I shot this demonstration on Halloween, 31 October 2006, in the offices of TalkPlus in San Mateo, California. The video is uncut, no editing at all, including about five seconds in the beginning of Jeff Black, TalkPlus CEO and founder, warming up. The call is from an unaltered mobile phone. You will see the Jeff send a text message and automatically download a Java program. That app shows his Skype address book, and he clicks on Skype's echo123 acount. For those who don't know it, echo123 is one of Skype's first test accounts. It doesn't have a SkypeIn number, so you couldn't fake access by dialing a PSTN number that forwards to echo123. TalkPlus doesn't have any access to Skype's private SIP gateways. So this demo shows that TalkPlus customers can dial any Skype user by their Skype name.

It also shows that TalkPlus has engineered a server without Skype components that talks to the Skype network as if it were a Skype client using Skype's own language. It will scale to thousands of simultaneous sessions. TalkPlus has no plans to license this technology or turn it into a product. They built it to solve their customers' need to talk with millions of Skype users.

Jeff demonstrates that Skype's protocols have been reverse engineered, and shows unmet demand for a high performance, highly scalable, "headless" or "naked" Skype server.

VoIP Now wrote yesterday that "Skype's closed protocol seems to be ruffling feathers everywhere" as he mentioned Jordan's brief Skype ban.

It's a question of whose feathers are ruffled, I think.

First, you have those protecting economic interests, like phone companies and those who tax long distance calls. They'll get over it when they bring their own rival solutions to market or when consumer demand is overwhelming.

Second, you have those opposed to encryption (and secret speech) in the public's hands, like law enforcement, intelligence and internal security agencies. If they can't kill Skype when it's small, they'll wait for a monsterous event they can blame on Skype's security.

Third, there are people paid to be control freaks who run private networks. It's their job to be skeptical about new things, to protect and nurture their information and communications infrastructure. They get over their anxieties as the true nature of useful tools becomes clear and they learn to bring deployment of new tools under daily and lifecycle management.

For all of these "hostile" parties, Skype's biggest enemies are the apathetic, the millions of people who're saturated to the point they don't want to try new channels of communication.

This is Skype's breakaway marketing challenge in every market. Yes, Skype will compete against other VoIM products, but that's straightforward and more of the same. The real challenge will be getting those who live offline to come online, joining the 21st Century's social fabric, using Skype as they come online. And to convince mobile lifestylers to blend Skype into their communication habits. Both are very hard marketing challenges, like getting tea drinkers to switch to coffee, or futbol fans to embrace chess. Skype is doing its bit with free trials, but it's a long game, just beginning.

Just over a week ago Phil reported that Jordan's telecom regulator had ordered that Skype be blocked. It was a short-lived blockade; the decision has been reversed. According to a report from Middle East North Africa Financial News:

Director of the commission's regulatory department, Al Ansari Al Mashaqbah, confirmed yesterday that the recent decision to block Skype had been reversed.

The official told The Jordan Times that the security issues, cited as the reason for the block, had been resolved.

continue reading.....

Skype Security Bulletin SKYPE-SB/2006-002 reports on a potential risk. Skype fixed it so you may want to upgrade Skype for Mac version 1.5.0.80 or, if you're using the Beta release, to version 2.0.0.3. There are no new features or other bugfixes in this release. Hat tips to Dan Ferris for telling Skype, to Laurie Duncan for posting about the fix.

Jordanians have been using Skype without problems for years. Until now. For example, JRBT wrote "My ISP is Batelco and it does appear to be blocked. I am unable to gain credit for skype out from Jordan I have to get a friend in uk to get it for me."

Researcher David DeBartolo confirms that Batelco blocks Skype as directed by the Telecommunications Regulatory Commission. Presumably for "security." Here's the letter from DeBartolo and the fax from the ISP.

Dear Philip,

My name is David DeBartolo, and I am an American working in Amman, Jordan. I am the chair of a nonprofit organization with colleagues in Washington, London, and Cairo. I have been using Skype to keep in touch with all of them, and it has been tremendously useful -- until two weeks ago.

At that time, I started to have severe interruptions to my Skype service here in Jordan. It is forbidden to access the Skype website, and I have even been unable to make regular Skype-to-Skype or SkypeOut calls. Other colleagues of mine in Jordan have reported similar problems. The problems abated for the last week, but have now returned.

