Why eBay Should Open-Source Skype
eBay is not going through the happiest of times. Not only has it found it necessary to make 1000 people – 10% of its workforce – redundant, it has had to own up to a serious breach of trust with its Internet telephony program, Skype. As the report from the Citizen Lab, Munk Centre for International Studies, the University of Toronto explained:
Here we have a major software tool used to make telephone calls and send instant messages over the Internet, advertising secure end-to-end encryption, and widely touted by activists and dissidents as a safe way to communicate sensitive information, logging sensitive keywords and uploading entire transcripts of conversations to servers in China, which themselves are insecure. How insecure? Villeneuve was able to view, download, and archive millions of private communications, ranging from business transactions to political correspondence, along with their identifying personal information. Although some have mooted that Skype is equipped with a backdoor for intelligence, and that TOM-Skype in particular contained a Trojan Horse for the Chinese government, the company publicly denied these suspicions. Villeneuve’s research definitively shows these denials are untrue. Although Villeneuve’s trail runs cold at the doorstep of eight TOM-Skype servers in China, the underlying purpose of such widespread and systematic surveillance seems obvious. Dissidents and ordinary citizens are being systematically monitored and tracked.
Many of us in the free software world found it hard to suppress a wry smile when reading this: for this is precisely the problem you would expect with closed-source software, hidden within its impenetrable black box. Had Skype been open source, it would have been much harder to hide code that monitored users' conversations.
So here's a thought for eBay: why not open-source Skype and its protocols?
There are many advantages. First, it would largely avoid nasty surprises of the kind that China provided (Skype said that the snooping occurred "without our knowledge or consent".) It wouldn't be possible to prevent the code from being modified, but at least it would be obvious when it had occurred, and users could either avoid the program – or avoid saying anything that might get them into trouble when using it. At the moment, only eBay can police the code; by opening it up, it would allow anyone to check what was going on, making it easier to spot problems early on, and relieving eBay of that particular burden.
Releasing Skype as free software would also make eBay highly-popular with the Free Software Foundation, to say nothing of millions in the free software world. Just recently, the FSF released its list of “High Priority Free Software Projects”, number 3 of which was a replacement for Skype:
Skype is a proprietary Voice-over-IP program that uses a proprietary protocol. Skype is seducing free software users into using proprietary software, often two users at a time. We do not want to encourage the creation of a Skype compatible client, but instead, we want to encourage you to create, contribute to, or promote the use of free software alternatives to Skype, such as Ekiga, and to encourage to adoption and use of free VoIP, video, and chat protocols such as SIP and XMPP/Jingle.
A free version of Skype itself would be a much better solution: there are already hundreds of millions of Skype users out there, and the prospects for converting many of them to a free alternative like Ekiga are not good. And introducing a rival standard would split developer effort. Far better for everyone to unite behind a completely free and open version of Skype.
Ddoing so would lead to yet another major benefit for eBay: it would suddenly find itself aided by hundreds of willing coders who could improve the program far faster than eBay itself. And at a time when it is cutting back on staff, it needs all the help it can get.
The great thing about opening up Skype is that it wouldn't affect its business model, which is already based on giving away the code, albeit in a closed form. Money could still be made from the outbound calls from Skype to ordinary phone lines. But freeing Skype completely would encourage wider use of both it and its protocols as an entire ecosystem grew up around them, leading to more users, and more opportunities to sell them subscriptions or pay-as-you-go plans. The only thing that eBay would lose are some of its problems....
Glyn Moody writes about open source at opendotdotdot.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Varnish Software's Hitch
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide