What Really Caused Skype’s Worldwide Outage?
UPDATE 3-1-2011: Skype eventually posted a detailed explanation here, which satisfied most of my previous doubts. This post has been kept as a historical reference.
Millions of people around the world use Skype to make cheap phone calls over the Internet. That’s why when their service went down for two days last week, it made headlines all over the world. The outage was reported to have started on Wedneday, 22nd December at 9am PST (Thursday 23rd December 4am here in Sydney).
I am also a Skype user and both my Windows client and Android client on my smart phone reported my status as being offline, with none of my regular contacts visible. It went back to normal for me when I logged in on Friday morning.
Skype’s Official Explanation
On Skype’s blog, their official announcement stated:
“Under normal circumstances, there are a large number of supernodes available. Unfortunately, today, many of them were taken offline by a problem affecting some versions of Skype. As Skype relies on being able to maintain contact with supernodes, it may appear offline for some of you.”
What is a Supernode?
For those that don’t know what a supernode is, any computer that is running the Skype client can be automatically appointed a supernode, in which it acts like a hub and helps other nearby Skype users to find each other. The reason for this is due to the fact that some of Skype’s functionality is decentralised, using a Peer-to-Peer (P2P) topology. so having supernodes improves the efficiency of network communication. Computers with broadband connections that are not behind firewalls are likely to be chosen to act as supernodes.
Why I don’t believe Skype’s Official Explanation
I do not believe Skype’s explanation for the following reasons:
- As far as I know, all users were affected around the world, not just “some”
- If the problem was limited to a single defective version, you would only expect some contacts to be unreachable, not all of them
- If the problem only affected some versions of Skype, all the other clients running the good versions would still be able to operate as supernodes, allowing Skype to function
- Why would the problem hit so many systems at once, at the same time? Surely, they are not implying that millions of people around the world suddenly switched to defective versions! Something must have triggered it
My Alternative Theory
If I were to make a guess at the cause, it looks more like a carefully planned Denial-Of-Service attack. A malicious person may have found a weakness in Skype’s protocol or software, obtaining a list of IP addresses of all supernodes who were on the network at that time, and then sending those supernodes specially crafted data to cause a software failure.
Perhaps their protocol has little or no redundancy to protect against supernode malfunction, i.e. all the skype users known to a single supernode will be lost to the rest of the network if that single supernode fails. This would not happen if the system were designed so that each user is registered with two or more supernodes.
The motivation would be to cause Skype embarrassment at Christmas time, when many people are making long-distance phone calls to relatives, friends and business associates. The perpetrator could be a business rival, online extortionist, or simply some troublemaker with nothing better to do with their time. It is known that Skype is trying to attract large corporations as clients, and an outage of this scale would really cause people to lose confidence in the reliability of their platform.
This is just speculation on my part. I have no direct knowledge of the Skype protocol, and I have no evidence of foul play, but I sure as hell do not believe Skype’s explanation.
Stop Internet Censorship in Australia
Filed under: Australian News, Australian Politics, IT News
The Australian Labor Party Senator Stephen Conroy, Minister for Broadband, Communications and the Digital Economy, has put together a plan to censor all Internet traffic in Australia with the stated intention of protecting children from pornography and blocking “illegal material”.
It is my opinion that this plan is completely unnecessary and serves merely as a distraction from the real issues affecting our country at this point in time. It is also a huge waste of money, with $44 million being budgeted in this financial year alone, with more to be spent in the following years.
The are a number of readily available options available today to concerned parents. These include PC software packages, routers with in-built filtering, and Internet Service Providers who offer optional filtering services on a per-account basis.
Australians will not be able to opt out of this scheme – we will only be able to choose between a ‘child-friendly’ setting or an ‘illegal content’ setting. What is illegal or child friendly will of course be determined by the government. It has not been discussed how one would get an incorrectly blocked site removed from the list.
The adoption of Conroy’s plan will result in web browsing being slowed considerably due to the overhead of filtering.
Filtering technology is known to be highly ineffective. A recent Tasmanian trial showed that a significant number of innocent pages were falsely blocked, and similarly, a significant number of ‘child unsafe’ pages (1 in 13 clicks) got through.
