30

I was surfing a random blog today (Enterprise video conferencing solutions vs Skype), and I came across a claim. I do know that the Skype protocol is a proprietary one, but the author of this blog claims that:

Skype makes use of peer to peer technology in which Skype users become supernodes. This allows Skype to tap on your bandwidth to route other calls, often slowing down your computer.

What I would like to know, from a networking standpoint, is how is this implemented or even possible? First of all, why is there a need to route calls between user nodes? If person X is calling Y, then isn't it a straightforward TCP connection from X to Y nodes? Why does a Z node have to come in between?

Moreover, if this is true, why do most users stick with Skype? Aren't there better opensource technologies available in this arena?

HopelessN00b
  • 3,385
  • 19
  • 27
Prahlad Yeri
  • 503
  • 5
  • 11
  • 4
    It is not a "evil people will drain your bandwidth" thing. Many regular users like you actually _depend on_ the same technology, when both ends are behind several layers of NATs. – user1686 Sep 12 '14 at 15:59
  • 9
    Classic non-native-speaker mistake. I believe he was looking for "tap into", which means "use, or take advantage of, or utilize", and not "tap on" which means spy or eavesdrop. – Adi Sep 13 '14 at 09:23
  • 3
    Regarding your question about alternatives, see [Free/Libre voice & video chat alternative to Skype?](http://softwarerecs.stackexchange.com/q/243/60). – unor Sep 13 '14 at 13:37
  • 1
    Can you explain why this question is on-topic for Information Security? I don't see any aspect of security in your question. (I could imagine some, but I shouldn't have to speculate or hypothesize.) If you have a security-related question, please edit your question. Otherwise, this question seems off-topic for this site, and better suited for something like SuperUser. Finally, in the future I encourage you to do more research before asking. There's lots written on how Skype works these days on the Internet; seems like you could have done a bit more searching and answered your own question. – D.W. Sep 13 '14 at 22:35
  • If you're worried about people dropping eaves on your skype conversations you should look into http://tox.im/ – unknownprotocol Sep 15 '14 at 06:10

3 Answers3

34

Today, Skype do not route communication through other users machines. This is done by Microsoft servers in datacenters.

But back in the days, in the early versions of the Skype protocol, every user with strong-enough bandwidth and not behind a NAT (with routable IP address), can become a supernode and route the traffic of other users that are behind NAT.

That's the reason why this is necessary. If your ISP is doing NAT on the gateway level for example, you can open TCP connection to any host you want, but some other unknown host can't reach you, because the incoming connection is not requested by you. That's how the NAT works, and direct TCP/UDP connection can't be established.

If two Skype users that are behind a NAT wants to talk each other, in normal conditions, they can't, because they only can request-and-receive packets, but can't receive something that is not requested early.

Example: Host A wants to talk through Skype with Host B. Host A tries to open TCP/UDP connection to Host B, but the Host B didn't request anything from Host A early, and the NAT of the Host B's gateway just drop the connection. In the reverse direction is the same.

So, in order to communicate, they both connect to some supernode that becomes a bridge between them. This works because each client transmit the data to the supernode, and the supernode route them to the other side (which is also connected to the supernode, as i mentioned before).

Becoming a supernode can be disabled in early Skype versions with change in the Windows Registry.

