Are Skype’s Problems Architectural?

Skype has had its share of bad news lately, with a malware attack following close on the heels of a massive outage. Current events raise questions about Skype’s technology that won’t — and shouldn’t — go away.

One is the perennial architecture question: proprietary (Skype) vs. open (SIP). Recently I asked SIP application company Counterpath’s CTO Jason Fischl to talk about it. Fischl was also the architect of TelTel’s SIP-based VoIP system.

“When you’re trying to design a system to scale there are two places you can have a problem: design of the protocol or in a bug in the implementation,” he explains.

And quite simply, in protocol design as in so many of life’s other arenas, numbers count.

“In the case of SIP we have protocol design by people who’ve been designing telecom protocols for many years.” People like Cisco and Nortel telecommunications engineers, who have generations of experience with the problems that can crop up in communications networks.

“In the case of Skype, they have a very small group,” he continues. “The advantage [for Skype] is that they can make it simple. But a lot fewer people are looking at it. It’s a monoculture. The same group of people are making all the decisions — and the decisions are made for tactical reasons rather than technical reasons.”

And then there’s implementation execution. Here, too, more is better.

“When you see the problems Skype had, you see the advantages of SIP. In the case of SIP, you’ve got hundreds — even thousands — of implementations. Lots of service providers implement SIP. Any problem they have isn’t going to affect the entire population — just their customers. Lots of different vendors implementing is a nice benefit.

“But the consequences of a flaw in the case of Skype — it’s a catastrophe,” adds Fischl. “There are no other implementations.”

Fischl suggests that Skype’s outage may have had more to do with the centralized aspect of Skype’s architecture than the peer-to-peer dimension. “One of the [problematic] things about their [Skype’s]architecture is that the authorization of users is done on a central server. That leaves open a vulnerability.”

SIP, by contrast, has a distributed authorization process. “It relies on an overlay network. You make a query into the overlay network and find out how to contact subscribers.”

Further, the IETF’s — Internet Engineering Task Force — peer-to-peer SIP working group is looking at an architecture that will do complete peer-to-peer SIP without a server at any point.

“One of the fundamental requirements is that you won’t need a central server when you login — only when you sign up. The consequence is that if servers went down you wouldn’t get new customers, but customers can still make calls.”

Fischl confesses to being puzzled that Skype hasn’t embraced SIP. “To being with, they’ve already got SIP gateways — why not go further down the road? I think if they took that approach — augment the network, let any SIP endpoint connect — they’d have a huge network of vendors building devices.

“Who knows?” Fischl adds, “Maybe they’re going down that road.”


  1. jan1972 says:

    My laptop does not run Skype.

    Seeing flickering network and hard drive LEDs without doing anything on my computer and Wireshark not being able to tell me what is going on tells me I have spyware on my computer.

    I walks like a duck, it talks like a duck, it is a duck.

  2. namronp says:

    It would be good to be able to access the Skype voip service from my communications server. I would like to be able to register and initiate PSTN phone calls through a link to Skype. I now use Broadvoice, but it can get expensive, and I would hope Skype could provide this functionality for less money.

  3. tommylove says:

    I use a Verizon wireless card on my laptop. Skype is the only service that I can get to work going through the Verizon Wireless connection. I have Vonage but it does not work. The problem is the outbound data gets garbled. I tried IpPhonex. it did sometimes work at the lower bandwidth settings but it was hit and miss. I tried a couple of other service but had the same results. I am mostly mobile so I am using the Verizon wireless card. It works very well most of the time. Anyone know of any other service works well going over Verizon’s wireless?