To make a simple call, it's almost as if Skype sets up 10-plus proxy servers to make its own virtual telephone network. Is it safe to have that many connections?
A telephone company or VoIP provider uses its own centralized servers, and the company is then responsible for keeping the servers up and running. To keep a connection alive, it's sufficient to establish a single connection to the business-managed server.
Skype, however, is a peer-to-peer service that uses a distributed network of "supernodes" to facilitate communication throughout the world.
Skype's supernodes are simply other Skype users that have public IP addresses. When they connect to Skype, the network chooses them to be a supernode and then takes advantage of their bandwidth and computing resources to serve other Skype users. This "volunteerism" is allowed under the terms of the Skype user agreement. Using volunteer systems introduces reliability concerns. The owner of such a system may turn it off or disconnect it from the network at any time. Therefore, you may need to connect to more than one supernode to facilitate your communication. There's also the possibility that your system has been "volunteered" as a supernode, an action that could cause your system to begin routing calls for other Skype users on the Internet.
I've loaded my response with "maybes" and "possibilities" because Skype is a proprietary, closed-source tool, and its creators do not publish the technical details of their protocol. This is one of my biggest problems with Skype; I simply don't like the idea of accepting an agreement that allows someone else to use my computer, but does not disclose the precise details of what's happening. For a detailed look at the potential security risks that applications like Skype pose to both the client and the enterprise, I recommend reading my tip, Skype: Its dangers and how to protect against them.
- Learn what the recent Skype outage revealed about VoIP security.
- Check out SearchSecurity.com's VoIP Security Learning Guide.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Mike Chapple
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading