
Skype's Principal Architect explains why peer-to-peer was eliminated - cantrevealname
http://markmail.org/message/exc3srjkx3uu66bz?q=android
======
ilaksh
Peer-to-peer technologies not only make Skype obsolete, but also make it much
harder to spy on people.

By the way, use WebRTC or some completely peer-based video conferencing
(WebRTC still uses central servers to establish connections). Don't use Skype.
Doesn't make any sense from a technology standpoint or from a privacy
standpoint or anything.

I am actually amazed by how little discussion there is on Hacker News and
reddit about peer-to-peer technologies for things like video conferencing,
publishing and realtime data collaboration.

This whole NSA thing should be enough to push things like named data
networking/content centric networking, WebRTC and meshnets
([http://www.reddit.com/r/darknetplan](http://www.reddit.com/r/darknetplan))
into the mainstream.

I believe that we are going to move away from a lot of traditional ways of
doing things pretty soon. For one, obviously centralized servers have to go.
Replace that with encrypted, privacy-focused data oriented networking.

Replace centralized internet backbones with wifi meshnets, private laser
systems, even private fiber networks, etc.

Its very nice to have a simple programming language and API available with
things like Webkit and Mozilla browsers, but that still puts too much power in
the hands of a few companies, and locks us into particular implementations,
and also traps us within the browser.

Programmers and businesses do need easy-to-use, cross-platform and cross-
device APIs and programming languages. I think we can port a lot of the Web
APIs to a language-neutral, binary-neutral, implementation-neutral semantic
representation. Dump as much of the unnecessary complexity from Web APIs as
possible.

Take a look at what HTML/SVG etc. provide and re-engineer a more general
purpose solution for representing all kinds of things _including_ software
source code that is based on truly semantic representation inspired by
description logics which separates presentation from display/editing.

~~~
burntsushi
> This whole NSA thing should be enough to push things like named data
> networking/content centric networking

You're damn right. It wasn't even a few days after this whole thing broke that
I started working on a simple, distributed and automatic file synchronization
program. No third parties and open source.

I was absolutely stunned to find out that nothing out there meets those
criteria (despite my best efforts). The only thing that was close was git-
annex assistant, but I don't want to use git for simple file synchronization
(particularly for large files).

There's also Bittorrent Sync, but it's completely locked down. :-/

~~~
lukifer
> There's also Bittorrent Sync, but it's completely locked down.

This really surprised me; for some reason, I assumed it was open source. Since
the storage is entirely peer-to-peer, I wonder what their business model is?

~~~
mtgx
Not open source, probably because the bittorrent protocol isn't open source.

~~~
goblin89
I believe that's not correct. First a nitpick, I think it's only software that
can be open or closed _source_. Protocol specification might be kept secret,
though.

Regarding specifically BitTorrent protocol specification[0], it's free to use.
Anyone can build their open or closed source BitTorrent client without reverse
engineering.

[0]
[http://www.bittorrent.org/beps/bep_0003.html](http://www.bittorrent.org/beps/bep_0003.html)

------
pronoiac
Reasons given:

* Avoiding things like the supernode crash from December 2012.[1]

* Supporting the growing mobile share, which can't contribute as supernodes.

[1] [http://blogs.voxeo.com/voxeotalks/2010/12/23/skype-
outage-i-...](http://blogs.voxeo.com/voxeotalks/2010/12/23/skype-outage-i-run-
a-supernode-and-heres-what-i-think-happened/)

------
bosky101

       >
       > these devices are a lot different: they're running on battery, sometimes on WiFi 
       > but often on expensive (both in money and battery) 2G or 3G data networks,
       > and essentially "off" most of the time. 
       > On iOS devices, applications are killed and evicted from memory when they attempt 
       > to do too much background processing or use too much memory. 
       > On Windows RT and Windows 8 Modern applications, when the application is not in
       > the foreground we only get a few seconds of CPU execution time every 15 minutes
       > and again, strict memory limitations if we want to stay loaded.
       > And when the Skype application is unloaded, it can no longer receive incoming 
       > calls or IMs, rendering it a lot less useful.
       >
    

This is pretty much why/how all IM clients for iphone/ipad/android work as
well.

( i work on verbs.im, we're a team of 4 now, here's a link to our privacy
policy
[http://includetech.co/privacy/verbs](http://includetech.co/privacy/verbs))

The server becomes a proxy for your account, and being able to send push
notifications.

Your apps become thinner clients needing lesser battery, bandwidth.

Infact we've got a step further, and replaced XMPP/HTTP with MQTT to save even
more battery.

( here's a nice article profiling power consumption of MQTT vs HTTP here
across wifi/3g:
[http://stephendnicholas.com/archives/1217](http://stephendnicholas.com/archives/1217)
)

That being said, the recent iOS 7 have introduced API's for longer running
background apps

~B

~~~
Torgo
I don't know why this necessitates the removal of supernodes though, because
it has always been the case that desktop clients could disable supernode
functionality with a checkbox option. Why would it ever be enabled (or even an
option) on a mobile client? Or is the issue simply that the majority of
clients have become non-supernode-capable and it became an issue? I wish he
would have went into more detail on this because at first glance the
explanation is not sufficient to justify the change.

~~~
wmf
Kaufman's point is that phones don't even have enough resources to be a
_normal_ Skype peer, let alone a supernode. Thus work had to be shifted from
peers to servers. I guess they could have shifted all that work to supernodes,
but it was probably simpler to just put that functionality in reliable MS data
centers. Also, I don't know that it's safe to send iOS/Android push messages
from random PCs.

------
crazygringo
I'm curious... I understand that the Microsoft servers are functioning as
supernodes now.

But when one computer calls another, and neither are behind NAT/firewall/etc.,
is the actual audio stream going directly between computers, or are they both
sending the actual audio to/from the Microsoft servers?

Obviously Microsoft _could_ choose to redirect it through their servers
whenever desired, but I assume that audio communication is still direct,
whenever possible?

~~~
stephengillie
I don't think the scenario you're presenting is realistic. Either an exposed
PC on the internet has its own firewall, or it's already exploited.

~~~
zurn
Nope - centralised network firewalls never became popular for consumer users.
Microsoft started shipping a default-on host firewall in XP SP2, those let the
user get prompted on what apps to allow. Lately corporations have been moving
to host firewalls too since the "crunchy on the outside, soft on the inside"
intranet mindset is increasingly incompatible with the modern world.

------
anologwintermut
Its funny, people got so caught up on the fact that Microsoft must have
changed Skype's architecture to allow wiretapping. Via Snowden/PRISM we know
wiretapping of Skype was possible well before the acquisition, let alone the
redesign.

~~~
acqq
Exactly!

Prism slide: Skype: 2/6/11

[http://en.wikipedia.org/wiki/File:Prism_slide_5.jpg](http://en.wikipedia.org/wiki/File:Prism_slide_5.jpg)

But "Microsoft to acquire Skype": May 10, 2011

[http://news.cnet.com/8301-13506_3-20061371-17.html](http://news.cnet.com/8301-13506_3-20061371-17.html)

------
nadaviv
Most of the points mentioned make it reasonable to use central servers, but
why did they need to drop the p2p encryption?

The only thing that seems related is "and other nice features like spam
filtering and malicious URL removal" which he briefly mentions, but I don't
find it a good enough reason to drop encryption and make it possible to
intercept communication. Seems like an awful tradeoff.

~~~
nextweek2
Taking off my tin foil hat for a moment, I would propose that encryption adds
latency which they felt most users didn't care about. However most users
demand land line quality voice.

------
runn1ng
To anyone using Skype for actual work, the problems with peer-to-peer
messaging become rather obvious, as messages from one device appear only when
both that device and the receiver are online, which gets _really_ chaotic when
communicating with more people at the same time.

Basically, the perception is "if you don't send the message when all of you
are online, really weird things happen".

~~~
pwnna
Still, that does not mean that encryption needs to be dropped (or e2e
encryption needs to be dropped, or that MS has your encryption keys).

------
Aloha
The reasons given lined up with my own thoughts. It's very hard to build a
stable, reliable and self repairing distributed network. Communicating status
and presence info is the largest challenge that distributed networks is the
hardest and most difficult challenge you have, whereas with a centralized
server, and 'register' its fairly easy to push updates out for all of this.
Also, the server can be set to maintain status for the subscriber, even if
they are not really connected.

------
dfc
Archive that displays more than a paltry 15 lines at once:

[https://www.listbox.com/member/archive/247/2013/06/sort/time...](https://www.listbox.com/member/archive/247/2013/06/sort/time_rev/page/1/entry/4:269/20130623090855:0B714E0A-DC06-11E2-9F35-8CD4CCA160A2/)

~~~
lancewiggs
And the original submission that points to it. fwiw:
[http://news.ycombinator.com/item?id=5929404](http://news.ycombinator.com/item?id=5929404)

------
preneur
The original design of the Internet was peer to peer.

This is not some revilutionary idea. It's getting back to the original design.

Small scale peer to peer networks can still be achieved, easily, even in the
presence of "firewalls", "ISP's" and "NAT".

You need a least one reachable IP address to be able to pierce NAT and
"bootstrap" the network. Easy.

You need to do some simple encapsulation. Again, easy.

You need an OS with a TAP interface. Easy? iPhone denies programmers the TAP
device. And any other company controlling a mobile OS could easily block your
peer to peer networking capability by interfering with your access to the TAP
device.

Maybe it makes more sense to distribute your peer to peer solution as part of
an open source OS that will run on many hardware architectures than to
distribute a solution that purports to run on all the popular OS's.

Maybe "apps" don't have to run on the OS that does the peer to peer
connection. Maybe they can run "through" it instead: point your router/gateway
settings at this open source OS, running on some small form factor pocket-
sized computer like the Pi, and voila, you have a decent simulation of the
"original" end-to-end Internet that you can use with people you know (the
original Internet was among people who knew each other).

