Skip Navigation  |  
    
0
ANU Home | Helpdesk | Staff | Students | Information Services | Library |
The Australian National University
Networks & Communications
Division of Information
DoI Services
DoI Home
Governance and Management
Division of Information Publications
Information Policies
About DoI
Plans and Projects
Forms
DoI Internal
NetComms
Netcomms Home
About Netcomms
Report a Fault
Contact Us
Network
Charges & Statistics
ICN Infrastructure
DNS
Wireless
ANUTV
Telephones
Telephones Home
Telephone Directory
Directory Help
Mobile Phones
SoftPhones/Skype
External Directories
Telstra - White Pages
Telstra - Yellow Pages
Printer Friendly Version of this Document

Pros and Cons of Skype

The user should make themselves aware of the pros and cons of Skype. The University recognises that both sides have valid arguments and is currently developing a software VoIP solution that will deliver the advantages of Skype without the disadvantages.

Cons

  1. Skype’s supernode activity. If a University machine becomes a supernode then that machine’s resources and bandwidth will be used to carry third party traffic not related to the ANU [1]. The relevant area will be charged for this traffic. Carrying 3rd party traffic also contravenes the AARNET Access Agreement.
  2. Skype’s Proprietary Nature. Skype is a closed proprietary software client. The protocols and security used by Skype are unknown and at best “guessed” by those investigating the software client. Due to this there have been multiple concerns in the IT security industry, including:
    • Target for hackers. Skype is purportedly “totally secure” and has a high profile on the internet. This leads to Skype being a “prize” for those interested in and capable of refuting this fact [2].
    • Closed Community. Skype does not use standard signalling protocols such as SIP and H.323 and is therefore incompatible with other software VoIP clients. The ANU is aware that software exists to Transcode Skype calls to the open standard SIP [3, 4]. The addition of such a gateway on the ANU Network will be investigated but is unlikely to be compatible with the current scale of the ANU VoIP Network and equipment.
    • Voice traffic is routed through unknown machines on the internet (supernodes). Currently the Skype encryption is “unbreakable” but this may not be the case for the future. More disturbingly is the fact that as Skype is a closed client, we are unable to tell if the encryption has been broken [2].
    • No peer review. Open encryption schemes, such as AES, have been submitted to rigorous review by industry experts and have been deemed “unbreakable”. Skype has never been through such “open” criticism and review, this disturbs some security experts [2].
    • Rapid spread of malicious files. The closed community (Skype users can only talk to Skype users) and closed encryption and protocols may allow for the rapid spread of virus’ and other malicious content. This has historically been the case for closed communities such as MS Outlook Email client [2, 1].
    • Network Security bypass. The ease with which Skype bypasses network security such as NAT and firewalls, is worrying to IT security experts [2]. Skype supernodes allow a new and different way into networks that hackers can take advantage of [2]. The end-to-end encryption of Skype means users must implement host based security measures to protect against viruses and malware [1].
    • Inability to determine the authenticity of some article on Skype, whether they be for or against. Around 13th July 2006 a rumour that Skype had been reverse engineered was circulated around the internet [5, 6]. These articles were not substantiated and cannot be until software is developed to prove this article correct. The ease with which such rumours circulate and impact Skype can affect users substantially. It should be noted that there are many sources on the Internet that defend Skype’s security [7, 8]. The intent of the information above is to make the user aware of the possible issues with Skype’s security model.
  3. Lack of end-to-end service quality. Currently no service that traverses the Internet can be guaranteed a high service quality, and especially those that cross continents. Guaranteed Quality of Service is possible in a LAN or where agreements between service providers have been reached. Skype crosses the Internet as data and cannot supply the same reliability as current telephony [9].
  4. Skype is not free. Areas must still pay for the off-net traffic that Skype produces. For a normal call this may be acceptable compared to an international call. However if your machine becomes a supernode then a continuing cost of a few dollars a day will quickly add up [1].
  5. Skype requires the Internet to function. Skype requires access to the Internet to function [10]. Other standards based software VoIP clients can communicate without access to the Internet, e.g, X-Lite. This is particularly important for future application of software clients in the ANU wireless and student environment.

Pros

  1. Easy to install and works without much configuration [11]. For example when users have relatives abroad that are not technically literate.
  2. Works behind typical network security devices, e.g. firewalls, NAT [11, 12]. This means users on corporate networks are not required to get IT staff to configure anything for them for Skype to work. The ability to work in most network environments is also good for users that constantly working in different networking environments, e.g., someone on the road.
  3. Call quality is stated to be superior to other computer based VoIP software clients [11, 12]. An IEEE technical article states that Skype has no better call quality then MSN Messenger [13].
  4. Large community. If you use Skype there is a good chance that peers, friends and family will as well.
  5. Popularity. Skype is popular, people know it exists and know it works well for others.
If you have contacted your LITSS and you have been informed by them           
that your local area is protected from Skype supernodes, and you wish to           
proceed with the Skype installation then you MUST follow these instructions

Return to skype policy home page
References

All the below links will open a new window

1. Ukerna and JISC (2006) Skype and JANET March 2006 http://www.ja.net/development/voip/skype&janet.pdf [Last Accessed 13th November 2006]

2. Newton, Tom (2006) Skype: how safe is it? (IN)SECURE Online Magazine Issue 8 pg16-18. http://www.insecuremag.com [Last Accessed 1st October 2006]

3. Uplink Skype to SIP Software Adaptor. http://www.nch.com.au/skypetosip/ [Last Accessed 20th November 2006]

4. PSGw. http://www.rsdevs.com/products.shtml [Last Accessed 20th November 2006]

5. Utter, David (2006) Skype Cracked in China, http://www.securitypronews.com/insiderreports/insider/spn-49-20060714SkypeCrackedInChina.html [Last Accessed 20th November 2006]

6. Paglee, Charlie (2006) Skype Protocol has been Cracked, http://www.voipwiki.com/blog/?p=16 [Last Accessed 20th Novmeber 2006]

7. Berson, Tom (2005) Skype Security Evaluation, Anagram Laboratories.

8. Skype (2006) Skype Guide for Network Administrators (Skype 3.0 Beta) http://www.skype.com/security/guide-for-network-admins-30beta.pdf [Last Accessed 20th November 2006]

9. Uplink Skype to SIP Software Adaptor. http://www.nch.com.au/skypetosip/ [Last Accessed 20th November 2006]

10. Lozano-Gendreau, J.M.; Halabi, Antoun; Choueiri, Maya and Besong, Valery (2006) VoWF (Vo-IP over Wi-Fi), Proceedings of the 16th IEEE Inernational Conference on Electronics, Communications and Computers (CONIELECOMP 2006).

11. Baset, Salman A. and Schulzrinne, Henning (2004) An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol. Department of Computer Science, Columbia University, New York.

12. Skype (2005) Skype Guide for Network Administrators. Version 1.0.1 April 2005 http://www.skype.com/security/guide-for-network-admins.pdf [Last Accessed 20th November 2006]

13. Lisha, Gao and Junzhou, Luo (2006) Performance Analysis of a P2P-Based VoIP Software. Proceedings of the Advanced International Conference on Telecommunications and International Conference on Internet and Wb Applications and Services (AICT/ICIW 2006)
Page last updated: 18 September 2008
Please direct all enquiries to: Contact Email
Page authorised by: manager.netcomms@anu.edu.au
The Australian National University — CRICOS Provider Number 00120C