programings
  • 751
  • 1
  • 8
  • 14
  • 5
    See [this fascinating article](http://www.oklabs.net/skype-reverse-engineering-the-long-journey/) for details on the Skype protocol. – Naftuli Kay Sep 12 '14 at 17:36
  • 3
    Yes, this is a good article. There is another one: http://saikat.guha.cc/pub/iptps06-skype/ – programings Sep 12 '14 at 18:05
  • 5
    Skype still does occasionally route through end user desktops. I've not got a linked source for this but I've noticed it using bandwidth between 2 IP addresses (and also when I've had calls routed I've looked at the IP addresses that it communicates through and they're sometimes end user ADSL connections) – Matthew Steeples Sep 12 '14 at 18:09
  • 2
    And being a Supernode was different than routing calls. Supernodes handled authentication and user lookups (this is what Microsoft brought in house when they acquired Skype, although efforts to do this were already underway by Skype themselves after the last serious outage) – Matthew Steeples Sep 12 '14 at 18:18
  • @MatthewSteeples If someone uses old Skype version with old implementation of the protocol, he / she can still become a supernode. And yes, lookups and authentication services are another functions of the supernode. – programings Sep 12 '14 at 18:23
  • 2
    The old Skype protocol has been deprecated now and no longer works so you can't be using a version of Skype that allows you to be a Supernode. Supernodes are different to call routers though. I'm not on an old version of Skype and neither are the people I call but we still get routed via end-user ADSL connections. That functionality hasn't changed. – Matthew Steeples Sep 12 '14 at 18:27
  • Are you sure that this people (and you) are behind some NATing? Microsoft claims that they no longer route traffic through end users of the service. Yes, the old versions was banned, but just before couple of months ago... – programings Sep 12 '14 at 18:30
  • I'm not behind a NAT but sometimes the people I call are. Where do Microsoft claim that they don't route traffic through end users? The only sources I've seen are news articles saying that they don't have end user supernodes (which are not call routers). – Matthew Steeples Sep 12 '14 at 18:33
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/17115/discussion-between-matthew-steeples-and-programings). – Matthew Steeples Sep 12 '14 at 18:34
  • 4
    Anecdotally I sometimes catch Skype pushing streams of data through my computer (symmetrical download and upload, typically around 100Kb/s, so it's not something like downloading update). While it might not be _call_, it does seem to retain _some_ P2P aspect in its functionality. – Rarst Sep 13 '14 at 12:16
27

As others have already answered: Yes, Skype originally did sometimes use other Skype users to route some calls.

BUT!!! What the other replies didn't say was: This was actually A GOOD THING! Because Skype was initially Peer-2-Peer based not server based (as Microsoft made it) and all traffic was encrypted from end-to-end it gave Skype two big advantages over all other competition at the time: - It could scale to millions of users on day 1 without the Skype company having to buy more servers. - It was extremely difficult (virtually impossible) for anyone to spy on your conversation.

Now that Microsoft has bought Skype and changed it so it routes data through Microsoft servers, and Microsoft holds all the decryption keys, it made it easy for the U.S. government's PRISM domestic spying program to spy on people's Skype conversations.

Even when Skype did sometimes route some calls through other Skype users systems, it made sure that it did not use more than a trivial 4K/sec of data through the intermediate system so that it wouldn't detrimentally impact the performance of the intermediate system. And because the data that was routed through the intermediate system was encrypted with keys that the intermediate system did not have access to, the intermediate system COULDN'T spy on the conversation so everything was secure.

So, be careful what you wish for, you just might get it and it might be worse that what you already had.

Hopefully some group will create a new IM system like the original Skype and I will switch to it immediately and will be happy to let this new network sometimes use 4K/sec of my network bandwidth to route calls through my computer.

CarlGWatts
  • 371
  • 2
  • 3
  • 2
    Something you might be interested in: http://tox.im – Seth Sep 14 '14 at 14:41
  • It's not just the 40kbaud you lost becoming a supernode. Since other clients were connecting to you, you could have easily got spammed with hundreds of TCP connection requests (cf. http://www.computerworld.co.nz/article/501476/skype_supernodes_sap_bandwidth/). – peterph Sep 18 '14 at 11:55
  • I read that Computerworld.CO.NZ article but it is obviously written by someone who doesn't understand the technical nuances of IP protocols and NATs. I do. And the Peer2Peer routing that Skype used is a very good idea (as I said in my original article). Microsoft paid BILLIONS to acquire the technology! These articles whining about the tiny bit of bandwidth that Skype Supernodes used should be ignored; it was a tiny price to pay for the enormous value that Skype gave you for free. Regardless, now that Microsoft owns Skype, Microsoft provides its own servers to act as Supernodes. – CarlGWatts Apr 26 '16 at 01:46
5

As for the other part of the question: why are users sticking with it while there are better solutions? Two words: market penetration. Average John Doe doesn't care about security or abusing (in the olden days) other network users. He just wants to make calls, this just works and he's not going to persuade all his friends to use something else when "everybody is using Skype".

This is unfortunately nothing new, the same can be said about e.g. ICQ vs. Jabber (and to some extent Windows vs. Linux/BSD) - the earlier solutions just have the advantage of entering into a new field. Who gets bigger share at the beginning basically grabs the market, no matter the flaws. Rather unfortunate, since this preference for quick but hackish solutions usually also brings nasty security consequences for the whole world.

peterph
  • 368
  • 1
  • 7