Skype: Let us face the criticism
Skype is definitely one of the biggest VoIP providers, but scrutinizing closely, there are certain areas that the Company needs to work on.
Skype uses a proprietary protocol, instead of an open standard like H.323, IAX, or SIP. This makes it impossible for other providers to interact with the Skype network. There are of course clear business reasons for this, since it helps protect the SkypeOut revenue stream from competition.
SkypeOut can be more expensive as its rates are based per minute. In some countries, many calls are charged at a specified fixed amount per call. For example in the UK, BT on its standard residential tariff charges 5½p for a 60 minute off-peak national call, whereas Skype charges 72p (€1.02).
Another criticism of Skype has been content filtering. Also, there is no Skype version for the Palm OS which is widely used in mobile devices.
A design limitation of Skype is that, if given access to an unrestricted network connection, Skype clients can become supernodes. These supernodes hold together the peer-peer network and provide data routing for those behind restrictive firewalls. Unfortunately, these supernodes can generate a significant amount of bandwidth. For this reason some network providers, such as universities, have banned Skype.
Analyzing the security and methodology of Skype, certain issues were noted:
* Heavy use of anti debugging techniques (typically found in malware)
* Heavy use of obfuscation of code
* Keeps chatting on the network, even when idle (even for non-supernodes)
* Lack of privacy (Skype has the keys to decrypt sessions)
* Heap overflow in Skype
* Skype makes it hard to enforce a (corporate) security policy
* There is no way to know if there is/will be a backdoor