Skype Finalizes Its Move To the Cloud; To Kill Older Clients -- Remains Tight Lipped About Privacy (arstechnica.com)

← Back to Stories (view on slashdot.org)

Skype Finalizes Its Move To the Cloud; To Kill Older Clients -- Remains Tight Lipped About Privacy (arstechnica.com)

Posted by msmash on Wednesday July 20, 2016 @02:45AM from the curious-case-of-Skype dept.

When it was first created, Skype network was built as a decentralized peer-to-peer system. PCs that had enough processing muscle and bandwidth acted as "supernodes," and coordinated connections between other machines on the network. This p2p system was generally perceived as being relatively private, a belief that has since been debunked. There were several technical challenges, which led Microsoft to move most of Skype's operations to the cloud. Ars Technica is reporting that the company has finalized the switch. From the article: Microsoft has developed a more conventional client-server network, with clients that act as pure clients and dedicated cloud servers. The company is starting to transition to this network exclusively. This transition means that old peer-to-peer Skype clients will cease to work. Clients for the new network will be available for Windows XP and up, OS X Yosemite and up, iOS 8 and up, and Android 4.03 and up. However, certain embedded clients -- in particular, those integrated into smart TVs and available for the PlayStation 3 -- are being deprecated, with no replacement. Microsoft says that since those clients are little used and since almost every user of those platforms has other Skype-capable devices available, it is no longer worth continuing to support them.The issue, as the report points out, is that Microsoft is strangely not talking about privacy and security concerns. The article adds: The Ed Snowden leaks raised substantial questions about the privacy of services such as Skype and have caused an increasing interest in platforms that offer end-to-end encryption. The ability to intercept or wiretap Skype came as a shock to many, especially given Skype's traditionally peer-to-peer infrastructure. Accordingly, we've seen similar services such as iMessage, WhatsApp, and even Facebook Messenger, start introducing end-to-end encryption. The abandonment of Skype's peer-to-peer system can only raise suspicions here.Matthew Green, who teaches cryptography at Johns Hopkins, said: "The surprising thing here is not that Microsoft can intercept Skype calls (duh) but that they won't just admit it."

5 of 74 comments (clear)

Min score:

Reason:

Sort:

Patent Admission by 3vi1 · 2016-07-20 03:01 · Score: 5, Informative

Not only do they wiretap your Skype calls, they patented it: http://appft1.uspto.gov/netacg....
Re:Peer to Peer suspicous? by UnknownSoldier · 2016-07-20 03:06 · Score: 3, Interesting

> Am I the only one who considered the old Peer to Peer mode of Skype suspicious?
No. When the Skype client relies heavily on obfuscation it SHOULD be extremely suspicious!
* http://www.oklabs.net/skype-re...

Skype (almost like every P2P network) has its particular P2P architecture. It had to be adapted to the network uses. For example, unlike the P2P Kazaa network, designed for file sharing, the Skype network had to be optimized to transfer data in real time, where Kazaa network transfers data stored on nodes. In addition, Skype network still includes centralized networks entities, because unlike Kazaa network, Skype protocol had to implement user secured authentication, dynamic contacts lists management and ensure privacy.
The Skype user directory is entirely decentralized and distributed among the nodes in the network, which means the network can scale very easily to large sizes without a complex and costly centralized infrastructure.
If M$ kills off Skype 6.20 then it will be time to migrate to something else that is open source and doesn't have known backdoors.
* https://news.ycombinator.com/i...
Proprietary means no security by 110010001000 · 2016-07-20 03:17 · Score: 5, Informative

The Skype protocol is proprietary. No one has any idea if it is secure or not. Therefore it isn't secure. Support open standards and protocols.
Re:Skype was never perceived as secure by AmiMoJo · 2016-07-20 03:20 · Score: 5, Insightful

This is just a PR move. Everyone interested knows that Skype is insecure and can be tapped on demand by Microsoft and certainly many other groups. It's just that if they admit it the mainstream media will run stories about it, and damage the Skype brand. As long as they refuse to confirm or deny there is no story.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Is free software in this realm? by greenfruitsalad · 2016-07-20 04:07 · Score: 5, Informative

slashdot should have a bot to do this: for the millionth time, there is NO free (as in beer) FOSS jabber server that supports all the necessary XEPs for reliable message delivery on mobile devices (devices with frequent network dropouts, IP changes, packet loss). PAID version of ejabberd is the closest you can get to reliable xmpp message delivery.
and 2nd of all, there are almost no xmpp clients that support the said XEPs. last time i checked, there were only 2 somewhat equipped for it. one is discontinued, the other one is Conversations. again, Conversations isn't free (as in beer). it used to be on fdroid too but i can't find it there anymore.
for those interested, to have reliable xmpp communication on a mobile device, you need at the very least - xep-198, xep-280, xep-313
xmpp is overly complicated, stupid (xml), doesn't reflect current user requirements (mobile devices) and speed of its evolution is hampered by the massive number of stakeholders.