« Dell follows in CA's footsteps | Main | Geek test »
Skype stumbles into the security big leagues
Skype today was forced to publish a clarification to its justification for last week's service outage.
The company implicitly blamed Microsoft for crashing the service, because it's monthly update forced users to reboot and sign into Skype.
The message was clear to the press and bloggers: Skype was trying to shift blame for the embarrassing crash to a company that has served as the world's whipping boy for over a decade.
Today's clarification finally provided a (somewhat) detailed report about what happened. It's wasn't so much a denial of service attack. Instead Skype was unable to recover from the loss of a large amount of so-called "supernodes", regular users who essentially act as a central server in the Skype's peer-to-peer model.
Skype called these problems onto itself with its poor management of the whole incident. Information was released piecemeal, and there didn't appear to be a clear policy regulating what should be released. Skype furthermore appears to be the only company that issues security bulletins on its blog.
Microsoft by contrast has some experience with plugging security holes, and has the whole system down to an art. That's one reason why, when it looked like Skype was blaming Microsoft, few people believed it.
Spanish
Post a comment