Skip the navigation

Does Skype's Windows update story fly?

VoIP service claims Microsoft patches triggered outage, but the facts don't add up, say outsiders

August 20, 2007 12:00 PM ET

Computerworld - Analysts and rivals today said they were dubious of Skype Ltd.'s explanation that the voice-over-IP service's 48-hour outage was triggered by restarts after Microsoft's monthly security updates were delivered.

"Why this particular Tuesday?" asked Doug Williams, an analyst with JupiterResearch. "That doesn't really fly."

Skype's blackout -- which began Wednesday around midnight, Pacific time, and ended late Friday -- was caused by a software glitch provoked, said Skype, by machines rebooting after they had applied updates to Microsoft Corp.'s Windows operating system.

"The disruption was triggered by a massive restart of our users' computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update," Skype said in a statement posted this morning.

"I'm leery of that explanation on two counts," said Aron Rosenberg, chief technology officer of SightSpeed Inc., a Berkeley, Calif.-based VoIP competitor to Skype. "First, the timing of the patches."

Although Microsoft rolls out its monthly security updates before noon, Pacific time, on Patch Tuesday, those updates are by default downloaded and installed at 3 a.m. local time, often over a period of a day or two. "At the very least, then, systems would have rebooted time zone by time zone, not all at once," saiRosenberg said.

However, there may be a connection to the 3 a.m. default reboot. According to Skype's statistics, the outage began sometime between Wednesday at 10:30 p.m. and 3:05 a.m. Thursday, PDT. Between those two data points, the number of connected users dropped by 50%.

Second, said Rosenberg, is the fact that Microsoft has been releasing its security fixes on the second Tuesday of each month since October 2003. If the problem was triggered by Windows Update, as Skype claimed, why hadn't it happened before?

While he scoffed at Skype's excuse, Rosenberg also noted that the service's infrastructure may make it vulnerable to problems experienced by a minority of systems on the network. Like the Kazaa music file-sharing network, which was created by the same pair who founded Skype -- Swedish engineer Niklas Zennstrom and Danish entrepreneur Janus Friis -- the VoIP service uses "supernodes" to detect online Skype users, establish connections between users, and help route traffic. The supernodes, which are computers that Skype identifies as having surplus Internet bandwidth and processor cycles, serve as the directory servers and traffic cops of the network. If too many go offline in a short time -- whether from restarts or simply by being switched off -- Skype could suffer.

Skype's explanation hinted as much. "Normally Skype's peer-to-peer network has an inbuilt ability to self-heal," said spokesman Villu Arak in this morning's statement. "However, this event revealed a previously unseen software bug within the network resource allocation algorithm which prevented the self-healing function from working quickly."



Our Commenting Policies