To make a simple call, it's almost as if Skype sets up 10-plus proxy servers to make its own virtual telephone...
network. Is it safe to have that many connections?
A telephone company or VoIP provider uses its own centralized servers, and the company is then responsible for keeping the servers up and running. To keep a connection alive, it's sufficient to establish a single connection to the business-managed server.
Skype, however, is a peer-to-peer service that uses a distributed network of "supernodes" to facilitate communication throughout the world.
Skype's supernodes are simply other Skype users that have public IP addresses. When they connect to Skype, the network chooses them to be a supernode and then takes advantage of their bandwidth and computing resources to serve other Skype users. This "volunteerism" is allowed under the terms of the Skype user agreement. Using volunteer systems introduces reliability concerns. The owner of such a system may turn it off or disconnect it from the network at any time. Therefore, you may need to connect to more than one supernode to facilitate your communication. There's also the possibility that your system has been "volunteered" as a supernode, an action that could cause your system to begin routing calls for other Skype users on the Internet.
I've loaded my response with "maybes" and "possibilities" because Skype is a proprietary, closed-source tool, and its creators do not publish the technical details of their protocol. This is one of my biggest problems with Skype; I simply don't like the idea of accepting an agreement that allows someone else to use my computer, but does not disclose the precise details of what's happening. For a detailed look at the potential security risks that applications like Skype pose to both the client and the enterprise, I recommend reading my tip, Skype: Its dangers and how to protect against them.
- Learn what the recent Skype outage revealed about VoIP security.
- Check out SearchSecurity.com's VoIP Security Learning Guide.
Dig Deeper on Network Device Management
Related Q&A from Mike Chapple
The PCI SSC extended the deadline for organizations to update TLS encryption standards before announcing PCI DSS 3.2. Expert Mike Chapple examines ...continue reading
Biometric security systems come with many advantages, but do they also come with many regulations? Expert Mike Chapple discusses biometric ...continue reading
A recent FTC lawsuit against Wyndham Hotels highlighted concerns for enterprises that have suffered a data breach. Expert Mike Chapple discusses the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.