[superkuh]

Skype security has been flawed ever since that series of odd buyout events that led to the sudden removal of end-to-end encrypted peer to peer operation.

First eBay bought what they thought was Skype but instead was only the license to the branding and users and not the p2p backend tech the swiss guys still owned. Then Microsoft stepped in out of nowhere to take the useless brand from eBay and the actual backend only to promptly throw away the entire backend and move to a centralized unencrypted model.

[colmmacc]

Skype's founders are Danish and Swedish, and the business had offices in London, Luxembourg, Estonia (well that's Blue Moon, where the p2p was developed) and more.

I'm not sure how much diligence Ebay ever did on their purchase of Skype, but it never seemed to me like they had a credible business plan for what to do with it. Something something about integrating with sellers. Felt more like the leadership there suffered from some Bay Area strategic acquisition envy. I remember being on painful calls with Ebay and Skype engineering who had very different ideas of how infrastructure should be deployed.

Anyway, Ebay spun off Skype (at a loss) to private equity ... not to MS. Skype floated around in PE for a few years before the (enormous) MS purchase. MS promptly put Skype in an advertising division of all places. I've heard rumors that the DoJ encouraged MS to make the acquisition ... to get Skype calls in the hands of an entity that would be more favorable to lawful interception requests. MS certainly has a painful history with the DoJ, but I really don't know if it's credible or not.

[easytiger]

My understanding, potentially flawed, was that the eBay purchase was so poorly overseen, that eBay didn't buy the Skype IP itself, retained in another company thus giving a neutered failure of a deal

[dragonshed]

They gradually removed[0] the peer to peer operation because it sucked - quality was bad, calls dropped, outages, bad mobile support.

[0] https://arstechnica.com/information-technology/2012/05/skype...

[fsflover]

Or for another reason:

https://news.ycombinator.com/item?id=18411779

[lern_too_spel]

Snowden's leaks showed that Skype allowed governments to wiretap its video calls since at least 2010, when those wiretaps were ingested into PRISM. That is before the Microsoft acquisition.

It amazes me that people parrot this conspiracy theory without doing 5 minutes of Google searching first before making themselves look silly.

[BiteCode_dev]

That's now how I remember it.

I used skype before I had ADSL, and was amazed at the quality.

After MS bought it, I noticed a drop in quality, as well as an increase in reports of said drop online.

[pulse7]

Quality was not bad, calls didn't drop, no outages, good mobile support. Because it's p2p couldn't be hacked, it was replaced.

[vetinari]

Quality was good and calls didn't drop, but the mobile support was poor. The original design assumed that it can use both cpu time and bandwidth of peers, and that isn't very good for devices on battery and metered data plans.

[mycall]

Maybe if data caps greatly increase with 5G, something p2p like Skype would could be retried.

[duskwuff]

And it meant that random users' computers were being drafted into running a supernode and relaying traffic for other users, without permission or even any notice. Not only did this consume CPU time and bandwidth on the affected users' computers, but it also put anyone running a supernode in a position to observe and tamper with network traffic between other users.

[inetknght]

Isn't that the point of having end-to-end encryption? I know Skype doesn't have that but perhaps that would have been a different solution

[duskwuff]

End-to-end encryption reduces what an attacker in this position would be able to do, but it doesn't make the situation safe. Even if they can't observe or directly tamper with the data they're relaying, they can still observe metadata, like who the peers are and how much bandwidth is being relayed. Even just measuring the pattern of packet sizes can be disturbingly revealing:

https://www.cs.jhu.edu/~cwright/oakland08.pdf

Besides, end-to-end encryption doesn't do anything to allay concerns about abuse of users' resources.

[nelaboras]

Skype was Estonian, not Swiss.

[harryf]

Also Swedes (hence the Swiss mistake here)... https://en.wikipedia.org/wiki/Skype

> First released in August 2003, Skype was created by the Swede Niklas Zennström and the Dane Janus Friis, in cooperation with Ahti Heinla, Priit Kasesalu, and Jaan Tallinn, Estonians who developed the backend that was also used in the music-sharing application Kazaa. In September 2005, eBay acquired Skype for $2.6 billion.[11] In September 2009,[12] Silver Lake, Andreessen Horowitz, and the Canada Pension Plan Investment Board announced the acquisition of 65% of Skype for $1.9 billion from eBay, which attributed to the enterprise a market value of $2.92 billion. Microsoft bought Skype in May 2011 for $8.5 billion. Skype's division headquarters are in Luxembourg, but most of the development team and 44% of all the division's employees are still situated in Tallinn and Tartu, Estonia.

[throwaway888abc]

Curios, What happen to founders ? Is there any product based on original Skype p2p tech ?

[jacobush]

Didn't MS get money from the DoD at the same time?