I inquired with our ISP in Jordan, named "Batelco," and they claim that the Jordanian Telecommunications Regulatory Commission has required them to ban access to Skype's website and to its authentication server. As proof they sent me the attached fax that they received.

I called the Telecommunications Regulatory Commission, and they confirmed that they had ordered it banned, for "security reasons" responding to concerns of the government of Jordan. Most folks here don't believe this ridiculous justification; they believe that the state communications companies are upset about losing long-distance customers to Skype.

I've been told that complaints should be directed to the director of regulatory department of the Telecommunications Regulatory Commission, Dr. Al-Ansari. His email address is alansari.almashagbah@trc.gov.jo. The contact information for the commission is on the attached fax; Dr. Al-Ansari's extension is 2300.

I wanted to let you know about this issue because I am furious at the Jordanian government's self-serving decision. I hope that you will get a good blog post out of this, and that you may be able to mobilize Skype executives to officially protest the commission's decision. Jordan has a very close relationship to the US, and if they believe that Americans are upset at the decision, or that international investment will be jeopardized, they may be persuaded to change course. I also hope that you may be able to get Skype technicians working to counter whatever obstacles they have created to using Skype in Jordan.

Thank you for your time and please do not hesitate to contact me if you need any additional information.

Sincerely,

David M. DeBartolo
Fulbright Researcher, Jordan, 2006-2007
Binational Fulbright Commission
Amman, 11185
Jordan

Are you having difficulty with Skype and your ISP? Do you believe the "security" reason for blocking Skype.com?

Absent any immediate threats, and after Monday's conference call with eBay's government affairs people, San Jose State University's University Computing and Telecommunications department (SJSU UCAT) said they will not ban Skype. [correction: it was Skype's government affairs person, not eBay's, on the conference call.]

I wasn't there, but if I were briefing them, I'd be telling them about:

• Skype's value to the University's academic mission. Bringing distant guest lecturers into the classroom, helping students collaborate on projects, improving language study, helping faculty to perform research and develop curriculum, curriculum delivery, sustaining family and social ties that support students far from home.
• Skype's popularity. It's great to make people happy. Skype is a small but growing hit with both SJSU faculty and students. The UCAT office had many calls after the student newspaper's first article. And there's overwhelming popularity and demand for Skype worldwide.
• Little budget effect. Nice that it's free to get and use. Support costs are unknown. No known revenue impact (selling SkypeOut credit at the campus bookstore?)
• Configuring Skype to run through your proxy service to get through the firewall. So Skype clients deal with the firewall in a known and managed way. And so Skype's activity and effect on the network may be monitored. Or shut down, if needed. Linux FAQ. Network administrator's guide (PDF).
• Intel's pilot of an IT-friendly release of Skype. It lets the IT department create a locked-down version of the Skype client. So they could turn off the ability to use Skype's file transfer feature, for example. Or configure all Skype clients to use a campus proxy server. A promise of things to come, and a gesture that Skype is listening to enterprise network managers.

This all happened in public, with lots of nasty name calling and bother. But UCAT's initial choice may not have been reconsidered without all the attention drawn to the decision.

You invite some friends to a party at your home. While at the party, they sublet your home to strangers. You learn this after the strangers are throwing their own parties in your home and moving in, eating your food, dating your wife.

Although the plot is straight out of Madhouse (1990), I'm really talking about San José State University's network managers facing the reality of Skype adoption. In this metaphor:

• the student Skypers are the friends,

• the sublease is the Skype EULA,

• the strangers are the members of the Skype network,

• and side effects are:

  • a new thing to support without any planned budget,

  • unanticipated use of your networks,

  • unknown exposure to various risks on your master list.

This gets trickier when Skype's architecture (a blend of p2p and centralized services) isn't well understood beforehand.

Don Baker and Bob Neal are resisting proven defensive instincts. Before tossing out the scoundrels and locking the doors, they're inviting comment from campus stakeholders and building expertise by bringing an eBay/Skype person to a closed briefing on Tuesday. All the public attention doesn't make it easier to take a measured approach, so these SJSU University Computing and Telecom (UCAT) execs are showing great discipline.

If you want to learn more, and share your thoughts, Steve Sloan is hosting a discussion, open to the public, on Skype in the School of Journalism and Mass Communications (JMC). We'll be Skypecasting it too. I'll see you there.

