end-to-end channel).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Yes, you can wrap Skype (at least for text) there's an API for that (well several different APIs actually: you can do it directly, over DBus or over network).
Text is wrapped as is. (Skype will send and receive any arbitrary text string it is asked to).
For Audio the situation is slightly different: Skype will start its own window, and will get its audio stream from the sound system. Feeding audio from another software would require fumbling around with the audio routing framework of your operating system (like pulseaudio in most modern Linux distributions).
Pidgin is a possible solution (and other software using the same backend like Adium or Telepathy) :
- pidgin supports among other open standards like XMPP and Jingle.
- you and your relative can log using their Google Talk credential and chat with any one else using XMPP. (Facebook chat credential, but due to the way Facebook's XMPP gateway works, they can only reach other Facebook Chat users. Not arbitrary XMPP users).
- as pidgin supports Jingle (and ICE for NAT traversal), you can also call people that way.
- pidgin has also a nice 3rd party plugin done by eion robb which can wrap skype.
Contacts are shown in the pidgin contact list. And due to how pidgin works, you can bind contact from several networks as a single buddy.
Text directly shows directly in the pidgin chat window (and are grouped by buddy. You can seamlessly jump from GTalk to Skype, etc.)
Skype launches its own calling window when voice or video calling.
- for text encryption you can install the OTR plugin. If both ends have OTR (no matter on which software) text message will be encrypted end-to-end, no matter on which network (so you can even force end-to-end encryption for text messages on Skype if both ends use OTR above a wrapped skype).
The only draw back is that Pidgin doesn't support ZRTP encryption for Video and Audio yet, unlike the suggested Jitsi.
So currently Pidgin is okay for your idea to move progressively people to another software which also supports open standard. But it's not okay if you want to secure your privacy (the needed part of the standards aren't supported yet).
I don't know about Telepathy, though (it uses a different set of libraries for chat in addition of Pidgin back-end).
Jitzi does do ZRTP encryption for Video and Audio, supports standards (XMPP and SIP, for example) and even reverse engineered protocols (MSN, etc.)
But nobody has written a Skype wrapper for it, as far as I know.
But its just a question of developer time:
- there are already opensource ZRTP implementations, so it's not über hard to add support for ZRTP into Purple (Pidgin/Adium's back-end)
- skype API is well documented and there's even the source code of the purple plugin as an example, so it's not über hard to implement Skype wraping on Jitzi.
With SkypeKit (the newer API to acess the Skype network. Basically just a library instead of wraping the whole Skype in background) the situation is slightly more complicated due to its licensing (according to Eion Robb - no easy way to integrate into opensource).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
For me, the main reason I do not have Skype on all the time is because my computer already runs too many things in the background as it is.
From experience: skype doesn't use that much ressource when running in the background.
(I'm running Pidgin on Linux with the purple-skype wrapper plugin).
Also, my computers make poor dedicated phone devices. So to me, Skype does not replace the cell phone in my pocket. And my long distance phone bills also are not very high to begin with, so it's not like I even need to bother with that kind stuff.
And the Cellphone could be easily running a standard SIP or XMPP/Jingle client (for example, there are such applications of android. But as the protocols are standards, apps could be developed for anything with enough processing power).
it combines the cellphone's nice form factor, with all the advantages of VoIP using an open protocol.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Can all the alternatives solemnly promise me that they're secure too?
If they use open source code to implement open standard, they are much more easy to audit.
You might not be able to do it yourself, but with enough other eyeballs looking at it you can guess that problem will be easier to spot.
You could even start crowded funding (say, Kickstart) to get knowledgeable experts paid to review the code.
That's not possible with closed black-boxes like skype.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]