See Telephony, Messaging and Social network for the way PSYC, like every good open source tool, would like to help replace Skype.

Contents

Unlike any software you ran before

Skype doesn't let anyone see what it actually does on your computer. It could be doing anything.((s)) Since every communication is encrypted you are completely not in control. Merely running it means you are likely to be relaying other people's phone calls, but hey, that's P2P, and they mention it in their T&Cs. But what else happens?

Read http://www.secdev.org/conf/skype_BHEU06.handout.pdf for details. Suggestion: Always shutdown Skype before you do important things like bank transactions or credit card shopping. Attention, closing the window won't shut it down, you have to select the function from the menu. Even on Linux.

For some older but also good analysis of the network protocol (only) have a look at http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf.

Then again, you may want to look for any sort of alternative. Here are reasons to do so.

<coyo> I would absolutely love an alternative. Since there are plans on the table for inband voice and video streaming (and thus the potential for video calling and perhaps even videoconferencing with a specially-coded service to control the video context. But right now, Skype is the only one that works reliably. I cant get SIP to work if my life depended on it.

Nobody knows but the NSA?

Realborg Tom says on http://forum.skype.com/index.php?showtopic=95261:

I fact I have recently been thinking about the "Bundestrojaner" german minister Schäuble is planning to use and found that Skype would be the perfect place to hide it:

  • it is installed on a majority of systems
  • it is protected against decompilation / debuggers
  • it bypasses almost any firewall
  • it uses encryption for network traffic
  • it may send lots of data even when not making a call
  • it might have already been deployed by the NSA
  • eBay has a history of cooperating with federal agencies

But of course you would not care about big brother reading your harddrive unless you are a terrorist...

And this is different from any other program you have on your computer. Even Microsoft Windows or MSN may be getting away doing some things you wouldn't want it to, but it is generally known what is happening and in particular what it is sending over the wire. So if any program on your computer starts spying on you, somebody out on the Internet would have told you in advance. Not so with Skype, because nobody even has a chance to find out!

Update: Unless of course intelligence agencies make stupid comments at press conferences.

Skype Reads Your BIOS and Motherboard Serial Number

Fits the picture.. to have legally stronger evidence against you, Skype is collecting physical identification data of your hardware.

See http://www.pagetable.com/?p=27 for details, oder http://www.heise.de/newsticker/meldung/84955 auf deutsch.

Of course they would only do it if you are a terrorist or a child molester (see also: You have nothing to hide), but still, they can check your computer and they can even prove which computer it was after you deleted everything on it.

See also

  • Privacy, because you have nothing to hide.
  • Skype worm.
  • Skype is also mentioned on the page on centralistic systems (because even if it is using P2P where it can, it still has a central point of control, as we recently experienced when it went down for a week or so).
  • de:Skype with some old stuff in German.