The Skype outage and centralized systems

| Comments (1) | Networking
Skype suffered an extended service outage last week. There were a lot of rumors about how this was the result of some sort of attack, though Skype denies it. Here's what they say:
Apologies for the delay, but we can now update you on the Skype sign-on issue. As we continue to work hard at resolving the problem, we wanted to dispel some of the concerns that you may have. The Skype system has not crashed or been victim of a cyber attack. We love our customers too much to let that happen. This problem occurred because of a deficiency in an algorithm within Skype networking software. This controls the interaction between the user's own Skype client and the rest of the Skype network.

I don't have any more information about this than anyone else, so it could be either an attack or just a simple error. In either case, even if you believe Skype's story, it suggests that the Skype system is fairly brittle. Basically, any problem with Skype's central servers, whether through attack or error, has the potential to bring down Skype as a whole. By contrast, in a more distributed/decentralized system, global outages tend to be a lot less common. For instance, if I have an account with SIP server Atlanta and you have an account with SIP server Biloxi, an outage at server Chicago doesn't affect us at all. Of course, if there's some sort of large-scale Internet outage, this can affect us, but such issues aren't that common and of course Skype is just as vulnerable to such issues.

I'm not arguing that SIP is somehow inherently superior to Skype. It's quite possible to build a SIP-based system which is just as centralized and fragile—if Vonage's servers go down, then no Vonage customer will be able to make phone calls. On the other hand, there are other SIP providers and they aren't affected by Vonage outages. The difference here is that Skype is inherently centralized, and you basically can't use Skype without talking to their servers somehow. 1. By contrast, SIP was specifically designed to be used in a decentralized environment, much like e-mail is now, and clients and servers from separate vendors more or less interoperate—though of course some network operators won't allow direct SIP connections so you sometimes (often?) need to go through the PSTN for SIP UA A to talk to SIP UA B.

This isn't to say that decentralized systems are inherently better, of course, but they are generally more resistant to this particular failure mode.

1. Yes, the Skype protocol has been reverse engineered, but as far as I know there aren't any compatible clients or servers, and Skype's implementation is deliberately designed to be closed—you shouldn't expect to be able to use Skype's clients with such a service, which significantly decreases the value of using the Skype protocol.


Apparently they got DoS'd by Patch Tuesday.

Leave a comment