My take:

1. Everyone is doing the right thing. Students sharing how they are using Skype now. IT managers learning everything they can about the technology, its risks, and opportunities. Faculty and staff researching best practices and comparing notes.
2. Ubiquity matters. The size of the Skype network should earn it a hearing. Telling people to use other "VoIP" products like Wengo or Gizmo, as UCSB did, is like trying to convince everyone to speak in Esperanto to protect the network. As Skype rolls into 200 million users next year, you have a good shot at finding people on the network.
3. Skype builds campus Social Capital and Capacity. A university education, if you do it right, builds social skills you need as a student and depend on in the workplace. Skype is the live, real-time counterpart to blogs, wikis, email, and other social media. Skype is becoming the way to "get things done" with others, the tool of choice for communication, collaboration, and coordination. And with Skype's cumulative history of your contacts and conversations, the more you use Skype, the more effective you are at team building and putting your social networks to use. The choice isn't whether or not to use VoIM on campus; it's mastering how to make the most of it.
4. The rationale against doesn't hold water. You might make effective cases against Skype, but the three points in the proposed policy misapply the University's regulations and policies and misinterpret Skype's license and the way the technology really works.

Five updates to our Monday story by Steve Sloan:

SJSU to grill Skype Security on Tuesday. Bob Neal (the Sr. Director in charge of the networks at SJSU) wrote to a San Jose State University (SJSU) student (who promptly blogged it, of course):

Andrew, we will be having discussions with EBAY (Skype) next week. Network security is not a debatable issue. If EBAY can not resolve our issues, Skype will be banned. Several other universities, including UCSB have already banned Skype. There are several alternative VOIP systems that comply with the Universities security policies ........bob neal

SJSU ban modeled on the UC Santa Barbara Skype ban. Here's the "Skype Prohibited at UCSB" policy (modified 1/30/2006) via the UCSB Office of Information Technology Network Policy and Procedures page. The language from SJSU's proposed policy ("UCAT Operating Practices document describing the reasons and details for blocking Skype," pdf) is lifted directly from UCSB's policy.

Student calls for student action. Andrew Venegas blogs for students to call Bob Neal, passing out his campus email and direct phone number.

"Here is where I am stumped... if network security is not a debatable issue, why are any P2P applications allowed on the networks at all? It would be rather easy to transfer viruses from computer to computer across such open networks. So why ban Skype without debate on the topic? Secondly, why would the University not want student input? After all, aren't they technically student networks?"

Making the case for Skype as Instructional Technology. "Save Skype at SJSU : This is a letter to my colleagues at SJSU." Steve Sloan's points:

1. Skype and podcasting are both useful and popular.
2. Bringing guest speakers and faculty into the classroom.
3. International research and study.
4. Language learning.
5. Keeping foreign students connected with their families.

Sloan frames this choice in terms of the University's educational mission. "In my opinion this will result in our being at a competitive (not to mention technological) disadvantage compared to other institutions of higher learning when it comes to emerging technology, research and collaboration. This act has potential high visibility, given our campus's geography, with potential negative publicity, exposure and fallout. It can affect our relations with our neighbors and potential business partners in a very negative way."

Mainstream Media Catching the Story. Reporter Elise Ackerman of the Mercury News newspaper would like to speak with international students using Skype. Call her via Skype, via email, or by phone at (408) 271-3774.

tags: skype, skypejournal, sjsu, calstate, california, sanjose, sanjosestateuniversity, banning, enterprise, csu, security, web2.0, voip, voim, policy, stevesloan, soapboxprophet, andrewvenegas, blocking, education, distancelearning

Guest blog by Steve Sloan, Information Technology Consultant, San Jose State University.

UPDATE: At the moment, Skype's status remains undetermined and unblocked on the SJSU campus. A UCAT Operating Practices document describing the reasons and details for blocking Skype. (pdf)

Skype is a peer-to-peer (p2p) voice communications, instant message and file sharing program. The recent decision to pull the plug on Skype at SJSU (has it been implemented?) may be a classic example of command and control (Web 1.0 thinking) versus collaborate and communicate (Web 2.0) technologies and principles. According to one person I spoke with in the networking department of the university's computer center, "the issue that caused the decision to kill Skype is that Skype communications are encrypted." But, other protocols like SSL, SFTP and SSH are allowed and are encrypted. These protocols could be also used to do evil things. There is no discussion I know of to block these communications and they are used a lot on our university's network. Also IPSec and Kerberos are protocols used used on the SJSU network. These protocols are also encrypted and supported by SJSU. Should we also kill them? Do we want to have to make credit card transactions in clear text?

