All you conversations
are belong to Route through our servers for the benefit of our friends.
In the same month Microsoft announced its alpha WebRTC-based Skype for Linux client, Redmond has put that native app and the native OS X Skype client on an end-of-life list. This is because Skype is being rebuilt to replace its peer-to-peer architecture with cloud-centric code that supports Windows, iOS, Android and web …
No, both Viber and WeChat REQUIRE your phone number.
So for privacy, the best thing is simply to use plain WebRTC through sites like appear.in (or plenty others). For that you just need a browser like Firefox or Chromium (not sure about M$ browsers because they alawys want their OWN "norm" like WenRTC does not please them, they did ORTC).
With WebRTC, if there is a direct route between the 2 callers, your browser will use that route, so that the initial server is used only for starting the conversation. If there is no direct route, WebRTC will use a relay, but as it is end-to-end encrypted, the relay has no way of knowing what is inside the packets it relays.
As for M$, it is absolutely sure they decrypt the conversation, otherwise how would you want them to do the feature: "adapt the bandwidth to each correspondent"... with WebRTC, there is no way you could do that, although they are bringing a feature comparable to "progressive JPEG" with video, so that the correspondents can adapt with their own bandwidth, at the price of lesser image quality.
This post has been deleted by its author
I just was about to install viber on my Android phone when I looked at what it needs to have access to !!!! Wow more likely what it doesn't need access to would be be a shorter list !
I will list the 3 main suspect ones it wants access to !
Device & app history ?
Wifi connection information ?
Bluetooth connection information ?
When I initially saw the list I looked at it carefully as I was worried if it wanted to know my penis size etc !
Skype has some good features, and I have some contacts over the years who still only use Skype so I try to keep it around.
Before the Microsoft acquisition, Skype was the best free multi-platform desktop sharing app. Once Microsoft bought it, they broke desktop sharing on Linux (not a surprise). There is plausible deniability that it was intentional, but I wouldn't be surprised either way.
With the new version, maybe the Linux version will reach feature parity with the others -- but it has a long way to go and I am quite skeptical.
Unfortunately, any "replacement" needs to be free and easily installable. It's not that I might not be willing to pay a modest fee for proper peace of mind, but one needs to be able to convince everybody else currently using Skype to convert to the replacement too, and that definitely won't fly if I need to tell them "well, if you want to keep talking to me just delete Skype and get a monthly SIP subscription then please follow this easy not-at-all technical 101-step tutorial on how to set up your phone to use it, I have another slightly longer one for your laptop..."
My first thought was this is so they can slurp your data to whore you to advertisers (and paying gov departments) just like Google do. And Win10 does.
Having thought about it a bit more, that is also my 2nd thought.
Edited to add: What are the real alternatives to Skype these days? Something that is cross-platform and not dependent on a big data-slurping company? Might be useful to know.
Wire (wire.com) has Windows, Mac, Android, iOS, and web clients. It doesn't have Windows Phone but Windows Phone is deader than Skype. Microsoft can fragment Skype until it only works with Windows Desktop and Windows Phone and then they'll be utterly surprised to find that nobody is using it.
There's also appear.in which is web only, but it has the advantage of not having a crappy broken UI, unlike Skype.
Some potential alternatives could be ring.cx, Tox and retroshare. First two work decentralised with DHTs, and the last one is a bit older from an architectural point of view and voip + video is still an add on. Yet another alternative could be your favourite XMPP server + jingle.
None of the options above are as convenient or wide spread as Skype, but maybe one of them can get a foot hold and become a new standard? Would be nice, but I doubt it.
None of the options above are as convenient or wide spread as Skype ...
Not at the moment but now that Microsoft have signalled the end to Skype on Mac, which is now a significant market, I do not think it will take long for someone to take its place. Gone are the days when then can get away with this sort of thing because "everyone uses Windows".
