Category: Skype
-
/
Skype is Having Another Outage Today – Appears Widespread (But May Be Recovering)
Continue Reading: Skype is Having Another Outage Today – Appears Widespread (But May Be Recovering)Skype is experiencing another outage today… to what extent is not clear, but my own anecdotal experience is that it could be large. Skype, of course, is claiming that only “a small number” of users are affected in their only tweet on the subject so far:They also posted this as a blog post on their Heartbeat site. On a side note, I completely agree with Robin Wauters at TechCrunch that it seems silly to say “a small number”:
Companies always say only a small subset of users experience problems when they occur.
I have no clue why they insist on pointing that out like it makes a difference.
Customers are down… and unable to communicate. It doesn’t matter if it is a “small number” if you are one of them!
But I digress… the reality is that this does seem to be a much wider outage than “a small number”:
- the comments to an Engadget article this morning show people all around the world saying Skype is not working for them;
- a Twitter search on ‘Skype’ is FULL of comments of people saying that Skype is down for them;
- my own colleagues at Voxeo are down around the world…
- the comments to an Engadget article this morning show people all around the world saying Skype is not working for them;
-
/
An Older Version of Skype Reverse-Engineered? (And Made Open Source?)
Continue Reading: An Older Version of Skype Reverse-Engineered? (And Made Open Source?)Has a Russian engineer truly reverse-engineered an older version of Skype and made it available on the web as open source?That is what Efim Bushmanov is claiming on his new site:
http://skype-open-source.blogspot.com/
Now, as he notes in his first blog post on the topic, his reverse engineering is based on an older version of Skype and so it’s not clear to me how well it would work with the current Skype infrastructure. He claims, though, that it can send a message to Skype now.
How long the code will remain online is anyone’s guess. As TheNextWeb notes:
It is against the Skype’s terms to reverse engineer its software but both US and European laws state that it is legal if it helps in terms of interoperability, if the technology is also not patented. Whether Skype will be able to force researcher to either remove the files or put pressure on the company hosting them is not fully known.
Meanwhile, I’m sure a good number of folks will be downloading the source code to see what they can learn…
P.S. The Hacker News discussion thread on this topic is also worth a read.
If you found this post interesting or…
-
/
Skype Issues Official Statement About The End Of Skype For Asterisk
Continue Reading: Skype Issues Official Statement About The End Of Skype For AsteriskBefore writing my story yesterday about Skype killing off Skype For Asterisk, I had reached out to Skype’s PR agency to see if there was any statement from Skype. There wasn’t at the time, but today they sent over this statement from Jennifer Caukin, a spokeswoman for Skype:Skype made the decision to retire Skype for Asterisk several months ago, as we have prioritized our focus around implementing the IETF SIP standard in our Skype Connect solution. SIP enjoys the broadest support of any of the available signaling alternatives by business communications equipment vendors, including Digium. By supporting SIP in favor of alternatives, we maximize our resources and continue to reinforce our commitment to delivering Skype on key platforms where we can meet the broadest customer demand.
Being a huge advocate of open standards, I of course applaud Skype’s commitment to supporting SIP. However, as I noted two years ago in my detailed review of what was then “Skype For SIP” (and is now “Skype Connect”) the fundamental difference between Skype For Asterisk and Skype’s SIP offering is this:
Skype For Asterisk is/was two-way – you can make outbound calls TO Skype users.
You can’t do that with Skype Connect.…
-
/
Skype Kills Off “Skype For Asterisk” – A Sign of the New Microsoft Era?
Continue Reading: Skype Kills Off “Skype For Asterisk” – A Sign of the New Microsoft Era?UPDATE: Skype has issued an official statement about the end of Skype For Asterisk. Word breaking out right now from multiple sources is that Skype has killed off the Skype for Asterisk product developed in conjunction with Digium. In an email sent by Digium product management that was subsequently posted on web sites (including Digium’s), the company says (my emphasis added):Skype for Asterisk was developed by Digium in cooperation with Skype. It includes proprietary software from Skype that allows Asterisk to join the Skype network as a native client. Skype has decided not to renew the agreement that permits us to package this proprietary software. Therefore Skype for Asterisk sales and activations will cease on July 26, 2011.
Skype will apparently continue to support the SFA software for an additional two years until July 26, 2013.
The Promise…
Skype For Asterisk was announced with great fanfare back at Astricon in 2008. I wrote about how it might tear down some of the walls of Skype’s proprietary walled garden and posted multiple follow-up posts, including a detailed dive into Asterisk interconnection and how Skype could help with that.
The beautiful part was that Skype For Asterisk allowed two-way communication into…
-
/
The End of the “Skype as Bandit” Era
Continue Reading: The End of the “Skype as Bandit” EraAnd so it ends… Skype was always always a fun company to write about because they were always a bit of a rogue.The scrappy little startup that took on the megacorps of the telecom industry… and won in so many ways… look at their leading % of international calls… or the fact that per-minute call costs are now very clearly being commoditized down to zero…
… the product that came from the grey areas of P2P file sharing and created some truly revolutionary network technology and created a software client that “just worked” like magic from behind any firewall…
… a company from Estonia of all places, which pre-Skype most of us could only vaguely put on a map but now many of us know more about, including that fact that many Estonians have multiple vowels together in their names in ways we don’t in English (ex. “Jaanus” and “Liive”)…
… a product that was given away for free across multiple operating systems (even if some of us whined about the lack of attention to our chosen platform)…
… a service that just went ahead and implemented SRTP and encrypted call control when all the major telcos were whining…
-
/
Skype Issues 2nd Mac 5.1 Hotfix for “Security Issues” – But What Are Those Issues?
Continue Reading: Skype Issues 2nd Mac 5.1 Hotfix for “Security Issues” – But What Are Those Issues?Today, Skype issued a new Skype 5.1 for Mac “hotfix” for more “security issues”. The problem?We don’t know what those “security issues” are?
We don’t know, for instance:
- Are they related to the remote exploit that was publicly disclosed on Friday? Or to related attacks on the same theme? (as discussed on SecNiche today)
- What is the severity of these “security issues”? Remote compromise? Denial of service? What?
- What is the priority that we should place on getting this update in place? Is it a “UPDATE NOW!” kind of priority? or a “Update when you can”?
- What kind of mitigating circumstances are there for these security fixes?
- Are there any workarounds that could be put in place at a network layer (or any other layer) to prevent attacks on individual systems? (i.e. as a safety measure until the individual clients are all updated?)
We need to know this kind of information.
Particularly as Skype looks to try to move more into the “business” or “enterprise” market space, this level of NON-disclosure is unacceptable.
In comparison, take a look at any of the recent Microsoft security bulletins, like, oh, this one, and you can see the kind of information that…
- Are they related to the remote exploit that was publicly disclosed on Friday? Or to related attacks on the same theme? (as discussed on SecNiche today)
-
/
Skype’s Security Communication FAIL – Why Issue a HotFix If You Don’t Tell Anyone?
Continue Reading: Skype’s Security Communication FAIL – Why Issue a HotFix If You Don’t Tell Anyone?What is the point in issuing a hotfix that addresses a security vulnerability… if you don’t tell anyone that the hotfix is available?Tonight Skype published a blog post saying that back on April 14th they released a “hotfix” for this problem in Skype for Mac version 5.1.0.922. That’s great… it’s good that the fix is out there, but…
how were we Mac users supposed to know about it?
Hmmm… let’s see… Could we find out about the Skype for Mac hotfix…
- … using the “Check for Updates” feature? Nope, doesn’t work for me. Maybe it works for others out there, but not for me.
- … from the Skype for Mac Release Notes page? Nope, that page STILL hasn’t been updated, three weeks later, to indicate that a new version is out. Nothing on there at all about 5.1.0.922.