Yes, there have been past concerns about Skype. But, these concerns may be over blown. Oxford University, which had banned Skype, in fact recently lifted its ban on Skype.

continue reading.....

• Hostel stay comes with Skype.
• Free Comverse Klonie avatars for Skype. One more erased barrier to adoption. It's good that Skype continues to experiment with offers and prices in eCommerce.
• McAfee security products get Skype Certified. Co-marketing, revenue sharing, hoping McAfee's saftey brand notes wash off Skype's piracy brand notes.
• Live video special effects. ManyCam works with Skype, MSN Messenger, and Yahoo!
• Bob Crabtree reviews the D-Link Skype USB Phone Adapter DPH-50U. "Judging by our experiences, a more honest strategy for D-Link would be to pull the product completely off the UK market until it is able to introduce a version that works with modern DECT phones in something approaching a reliable fashion." Ouch.
• Windows Live Spaces launches with gadgets and social networking. Microsoft's blending of their blog and voice social spaces brings their slow and fast worlds closer together. Personal digital identity is the common thread, something shared by eBay/Skype, Yahoo!, Google, and AOL. They build strength by (a) having more places to use your own ID, (b) the convenience of managing contacts in one place, and (c) the large directories that improve your chances of finding someone the first time you look. Stand-alone VoIP networks are at a disadvantage, so I expect lots of M&A activity by this time next year.

The VoIPWiki Blog reports a Chinese firm reverse engineered Skype's communications protocol. It allows Skype-to-compatible softphone calls.This is credible; I've talked with a member of the team that built a Skype-compatible softphone. They hope to go public by month end. We're eager to discover if they will publish the protocols, offer Skype-compatible consumer software, offer Skype-compatible engineering products to other developers, sell their firm to a bigger company, or simply offer consulting services.

I've also used a demo version of software that crawls the Skype cloud, downloading profile data. From another group. This is not "the Skype database" but the natural white-page listing that all users put in their public profile. Skype's servers, and the financial data kept there, are not touched by this system. Screenshots:

Both systems build on detailed knowledge of Skype network parts not on Skype's servers.To build a Skype-compatible client, they had to figure out:

• how to see and navigate through the Skype cloud, to find a Skype client.
• publish their own client's profile into the Skype cloud, so a Skype client could find them
• negotiate starting the call session, including encryption and

Publishing the Skype calling protocol would create new opportunities for products and developers:

1. Third parties can build Skype connectivity into their own software, no longer requiring an official Skype client.
2. It may open up creation of Skype-compatible server software. So your salesforce system could IM you.
3. It could open up Skype to PBX integration. So you might preserve Skype identity, authentication, encryption, and presence while routed through an Asterisk server.

The profile probe is a slightly different issue. In this case, software that mines the Skype cloud for profile data is working with "dirty data." The collection is unverified, often clearly faked (an unbelievable number of people live in Antarctica), old, and incomplete. It does have some gems. Correction: The cloud has email addresses, hidden in the Skype user interface but used to locate friends. The cloud has email addresses, but they are hashed and not human readable. 

I'm not sitting at the management table, but Skype has several choices.

Open. They're already on the path to opening up more of their apps at the API level. Skype could embrace this at the protocol level too. This is the hardest thing to do, but may pay off in the long run. Exposing these protocols is the only way for the Skype network to become an industry standard. And it would put Skype in a position of leadership the way Microsoft is for dot net, Sun is for Java, and Adobe is for Flash.

Switch. Skype could change the protocols, breaking the new software. This is a costly and temporary solution; tricky but doable. Replacing Skype clients for updates is hard enough; getting everyone to migrate could kill the brand love. It won't be long until the Chinese engineers figure out how to get in again.

Quash. Skype might try to blow out the startup's fire. eBay has a powerful combination of PR, lobbyists, litigators, and business allies. Even in China. Skype could try to accuse the startup of piracy. My guess is Skype will tread litely. These tactics rarely work in China and often tarnish the reputation of the outsider applying the pressure.

