This impregnability has been taken for granted ever since Skype was founded in 2003, since when it has always been famously cagey about expanding on exactly how its VoIP security worked. What was apparent was that it used a peer-to-peer design built on super-nodes (often well connected PCs in business networks) that dispensed with the need for central servers, nixing the possibility of either Skype or government eavesdropping on its encrypted content.
Or so it was thought until a New York Times article last week reported that the firm had hatched something called 'Project Chess' as far back as 2009. This was a committee of a few executives tasked to look at how official access to the Skype data fortress could be made easier, both legally and technically. Importantly - and this is no mere detail - this happened before Microsoft took the firm over in 2011, amplifying the suspicion that even before it was subsumed it had, pragmatically, decided to make eavesdropping easier.
As the NSA sought to catch up with the digital era, Skype turned because Skype needed to turn. It was time to grow up technically and embrace the man.
We can say that the super-nodes and peer-to-peer design is, under Microsoft, long gone. Skype is still an encrypted channel but one that now runs through the firm's data centres.
According to public comments made in recent days by Skype lead architect Matthew Kaufman, the super-node design was potentially unstable because it had no control over important nodes crashing, which had occurred on two occasions to the detriment of Skype's global operation.
The re-engineering was also to allow the service to scale as the software embedded itself beyond the PC where it had hatched a decade ago, that is on a billion mobile devices.
“...what is driving Skype to move not just the supernodes but actually many other parts of our calling and messaging infrastructure "to the cloud", and that is the amazing growth of mobile and tablet computing,” said Kaufman.
“The Skype peer-to-peer network, and many of its functions (such as instant messaging) was built for a world where almost every machine is powered by a wall socket, plugged into broadband Internet, and on for many hours a day.”
Running the software in P2P mode any mobile device into a “battery-powered hand-warmer.” The traffic required to keep a node up and communicating with those around it was simply no longer possible away from a power cord.
“How do we solve that for our users? Servers. Lots of them, and more and more often in the Windows Azure cloud infrastructure.”
These arguments sound plausible and from them we can say that Project Chess was about embracing the inevitable requests that would arise once the data centre model had been enabled.
The problem is that this still leaves the exact nature of the surveillance regime in Microsoft's data centres unexplained despite Skype allegedly having joined the hugely contentious programme in February 2011. Microsoft has since said it allows access when “we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”
What emerges from all this is a heap of suspicion for a list of Silicon Valley firms, now including Microsoft and Skype. But that won't stop millions of people using it without a care in the world even if its image for privacy is history.
Find your next job with techworld jobs