Is anyone using Linphone? It seems to run on just about every sensible platform, both desktop and mobile. It does messaging, audio and video calling and is apparently fully encrypted. The mobile clients are nice, but the desktop ones are a little clunky, unfortunately. It could possibly use some developer and donation help, but it does seem to be the most multi-platform system out there, although it seems to be little known.
https://www.linphone.org/
Or Signal (only iOS and Android, though)? One of its developers is Moxie Marlinspike, who is someone who seems to know his stuff about security, which is a scarily complicated field (although these days you almost wonder who is actually for real and who is potentially a false flag agent, and how would you know…?).
https://whispersystems.org/
I've had that on my system for years, but never made anything but a few test calls. Currently I'm trying ekiga instead, which seems to have fewer dependencies, which makes getting to the point of making a test call easier. :-)
I'm no fan of skype, but since that's all anyone else wants to use, I seem to be stuck with it.
Ekiga seemed fairly polished the last time I looked at it on Linux, but the snag is that it's Linux and Windows only, so it can't be recommended for everyone, unfortunately.
The difficulty is that, for universal interoperability (or as close as possible), everyone needs to be using the same communication and encryption protocols, which often seems to mean using the same app, as they sadly all seem to be inventing multiple incompatible wheels! If SIP + ZRTP are appropriate and also secure open standards then maybe there could be hope that whatever app a given person is using would be unimportant.
Linphone is in the Ubuntu repo which makes it easy to install. Unfortunately, I have never been able to use video with it, although audio works well with the SIP account given by my ISP (and I could capture incoming calls to my home phone when I'm out).
Signal from whispersystems... how can you seriously claim promote privacy when the first thing you ask is your phone number! So if you ask me, this so-called "security expert" is a phony.
"how can you seriously claim promote privacy when the first thing you ask is your phone number! So if you ask me, this so-called "security expert" is a phone."
But privacy doesn't automatically need to mean anonymity does it?
Keen as I am on protecting peoples privacy, anonymity seems a little more problematic.
I refused to use Skype since it was bought by Microsoft. However, I might consider using its cloud version if no Microsoft code needs to be installed. I am fully aware "all your talks are belong to Redmont (and some government agencies)" but at least I would know when they spy on me.
I refused to use Skype since it was bought by Microsoft. However, I might consider using its cloud version if no Microsoft code needs to be installed.
I wouldn't if I were you. I entertain myself with demonstrating to lawyers and people in finance that Skype is intercepted - it's quite fun to see their faces go white when they see live evidence :)
ever, because I never trusted the people who made it.
They paid for building Skype with money they made off the Kazaa P2P network (so dirty money from hacking, malware and piracy). I did perhaps have a grudge because I had to retro-engineer their on the wire protocols and deal with their wacky roll-your-own encryption system, that changed _constantly_.
It was therefore not surprising to me that they bit the hand that fed them by suing the people who made them billionaires. They tried to claim they transferred the Key IP rights on their P2P networks software to one of their endless shell companies, Joltid, and sued for copyright infringement.
http://www.nytimes.com/2009/09/17/technology/companies/17skype.html
If enough people are worried about it, there are plenty of other options. The only value Skype has had for a long time is it's ubiquity. And ubiquity only gets you so far. ICQ, AIM, Yahoo... all had their days in the sun, and all fell behind. Skype is never going to become a single defacto solution like the POTS phone system was. Too many other Islands and walled gardens, like Facebook Messenger or Facetime/iMessage. Add that to cell phones, texts, email, Slack, maybe a ticket system or two, and our immediate future looks like something from Snowcrash. Fragmentation and information overload.
I believe anything you tell me of course, but in order to convince other people, would you share a demo' of it, or the recipe, or somesuch, please?
I'm busy getting Skype Luxembourg to give me a formal explanation why they do it. So far, they've tried playing games with me, so now it will progress to the Luxembourg National Commission for Data Protection because if they're hoping I will let this lie they're seriously mistaken.
Oh, and I tend to demonstrate this live in front of audiences mainly composed of lawyers. Lawyers not only like facts and evidence, they also talk to their customers who tend to listen as they pay for their time..
Skype isn't P2P any more, everything's been going through MS' supernodes for a few years, and messages can blocked (e.g. you type a link to a phishing website that's on their list) so they know the contents of messages too. They're not going to change that with the move to web clients.
Today, peer-to-peer IMs use AES 256 encryption while IMs passed through cloud use TLS.