Apart from the inaccuracy of the filtering, its overall impact is highly limited – it appears that the filter will only be applied to HTTP (web) traffic. P2P networks such as BitTorrent will not be filtered. Even the HTTP filtering can be easily bypassed using any number of off-shore anonymous proxy servers and VPN gateway.
If you don’t want Internet censorship forced upon you, contact your local Federal MP and let them know. If you don’t know who that is, this site should help:
http://apps.aec.gov.au/esearch
And if you want to complain to Senator Conroy, here is his contact page:
http://www.aph.gov.au/senate/senators/homepages/senators.asp?id=3L6
The following sites are leading the campaign to oppose the filtering scheme and have detailed information:
http://nocleanfeed.com/
http://www.somebodythinkofthechildren.com/
Was Yahoo Mail Hacked by Chinese Spammers Over the Weekend?
This morning, a colleague at work reported that someone had broken into his online Yahoo mail account over the weekend and sent a single spam email to all the people in his contact address book. The message advertised a website and asked people to buy the spammer’s goods.
He asked me to help work out how his account had been compromised.
The spam message remained in his sent box, so I examined the full headers. After doing a reverse lookup of the IP address, I found out that it was sent from a host located in China.
After doing a google search, I discovered that at least one other person had their account misused in the same way – as reported in this post on Yahoo answers dated 22nd August.
So far, I have not found any media coverage of any incident, so I am wondering how widespread this problem is. If you or anyone you know has had their Yahoo mail account misused in this way, please make a comment. Also, don’t forget to report this to Yahoo support.
DSD Offers Pittance for Australian Cyber Defence
If you were a top notch IT security expert living in Sydney, would you be enticed by a job offering $52,000-$72,959 in remuneration so you can be subjected to a gruelling interview process that involves digging up your past, being analysed by shrinks, and if you succeed, having to move to Canberra to get bored out of your brain?
The Australian Department of Defence thinks so!
A short while ago, I logged into my gmail account and noticed a banner ad that really caught my eye
“DSD Tech Security Jobs – www.dsd.gov.au – Malicous IFRAMEs? Heap overflows? You’ll love what we do.”
The Australian Defence Signals Directorate (the equivalent of the American National Security Agency), who are a division of the Department of Defence, is recruiting experts to work in Cyber Operations.
The following is quoted from their FAQ:
I’m not sure what level I should apply for, what should I do?
If this is the case, you should apply for all three levels. If you are a successful applicant you will be offered an APS Position (APS 4-6) commensurate with your performance during the selection process. If you only wish to apply for a specific level, you must clearly state this on your application form.
The current salary ranges are:
APS 4 – $52 009 – $57 094
APS 5 – $58 009 – $62 135
APS 6 – $63 550 – $72 595
These rates will increase by 3.1% on Christmas day (2008). Superannuation is in addition to this!
We will be holding assessment centres in Canberra during the week of 8 September. The 2 day process will involve an individual technical assessment and interview, some group based exercises, some paperwork and an interview with our friendly psychologists. Don’t stress too much.
What other benefits are there in working for DSD?
- Generous superannuation (15.4%)
- Free gym
- Free parking
- Opportunities to salary package
- Flexible working conditions
- Generous study provisions and developmental opportunities.
OK, I was a bit too hasty – there is free parking, as we all know about the terrible shortage they have in Canberra. The gym is also good – when you’re bored of Canberra life, you can vent your frustration by pumping iron. Oh yes, and the job is secure.
But seriously, it troubles me that the sort of people are prepared to work for peanuts are going to be on the front lines of our country’s cyber defence. I know a number of programmers in Sydney who get over $90,000 (plus super) for far more trivial activities.
Furthermore, when I think of true security experts, I think of reformed hackers, like Kevin Mitnick and Kevin Poulsen. Would they pass a security clearance?
Of course, there may be a reason for the low pay. Perhaps our country is not really under threat, and the job consists of merely watching packet dumps scrolling down a monitor or playing network computer games? I really don’t know – it’s all classified.