- … from Skype’s Twitter account? Nope, no mention of a hotfix back on April 15th, although they did talk about the fact that Skype was mentioned twice on 30 Rock and that there was Skype call on the Rachael Ray show.
- … from Skype’s skypesecurity Twitter account? Nope, no mention.
- … on Skype’s Mac blog? Nope. Last post there was April…
- … using the “Check for Updates” feature? Nope, doesn’t work for me. Maybe it works for others out there, but not for me.
-
/
Sorry, Skype, But Your Auto-Update Feature Is A Fail!
Continue Reading: Sorry, Skype, But Your Auto-Update Feature Is A Fail!According to Skype’s Security Blog post right now, I’m supposed to just do an “auto-update” that will give me the latest version 5.1.0.922 of the Skype for Mac client. When I check what version I have, it is 5.1.0.914:
So I go up to the Skype menu and choose “Check for Updates…”
And this is what I get…
So if, as Skype indicates, this security issue was fixed a month ago, how was I supposed to get it?
Sure… it now seems that I can go to the main page and download the software directly, but why would I ever think of doing that?
C’mon, Skype… if you are going to send out security updates as optional updates, please make sure your “Check for Updates” feature works!
P.S. When I first heard of the security issue, after checking the Skype blogs and Twitter streams, the first thing I did was to go into my Skype 5.1 client and do this “Check For Updates”. The next thing I did was check the Skype for Mac Release Notes, which still do not list this update that was apparently fixed in April. After that I did some more poking around and then wrote…
-
/
UPDATED: Skype for Mac Has Dangerous Security Vulnerability… and There’s No Public Word From Skype
Continue Reading: UPDATED: Skype for Mac Has Dangerous Security Vulnerability… and There’s No Public Word From SkypeUPDATE: Skype has now published a blog post indicating that a Skype 5.1 update is available for download. As I noted separately, the auto-update process is NOT working for me. It appears that I will need to download the new version directly from Skype’s website.Separately, Skype PR indicated to me that version 2.8 is not vulnerable – although I note that this information is not in Skype’s security blog post. (Skype has now confirmed in a tweet that Skype 2.x is not vulnerable.)
It’s great that Skype claims they fixed this in mid-April… but if they didn’t tell anyone – including, apparently, the security researcher who reported the issue – what value is it that they fixed the issue?
I have a longer piece that I need to write on this… but I’ll leave that for another post.
Meanwhile, we finally do have some information and a fix – many hours after it would have been helpful to have had it.
The original post remains below… From the Can-We-Please-Communicate-Better Department… there is apparently an open vulnerability in the Skype for Mac client that lets an attacker send a message to a Skype user and gain remote access. As reported…
-
/
Skype No Longer Doing The Samba – Drops Inbound Numbers In Brazil
Continue Reading: Skype No Longer Doing The Samba – Drops Inbound Numbers In BrazilInteresting development in the land of Skype… they are no longer offering inbound phone numbers in Brazil. Per a post on Skype’s Portuguese blog, translated into English via Google Translate, the company providing phone numbers in Brazil, Transit Telecom, has notified Skype that it will no longer be supplying these phone numbers.Skype’s inbound numbers are now referred to as “Online Numbers” but were originally called “SkypeIn” numbers. For an annual fee of somewhere between $30 – 60 USD per year (depending upon discounts with subscriptions), you can have multiple inbound numbers attached to your Skype account from a range of countries:
In full disclosure, I’ve had a SkypeIn/OnlineNumber for years and it works extremely well.
The challenge for Skype, of course, is that they typically have to work with local carriers in the individual countries to obtain those inbound numbers (also referred to as “DIDs” in telecom)… and obviously is at the mercy of the local carrier to keep providing those numbers. Now who knows what happened in this case… perhaps Transit Telecom wanted to charge more than Skype wanted to pay… perhaps they had some other business challenge between the two companies.
Whatever the case, Brazil is…