Skip to the Main Content

Note:These pages make extensive use of the latest XHTML and CSS Standards. They ought to look great in any standards-compliant modern browser. Unfortunately, they will probably look horrible in older browsers, like Netscape 4.x and IE 4.x. Moreover, many posts use MathML, which is, currently only supported in Mozilla. My best suggestion (and you will thank me when surfing an ever-increasing number of sites on the web which have been crafted to use the new standards) is to upgrade to the latest version of your browser. If that's not possible, consider moving to the Standards-compliant and open-source Mozilla browser.

September 17, 2004

Skype

Skype Logo (green)

… rhymes with hype. Yes, the bête noire of VoIP from the folks who unleashed KaZaA.

I downloaded the MacOSX client, and bought myself 10€ worth of SkypeOut credits. Calls to other skype users are free. Calls to POTS phones in North America, Western Europe, Australia and Chile are 0.017 €/min. Israel is 0.026 €/min and, should I ever feel the need to call (say) Angola, the price is a mere 0.142 €/minute.

My first act was to call my sister in California, whose reaction was that I sounded like I was talking over SpeakerPhone. Since I was using the built-in microphone in my laptop, that was an accurate assessment. Then I invested1 in a BlueTooth headset. The audio quality is fantastic, and I can use it from across the room.

Wireless headset

“Free?” I hear you say. “How do they intend making money?” Indeed, the Skype Technologies business model seems a bit dodgy. Granted, the peer-to-peer nature of the skype network (a legacy of its P2P filesharing heritage) keeps their costs very low. They don’t need to maintain a server infrastructure that a centralized VoIP network would require. Still, their costs are nonzero and the only revenue stream I see is the 10 or 20 € that people shell out for SkypeOut credits. But surely these prices are pretty close the cost of peering with PSTN. Moreover, after you’ve called your friends in Australia a few times, they may get the idea and download skype too; thereafter, you talk for free. How does Skype Technologies intend to make money? Perhaps they’re relying on the slightly obscure provision that your remaining SkypeOut credits expire 180 days after your last credit purchase. If you want to maintain the ability to make SkypeOut calls, you need to shell out a minimum of 20 €/year, even if your actual usage is much less. And there’s talk of rolling out other “premium” services, like voice-mail, at additional cost. But, however you slice it, this is by far the cheapest deal on long-distance you can find anywhere. You have to marvel at their cost structure, if they can make a profit under these conditions.

Another thing I wondered about is the encryption. Skype-to-skype calls use 256-bit AES encryption. To exchange AES session keys, skype uses 1536 to 2048 bit RSA public key encryption. But how do the two skype clients verify each others’ public keys? The FAQ says, “User public keys are certified by the Skype server at login.” The skype client allows you to login as any skype user. Presumably that means that the RSA key-pair cannot be stored locally. Does that mean that the client generates a new key-pair each time you login? Does anyone know how it actually works? Such questions would be all laid to rest if, like any good encryption product, skype were open-source, but it ain’t…

One of the virtues of skype, inherited from KaZaA and its P2P brethren is that it “just works,” even from behind a NAT router or firewall. The way it does this is to cheat. Skype uses port 80 (http) and port 443 (https), which are almost never blocked by even the most assiduous of firewalls. Clients behind NAT routers typically can’t accept incoming connections. So skype relies on “supernodes,” clients on the open internet which can accept incoming connections, to relay traffic between those clients which cannot.

Usurping a well-known port for a totally-different protocol is not good sportsmanship. And it limits the usefulness of the program. Obviously, machines behind firewalls or NAT routers can’t become supernodes. Neither can the MacOSX or Linux clients; not being SUID-root, they can’t bind to a privileged port. Nor can a Windows machine running a web server. This artificially limits the pool of potential supernodes, making the skype network less robust than it could be.

Skype could have used a distinct high-numbered port2 (like any other new application). Most firewalls allow outbound connections to high-numbered ports. Only in a small fraction of cases – those with really draconian firewalls in place – would using a high-numbered port have prevented skype from working. And those are the cases where the IT managers probably have a good reason for firewalling those outbound connections. By masquerading as http(s), all you do is piss off your IT managers, who probably don’t want skype on their network and will take steps to ban it anyway.

Of course, some will ban skype just because of its connection with KaZaA. CERN bans it from their network and the stated reason seems a little shaky to me. Aside from the unsavoury nature of its cousins, the P2P filesharing programs, I don’t see why skype supernodes would pose an undue burden on the CERN network. It seems to be more of an “It’s the principle of the thing!” issue, than an actual concern about bandwidth or network performance.

Another complaint, voiced in some circles, is that skype doesn’t support the SIP Standard for internet telephony. Well, neither does iChat-AV3 (or AIM) and even the absence of an InstantMessaging Standard has not slowed their uptake. For me, skype-to-skype calls fill exactly the same niche as iChat-audio. Skype has slightly better sound quality; iChat also offers video capability. SIP uses centralized servers for presence and directory information. Skype’s P2P nature (even the user-directory is decentralized) obviates the need for centralized servers. SkypeOut, which presumably does require a server infrastructure (and which, for me, distinguishes skype from iChat and its brethren), doesn’t really need SIP either.

Standards are crucial for interoperability, but that only matters when you have someone you need to interoperate with. Skype has rocketed to the top of the VoIP heap because no one else had offered anything nearly as easy to set up, as high in audio-quality and as cheap to use.