------
vr000m
WebRTC is not a silver bullet, it mainly standardizes the profile for enabling
interoperable media (via SRTP, SDP,...) and an API to control it from JS.

The signaling is open, so it is mainly up to the developer to decide the
topology they want to enable: p2p, mesh, centralized MCU, hub-and-spoke,
overlays, etc.

However, in many cases you'd have to use a TURN server to communicate from
within very restrictive firewalls. This turn server could possibly run by
anyone, including you. Just need to call the appropriate API with your own
TURN server.

I run restund (a open source turn server) on an amazon instance and route my
packets via that (I also remove all other ICE candidates and just keep the
TURN).

------
bifrost
As a network engineer, I always knew when skype was misbehaving because those
users always came up to me and complained. They complained because our
corporate firewalls blocked them for using thousands and thousands of TCP
connections when they became supernodes.

They asked "how do we fix this" and sadly the answer was generally (if you
were on a mac), you don't, just shutdown your client when you're not using it
and it won't become a supernode. It wouldn't really have been a big deal if it
was 5-10 connections, but it wasn't so it became a problem.

I assume eliminating the crypto has to do with eliminating overhead, but it
could have to do with DPI and making it more firewall friendly.

------
wfunction
Relevant: [http://arstechnica.com/security/2013/05/think-your-skype-
mes...](http://arstechnica.com/security/2013/05/think-your-skype-messages-get-
end-to-end-encryption-think-again/)

------
smutticus
When my non-technical friends want to Skype with me I tell them to go with
Jitsi. ZRTP all the way.

[https://jitsi.org/](https://jitsi.org/)

People with a clue should no longer be using Skype.

~~~
specto
I attempted to use jitsi with ddg's xmpp server, however the video and audio
would never work between us. It was always one or the other. I hope the kinks
are worked out as I would like to stop using Skype asap.

------
mtgx
What about collecting all https links, with the excuse that they're protecting
you against spam (as if most spam links are https)?

~~~
throwawaykf
In a previous discussion on HN, a HN user checked and confirmed that MS
servers hit both HTTP and HTTPS links. Unfortunately I can't find that comment
at the moment, so here's an Ars article that reports the same behavior:

[http://arstechnica.com/security/2013/05/think-your-skype-
mes...](http://arstechnica.com/security/2013/05/think-your-skype-messages-get-
end-to-end-encryption-think-again/)

------
FiloSottile

        In the case of
        instant messaging, we have merged the Skype and Windows Messenger message
        delivery backend services, and this now gets you delivery of messages even
        when the recipient is offline, and other nice features like spam filtering
        and malicious URL removal.
    

This relates well to the HTTPS url visiting thing of a while back.

------
noptic
TL;DR Skype P2P performs on mobile devices so we removed the featues people
loved about Skype and kept the name.

------
hawleyal
Why not let me run my own server then, for me and my friends?

------
dschiptsov
To collect and store the data, stupid.)

------
magoon
Sounds legit.

------
drivebyacct2
I've been saying this for, probably close to a year now. Moving supernodes
from being personal consumers to running in a cloud is a good thing and has
minimal impact on privacy.

Even comments here indicate people clearly didn't read this email or fail to
understand it at all.

~~~
mtgx
Minimal impact on privacy? I wouldn't say NSA having access to all Skype calls
a "minimal impact on privacy".

~~~
tincholio
Given how supernodes worked, the NSA might have had as many supernodes as it
wanted, with your traffic going through them and you none the wiser. Hence,
your argument doesn't stand, really.

~~~
flyinRyan
Only if you had to use supernodes. All you had to do was open an outside port
for skype and you wouldn't need supernodes for anything.

~~~
drivebyacct2
wrong on top of wrong on top of wrong.

Like I said, people still don't get it.

Supernodes are a directory service. "Traffic" as in text and video traffic
rarely, if ever, is transmitted through Supernodes.

------
antocv
I liked this part

"In the case of instant messaging, we have merged the Skype and Windows
Messenger message delivery backend services, and this now gets you delivery of
messages even when the recipient is offline, and other nice features like spam
filtering and malicious URL removal."

And wish to add to that, other nice features like "censorship and loss of
privacy."

I remember when I ditched MSN in favor of a what I thought was a secure
communications solution, I waved goodbye to Microsoft. Here I am again, my
messages routed yet again through their backend.

~~~
atesti
And let's not forget how Microsoft scanned all private urls that were
mentioned inside Skype chats recently:

[http://seclists.org/fulldisclosure/2013/May/78](http://seclists.org/fulldisclosure/2013/May/78)

~~~
bskap
Um yes, that's covered in the "malicious URL removal" part. Hard to do
malicious URL removal without, you know, looking at the URLs to see if they
need to be removed.

~~~
alephnil
Except that they only checked HTTPS URLs, and most malicious URLs are on HTTP,
which they apparently not checked.

~~~
bskap
Are you an expert in this domain or are you just parroting what the article
said? I can think of at least one reason for a spam filter to contact the
computer for an HTTPS request but not for an HTTP request- you want to find
out what certificate they're using.