Ignore. Skype has enough to do. Wait and see.

Invest. Buy the team, put them to work. 

Jim Courtney says technology does not a brand make. It takes quality control, aesthetics, user experience, customer services, an ecosystem of ancillary products, and integration with other systems. Skype's and eBay's marketing are a higher barrier to entry than technology.

Skype personnel were not available for comment. Hat tips to 9Skype, Jan Geirnaert in Malaysia and Lee Dryburgh in Austria.

Technorati Tags: skype, ebay, skypejournal, security, privacy, compatibility, ecosystem

Declan McCullagh breaks down the FBI's new Net-tapping push. Requiring manufacturers of VoIP systems (including Skype) and IM (like Skype) be as tappable as your plain old telephone system. I suppose it comes down to trust, your world view, and how you balance risks with freedoms.

Law enforcement, for example, keeps pressure on legislatures to widen authority, at the expense of citizen privacy, in the name of being efficient and effective. They form an organized lobby putting safety over liberty. Do you know of lobbies that push back the other way?

Laws makers are aware that the threats are personal. For example, this bit from the official site of Ohio Senator Mike "Coingate" DeWine (R-Ohio):

NOTE: Due to heightened security restrictions in the Senate office buildings and elsewhere on the Capitol complex, mail addressed to members of Congress continues to be significantly delayed. Mail addressed to my office must now be sent off-site for irradiation treatment and other preventative measures to ensure safety.

Those wishing to quickly contact my office are encouraged to correspond by telephone or fax. Thank you for your patience and understanding.

Senator DeWine will introduce the FBI's bill. If you're a U.S. citizen, Skype him to say the new CALEA extensions are over-the-top and intrusive. Or that you don't mind being spied on. Here are his public phone numbers. If you click them, you'll dial straight from Skype, free in the US:

• D.C. Office: (202) 224-2315
• Xenia, Ohio: (937) 376-3080
• Cincinnati, Ohio: (513) 763-8260
• Cleveland, Ohio: (216) 522-7272
• Columbus, Ohio: (614) 469-5186
• Marietta, Ohio: (740) 373-2317
• Toledo, Ohio: (419) 259-7536

This is an election year for DeWine. He is running for reelection against blogging Congressman Sherrod Brown (D-Ohio). If you think privacy and freedom should be a campaign issue, Skype Brown's campaign office at 440-282-3314 or his congressional offices: Lorain County (440) 245-5350, (440) 365-5877; Summit County (330) 865-8450; and his Washington Office (202) 225-3401.

Does making phone numbers clickable (click once to call) make you more likely to call, just for the convenience?

Jaanus from the Share Skype blog warns about a two month old test version of Skype for Macintosh with video floating around. Buggy as all get out, hurtful, dangerous to your data, etc. Don't touch it and get your Skype software from Skype.com. Hat tip to John Maas.

Skype on your razr?
incompatible today.
SoonR might do it.

Net neutrality
astroturfed, lobbied and shelved
telcos win again

fcc taxes Vonage
maybe SkypeOut too
Save the Internet!

pick friends well, Yahoo!
AT&T messenger
now with NSA

Supernova word:
people Curate their passions
a new meme rises

Calls in US free
June promo: call the world free.
Skype teases America

Censor carefully:
Global Online Freedom Act.
Do you read Chinese?

Packard-Bell laptop
push keyboard to call
or answer the phone

Phishing in Skypeland
Suckers waiting to be fleeced
Study the handbook

A letter from a concerned reader:

Hi. My company has blocked the use of Skype on our company computer network (becuase of pressure from the national phone company here). When I try to launch Skype, a message pop-us saying "This application has been blocked!" Is it possible to avoid this block? Can Skype be used through a website or does the application actually need to be launched? Are there other VOIP or telephony programs which work from websites or otherwise don't need a separate application to be launched on the PC?

One at a time:

continue reading.....

I'm sat in the Internet cafe in Stockholm Arlanda airport burning my last few Krona coins. Fighting with a Swedish keyboard brings back fond memories of being a code monkey in a Norwegian bank a decade ago. Anyhow, in my hotel and here I've noticed that the both seem to be using some kind of transparent proxy. If a web page doesn't load right, and a duff version is cached, you need to shift-refresh to force the 'no cache' option on.

continue reading.....