Does Skype's Windows update story fly?
VoIP service claims Microsoft patches triggered outage, but the facts don't add up, say outsiders
Computerworld - Analysts and rivals today said they were dubious of Skype Ltd.'s explanation that the voice-over-IP service's 48-hour outage was triggered by restarts after Microsoft's monthly security updates were delivered.
"Why this particular Tuesday?" asked Doug Williams, an analyst with JupiterResearch. "That doesn't really fly."
Skype's blackout -- which began Wednesday around midnight, Pacific time, and ended late Friday -- was caused by a software glitch provoked, said Skype, by machines rebooting after they had applied updates to Microsoft Corp.'s Windows operating system.
"The disruption was triggered by a massive restart of our users' computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update," Skype said in a statement posted this morning.
"I'm leery of that explanation on two counts," said Aron Rosenberg, chief technology officer of SightSpeed Inc., a Berkeley, Calif.-based VoIP competitor to Skype. "First, the timing of the patches."
Although Microsoft rolls out its monthly security updates before noon, Pacific time, on Patch Tuesday, those updates are by default downloaded and installed at 3 a.m. local time, often over a period of a day or two. "At the very least, then, systems would have rebooted time zone by time zone, not all at once," saiRosenberg said.
However, there may be a connection to the 3 a.m. default reboot. According to Skype's statistics, the outage began sometime between Wednesday at 10:30 p.m. and 3:05 a.m. Thursday, PDT. Between those two data points, the number of connected users dropped by 50%.
Second, said Rosenberg, is the fact that Microsoft has been releasing its security fixes on the second Tuesday of each month since October 2003. If the problem was triggered by Windows Update, as Skype claimed, why hadn't it happened before?
While he scoffed at Skype's excuse, Rosenberg also noted that the service's infrastructure may make it vulnerable to problems experienced by a minority of systems on the network. Like the Kazaa music file-sharing network, which was created by the same pair who founded Skype -- Swedish engineer Niklas Zennstrom and Danish entrepreneur Janus Friis -- the VoIP service uses "supernodes" to detect online Skype users, establish connections between users, and help route traffic. The supernodes, which are computers that Skype identifies as having surplus Internet bandwidth and processor cycles, serve as the directory servers and traffic cops of the network. If too many go offline in a short time -- whether from restarts or simply by being switched off -- Skype could suffer.
Skype's explanation hinted as much. "Normally Skype's peer-to-peer network has an inbuilt ability to self-heal," said spokesman Villu Arak in this morning's statement. "However, this event revealed a previously unseen software bug within the network resource allocation algorithm which prevented the self-healing function from working quickly."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts