How dangerous is Skype?
Skype expert Michael Gough examines the top five security misconceptions
Computerworld - There's been a lot information -- and misinformation -- available about whether Skype is dangerous to corporate networks and individual users. How dangerous is it? In this article, I'll separate the truth from the myths when it comes to Skype vulnerabilities.
Understanding Skype's basic architecture
Skype is a peer-to-peer (P2P) application, meaning that users connect to one another directly and not through a central server for communication. Skype initially uses Internet-based servers to authenticate users when they log in and to track their status, but when a "chat" or instant message, "voice call" or "file transfer" is initiated, the parties involved in the communication do so in a P2P direct connection. If one or both of the users are behind a typical corporate Network Address Translation (NAT) firewall, the communication can be relayed through a Supernode because a direct P2P can't be established behind a NAT. In the case of a file transfer, you will see a message indicating your transfer is being relayed.
One of security professionals' primary concerns about Skype are it's so easy for a Skype client to find a way around a secure corporate firewall configuration. Skype does this by using ports 80 and 443, which are open in most firewalls to allow Web browsing. In addition, Skype may reroute traffic if the initial port assigned during the Skype installation isn't available. This makes blocking Skype at a firewall more difficult since the ports Skype uses can change as needed.
Skype also encrypts each communication with a unique AES 256-bit encryption key, meaning each communication will use a different key each time you communicate, making eavesdropping communications almost impossible.
One more thing to keep in mind about Skype security is its Supernodes, which route Skype traffic. A Supernode is a computer with a specific configuration that must have a direct connection to the Internet and can't be behind a firewall using NAT. And they must have a "real" public routable IP address. Beyond those restrictions, these Supernodes can be any Skype user computer that meets the minimum hardware and configuration requirements.
There's a lot more you can learn about Skype's security architecture. For details, visit the Skype Security Resource Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Using VM Archiving to Solve VM Sprawl This CommVault whitepaper discusses how archiving virtual machines can mitigate VM sprawl with a comprehensive approach to VM lifecycle management.
- Hedge Your Bets This report explains how visibility and increased governance is key to reducing risk.
- Face Time Anytime Real-time communications facilitates team collaboration from nearly anywhere in the world. With facts and figures you can use to justify an investment
- Alert Logic: Leader in Forrester Wave evaluation of emerging MSSPs In this paper Forrester shares the results of their 15-criteria evaluation of the top ten emerging players in the MSSP market.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Network Circulation Improve Network Circulation -- increase efficiency, reduce latency and enhance user experience on both wired and wireless networks with a network optimization solution...
- Redefine Your IT Operations: Remote Office IT Has Never Been Simpler Join us to see why PC Pro named Dell PowerEdge VRTX the "2013 Server of the Year." PowerEdge VRTX may be just what... All Networking White Papers | Webcasts