Most of the other players in the VoIP game (both the Telcos and the “upstart” newcomers) seem dedicated to reproducing the “telephone experience” in all its details — from handsets to dialtones to the monthly bill — over the packet-switched internet instead of the circuit-switched PSTN. Skype has reconceived VoIP as a desktop PC application (though many PDAs and even some phones support skype). At the same time, they’ve reconceived what kind of network infrastructure is required to support VoIP.

When skype has some actual competition it needs to interoperate with, adding SIP support shouldn’t be that hard. Me, I’m not particularly worried. Right now, I have some phone calls to make…

1 If you don’t have bluetooth on the motherboard (a BTO option on some Mac models) you’ll need a bluetooth USB adapter. Don’t assume, just because an adapter is “Compatible with MacOSX 10.2 and later” and “Supports the Bluetooth Headset Profile” that it will support the Headset Profile under MacOSX. There’s only one which will, and even that one will only do so after flashing the firmware, thereby rendering the unit unusable on any non-Macintosh machine. So much for “It just works™!”

2 Actually, the MacOSX skype client does listen on port 54045 (both tcp and udp). This wasn’t mentioned anywhere in the documentation. In fact, it looks like skype may use ports 80/443 only when all else fails. Right now, I’m connected to a supernode on some more-or-less random high numbered port.

3 iChat does use SIP for transmitting session-initiation requests, but it doesn’t actually use SIP to initiate the VoIP sessions themselves. Still, nobody complains about the fact that iChat isn’t really SIP-compatible.

Posted by distler at September 17, 2004 5:47 PM

TrackBack URL for this Entry:   https://golem.ph.utexas.edu/cgi-bin/MT-3.0/dxy-tb.fcgi/435



7 Comments & 1 Trackback

Re: Skype

Haha…I just got my first Time Warner Cable ‘Digital Phone’ service offer in the mail last week. Only forty bucks a month, what a steal. And Skype…gotta love those Kazaa folk, if for nothing than being so damn contumacious.

The teleco industries are definately circling Voip. Everyone is angling for the best meat. It will be interesting to see how traditional telecos intend to hold their markets. %speelchekcomments/on%

Posted by: Scott B on September 18, 2004 9:30 AM | Permalink | Reply to this
Read the post To Skype or not to Skype?
Weblog: Evan Nemerson's Blog
Excerpt: What is it?First off, what is Skype (rhymes with hype)? Well according to their web site, Skype is for calling other people on their computers or phones. Basically, it's a VoIP service that uses P2P to enable free VoIP-based calls to other users. Addition
Tracked: September 26, 2004 2:54 PM

Re: Skype

I havent used skype, whois says they are in Amsterdam. There is no telephone contact number available for Skype users with software or account problems and the email based help is poor. My personal issue is that Skype is being used for internet based fraud since VOIP can not be listened in on. I also believe it is very hard to trace a call from Skype. My personal experience is from my credit card information being stilen online on two seperate occasions from an insecure site and massive charges being incured twice on my cards with Skype before I could cancel the cards. After several failed attempts to contact Skype concerning the issue I am left to warning others that perpetrators of fraud are using Skype for unlawfull purposes. the only two email adresses I have found are- ets@skype.net admin@skyper.net

Posted by: Roy on December 15, 2004 12:11 PM | Permalink | Reply to this

fraud

I’m afraid I don’t understand.

Your credit card number was stolen, the perpetrator used it to buy a TV set, and you blame Circuit City?

That’s crazy.

As to contacting Skype, did you try any of the resource on their contact page?

Posted by: Jacques Distler on December 15, 2004 12:24 PM | Permalink | PGP Sig | Reply to this

Re: Skype

At SummitCircle.com I have been collecting links to Skype add-ons, phones and community sites for the past couple of months. I have already collected over 200 links with new links being added every week. I believe that it is this growing list of third party products and services being built up around Skype that will make the real difference.

Louis Philip

Posted by: Louis Philip on May 28, 2005 8:59 PM | Permalink | Reply to this

CERN’s Skype ban

Well if CERN is paying for their bandwidth in increments, I’m sure they’re not that keen on outside companies hijacking it to serve their customers.

It’s like if I asked you if I plug my Air Conditioner on full blast into your outlet for free because you have excess electricity.

Posted by: Mike Brown on June 22, 2006 1:37 PM | Permalink | Reply to this

Re: Skype


http://en.wikipedia.org/wiki/Public_key_encryption

Posted by: Michael on August 11, 2006 11:52 PM | Permalink | Reply to this

Re: Skype

I have never used skype, never even tried. Today I received a spam “billing update” email about my “skype account’ and it apparently does lead to a genuine skype website. I pulled the full headers and went looking for a skype-related abuse contact (all web companies are supposed to have one) and could not find ANY point of contact, indicating that they don’t even care to try to stop other people from using their company as a fraud-front.

Big companies like yahoo, paypal, ebay, and google ALL have abuse email addresses to which you can send copies of the headers of any email and they send an automatic reply “yes this is ours” or “thank you for reporting, this was a phisher and not our email” and then they are able to collect the spam-scam stuff in to a database for whenever they or the authorities decide to go after some thieving idiots.

But Skype does not even try, and given the fact that I have NEVER used that service AT ALL, and they have somehow allowed someone set up an account without giving me ANY means of contact with them, then it seems to me that the owners of Skype are actively aiding and abetting the fraud that is going on with these emails. They cannot claim to be co-victimized with the public. They are co-active with the thieves.

Posted by: DM on April 11, 2008 3:33 PM | Permalink | Reply to this

Post a New Comment