To make a simple call, it's almost as if Skype sets up 10-plus proxy servers to make its own virtual telephone...
network. Is it safe to have that many connections?
A telephone company or VoIP provider uses its own centralized servers, and the company is then responsible for keeping the servers up and running. To keep a connection alive, it's sufficient to establish a single connection to the business-managed server.
Skype, however, is a peer-to-peer service that uses a distributed network of "supernodes" to facilitate communication throughout the world.
Skype's supernodes are simply other Skype users that have public IP addresses. When they connect to Skype, the network chooses them to be a supernode and then takes advantage of their bandwidth and computing resources to serve other Skype users. This "volunteerism" is allowed under the terms of the Skype user agreement. Using volunteer systems introduces reliability concerns. The owner of such a system may turn it off or disconnect it from the network at any time. Therefore, you may need to connect to more than one supernode to facilitate your communication. There's also the possibility that your system has been "volunteered" as a supernode, an action that could cause your system to begin routing calls for other Skype users on the Internet.
I've loaded my response with "maybes" and "possibilities" because Skype is a proprietary, closed-source tool, and its creators do not publish the technical details of their protocol. This is one of my biggest problems with Skype; I simply don't like the idea of accepting an agreement that allows someone else to use my computer, but does not disclose the precise details of what's happening. For a detailed look at the potential security risks that applications like Skype pose to both the client and the enterprise, I recommend reading my tip, Skype: Its dangers and how to protect against them.
- Learn what the recent Skype outage revealed about VoIP security.
- Check out SearchSecurity.com's VoIP Security Learning Guide.
Related Q&A from Mike Chapple
The updated HITRUST Common Security Framework allows organizations to manage privacy, security and compliance with one framework. Here's how it works...continue reading
A HIPAA audit covers privacy compliance, and organizations need to be prepared. Expert Mike Chapple discusses privacy in the audits.continue reading
A data breach warranty may seem like a tempting way to survive a costly attack, but it may not be all it's hyped up to be. Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.