AES 256 is an encryption algorithm while TLS is an encryption protocol (which includes a mechanism for selecting an algorithm, which is fairly unlikely, today, to be anything other than AES 256 but could be something weaker or stronger).
You're comparing chalk with ... not cheese, but with some method for selecting a piece of chalk.
Could this be another instance of Microsoft's successful product acquisition strategy?
1. Recognise that you do not have much experience of success in communications products
2. Buy successful communications company and products for lots of money
3. Decide to change the acquired products to fit in with the Microsoft way of doing things
4. Watch changed products and formerly successful company die
5. Re-write history to show that it never happened
6 Return to 1.
It takes a really special kind of management to release an alpha of a new Linux desktop client and a month later put Mac and Linux desktop clients on notice.
Most likely part of Microsoft's management had no clue that Skype native clients for Linux and Mac even exist, until they saw the alpha release announcement. And after they realised...
2. Buy successful communications company and products for lots of money
Successful? Nokia were up for sale only because they'd managed to mess up, and Apple and Samsung had dibs on the smartphone business. Nokia's board decided they couldn't fix it, and brought in Elop, who told them that they were right, but he knew a patsy who might give them money for the carcass.
And the rest is history. Disclosure: I HATE Microsoft as much as the next man, but the complete implosion of Nokia came with a sticker on the box that says "100% Made in Finland".
" I HATE Microsoft as much as the next man, but the complete implosion of Nokia came with a sticker on the box that says "100% Made in Finland"."
Ah, that will explain why my pay cheque (and that of 10s of thousands of others) is signed by some entity named "Nokia" which has a head office in Finland.
FFS, how hard is it for people to understand that Microsoft only bought the cellphone making part of Nokia's business - the rest of Nokia is going fine and is very successful in a number of fields.
A quick duckduckgo (or google, if you must) might help keep feet out of mouths.
Could this be another instance of Microsoft's successful product acquisition strategy?
1. Recognise that you do not have much experience of success in communications products
2. Buy successful communications company and products for lots of money
3. Decide to change the acquired products to fit in with the Microsoft way of doing things
4. Watch changed products and formerly successful company die
5. Re-write history to show that it never happened
6 Return to 1.
Ah, so you mean yet another methodology they stole from IBM.... Sorry MS, but IBM are *way* better at FUBARring companies they slurp up. And IBM is far better at f***ing up in general.
... on windows with one of the first skype releases after being bought by Microsoft. Even with pcs on the same network segment, it was routing everything via servers. I saw file transfers to the desk next to me drop from 100Mps to 10Kbps. Nice job Microsoft.
For a really private alternative, get a copy of signal from open whisper systems.
It would seem that centralising Skype in this manner will allow Microsoft to offer Skype in various jurisdictions like Russia, India, Argentina et. al. with the ability to conform to local laws.
Argentina (or is it Brazil?) has an ongoing fight with Whatsapp over encrypted messages.
Russia has newish laws regarding content locality and, possibly, legal interception.
India has a pretty serious hatred of any encryption that it cannot break.
So the changes place Skype in a perfect position to play in all markets, including these.
> You left out the UK & 'power to ban encryption' rhetoric being bandied about by the 'upper (and upper-middle) class twit of the year contestants' lurching around Westminster...
Why stop there, since the lower, lower-middle, and middle class twits in Westminster are - if anything - even worse.
"will allow Microsoft to offer Skype in various jurisdictions"
And although our beloved NSA would never arm-twist Microsoft into back-dooring their products, now that these other countries have mandated it, our spies will just say, "May as well take a peek now that the door was left ajar."
"better when routed and processed through a server"
Better for whom? Prying eyes will have an easier time obtaining a buffer copy from a server. And then strong-arm one or both end node users for the encryption key.
Even better(?), if the protocol has been designed to negotiate session keys between the server and each user, you have a single point where authorities can go to get those keys. Never mind that having a restricted set of mid-points to watch makes traffic analysis a cinch.
It went full retard by combining MSN Messenger with Skype.
The evolution of the Skype UI has also deteriorated. You can look for the version of the Skype installer before Microsoft's acquisition, install it and compare for yourself. Skype version 5.3.0.111, released first half of 2011.
On hindsight, it's always the easier option to relinquish control, creativity and ownership when Microsoft comes knocking at your door with a thick stack of money. LinkedIn was the latest casualty.
The only reason I have Skype is that I seem to work in a lot of offices with WiFi but no mobile signal. I can rent a landline number that I can give to people who might want to call me. If anyone can suggest a good alternative, I'd be interested.
But I'm heartily sick of Skype spam. I get numerous contact requests and even (unanswered) calls from exotically-named women that I've never heard of. What's the business model here? I can understand email spam - it's as easy to send a million messages as one, so the infinitesimal response rate is still profitable. But phone call spam sounds much more time-consuming, and where's the payoff?
The P2P was the worst part of skype. It was the bane of network admins. If you tried to block people running p2p file sharing, you would accidentally kill skype even if you wanted to allow it, and there was no fixed port you could exempt. Such a shitty design. Glad to see that gone.
As for security, well if you ever thought your skype conversations were secure, you were almost certainly delusional.
Tried out Facebook video calls the other day... it's so much better than Skype it's shocking. Doubt too many people will shed tears over Skype's future direction.
The alternatives seem to have it beat. Never tried Google Hangouts but I wouldn't be surprised it that was better quality than Skype.
She's just a little naive web-wise and overly trusting. I really do not want her to be led off into the weeds by a web based Skype interface. It only takes one little cross-site scripting attack inside an unscrupulous ad.
Her MacBook and it's self-contained Skype client is everything she ever needs to talk to her children and grandchildren.
BTW - those who do not think their conversations are being monitored should check out CALEA. Every communications network is required by Federal Law to be able to intercept and expose a conversation.
1 Up for the CALEA mention. It should be noted, though, that CALEA was enacted to ensure that law enforcement could execute wiretap warrants. Microsoft, and most or all other carriers almost certainly would require a valid warrant, reviewed by their legal department, before implementing a tap.
"Microsoft reckons it needs to rebuild Skype to improve call quality: once traffic has reached the Microsoft cloud, Redmond shuffles the bits between ingress and egress. To that extent, it can control call quality – but the user experience will still depend far more on their broadband connection, their ISP, and so on."
And how much bandwidth Microsoft has to throw at the millions of streams. Looks like I'm going to have to start looking for an alternative to Skype.
The only two that I can think of would be (in no particular order):
--> Bigger, louder, more intrusive and more frequent advertising
--> Backdoors for various TLAs
(As a subset of the second one, naturally there would be more telemetry, which may or may not be considered its own "enhanced feature".)
Nothing like "single point of failure" (consisting of multiple nodes) to screw up reliability. Free P2P was one of the coolest features that Skype had... [I used to pay for skype access for certain kinds of long distance calls, but not any more - it has been YEARS, in fact, since I did that]
"The Cloud" - _SO_ overrated. even 'google docs' hasn't been immune to widespread outages.
I can't say I've ever been impressed with the speed, stability, or interface of the native Windows app, especially when using it for screen sharing. (I have not tried the Linux app yet) Maybe a rewrite to offload some of the work to the cloud will help. But I'm not holding my breath.
Looks to me like what we need is an identity broker which distributes the database somewhat like a torrent so we can store our public keys in there and maybe get away from the need to associate a real phone number with it. Is there anything in the offing already?
So... if I understand correctly we are going to end up having to browse to skype
So now the browser needs to load a page and then I guess download from the national security agency your entire contacts list as some xml.
xml clearly being brilliant as a compact way of transporting data will not take more than a couple of days for each contact.
Then of course the whole UI will then be some server cack rendered by a browser... probably forcing you to use internet exploder-
I can't see why this would improve voice quality or bring any other benefit over the existing apart from the fact I could then do skype from someone elses machine without downloading it... tbh this is not a feature I have a need for anyway.
Hence Microsoft is able to pitch new or enhanced features as the showcase of the world that awaits users,
Used to be Skype had some really great features.
Then it was brought by Mickey$loth.
Now it's crap.
If I want video calling in my browser, I'll use Firefox's "Hello" thingy.