The thing is. How will Microsoft and Skype handle backdoors now. As far as I understood the reason Microsoft broke Skype so badly was because they used centralised servers with backdoors for countries who wanted them. Not always the good countries.
Microsoft used centralised servers because the Skype prior to that was a curse to mobile devices running on battery power.
Particularly cellphones.
Skype worked as a p2p network, where some peers where marked as super peers and would help with peers behind firewalls (UDP-holepunching), and routing through the super peer. If your phone became a super peer, you could expect to essentially work like a server, with the "benefits" of increased bandwidth usage and power usage. Not exactly what you want as a mobile user.
So Microsoft had to change the architecture (which wasn't designed with mobile devices in mind) into a more centralised approach that could work with mobile devices.
It is difficult to make a p2p app on a mobile device work even between devices on the same LAN.
A simplified explanation: Mobile devices will often ignore almost all incoming network traffic to reduce battery usage. The only way to reliably communicate with the device is through a centralized push notification service (e.g. APN and GCM).
I tried to make a demo app to perform very simple HTTP p2p and found this difficult on iOS. When an app is backgrounded you have ~17 seconds to stop execution or the OS will kill any active threads UNLESS the activity is among the Apple permitted exceptions. (Note that there is no iOS SyncThing app). In Android it is possible to use IntentService as a single threaded background HTTP server. It works for the most part but can be a little flakey. I'm not 100% sure how the OpenGarden SDK accomplishes this but I'm interested. My guess is that it makes heavy use of Bluetooth, which is one of the Apple permitted exceptions to the backgrounding rule.
Why not perform the invoking and setup of the call via a server, but then perform the actual call on p2p once the device is awake and the app on the foreground?
I am not sure why maintaining a TCP connection to Google or Apple is somewhat more battery friendly then maintaining it to your own server, or providing a TCP-server to provide some service for someone else. (UDP is different here)
I am using CSipSimple to my own server, battery usage is the same. Yes this is anecdotal evidence, but one can always check.
One thing that might explain this is that your phone could be pulling data from your computer, rather than your computer trying to connect to your phone to push data to it.
Quit the b/s, will you. It's not difficult at all.
You use a central server to do the discovery and bootstrap the connection between two devices. For each device it looks like they are connecting out. This works for UDP and this works for TCP. It works both for NAT'ed and LAN peers. For the latter it works 100% of time. This is a 10 year old tech. It worked back then and it works now.
We ban accounts that are uncivil like this, and you've done it a lot in the past, though happily not in the recent past, so please just don't do it at all.
I disagree with your assessment of my remark as "uncivil".
If I read you correctly, you seem to have significantly lowered the plank for what you ban people for. What the OP said was a complete factual garbage showing an utter lack of understanding of the subject he is so confidently commenting on. So this was, by any conventional definition of the term, a bullshit. How can this conceivably be a cause for a ban?
The bar hasn't changed. "Quit the b/s will you" was obviously an uncivil slap. If you don't think it is, please adjust your standard to the one that applies here, when commenting here, if you want to keep commenting here.
It's easy to point out that a statement is wrong without being disrespectful, if you want to, and so neither damage the community nor discredit the truth with personal bad behavior. That way we all can learn something.
Perceptions of what's uncivil can vary for legitimate reasons, e.g. differing cultural standards—HN is a highly international community. But for that very reason, we need people to err on the side of being respectful. The alternative leads to wars and ultimately the death of the forum.
I've been on HN for over 10 years. I also spoke with you over email under my real name more than once and I have a very high opinion of how you handle things in moderator's capacity. Which is why I must say that I find these ban threats very surprising, misplaced and disconcerting.
> differing cultural standards
Well, that's exactly the problem, isn't it?
What passes for normal "civil" behavior in countries like States and Canada looks like a completely fake way to express sentiments in other parts of the world. If someone asks "how are you?", they, more often than not, actually want to know how you are, not soliciting the "I'm fine" response.
What I said in the comment you killed I would absolutely not hesitate to say in person. I did not want to point out that his statement was wrong. I had an issue with the fact that he was commenting on things he doesn't appear to understand well in the first place. This was a personal remark, but I'm not sure which format you expect it to be distilled in to be acceptable as "civil".
If we are to reverse the situation, i.e. if it was me who blurted out something equally majestic, I would expect and prefer to be told just that instead of a wishy-washy pretense polite way. To me, coming from one of them "different cultural standards", the latter is a strange and alien way to communicate with others... which brings us right back to your remark about being respectful. Sometimes I'd be blunt when responding to comments I find particularly inane, but I also expect others to be blunt to me if the situation warrants it. Being blunt is not the same as being disrespectful, leave alone "uncivil".
> Then we all can learn something, which is the intended use of the site.
I've always viewed HN as a place for discussion with people of similar interests. Some may indeed learn a thing or two here, just like on any other forum, but stating that it's the intended use of the site is really quite strange.
Yup. The whole P2P and Supernode architecture didn't just fail when it came to mobile devices. The Christmas 2010 outage was also caused by the reliance on supernodes.
Are there any European p2p instant messengers that don't accept non-EU customers? That patent obviously wouldn't apply and it would be a good move to capture a nice market.
Edit: There's https://tox.chat but I have never used it/always forget it exists. Antidote/Antox fas clients for iOS/Android.
It's remarkable that companies can "own" things so fundamental, and obvious in computing--even if they don't actually utilize their IP's.
"Hey guys, I've got a patent for talking from one machine to another over a connection." (Don't give SCO any ideas.)
The purpose of patents was to foster innovation, not squander it.
What if Issac Newton and Liebniz had a "foundation" that owned the rights to every mathematical construct they discovered? How would the world function if we had to pay that foundation fees every time we used Newton's method, or Calculus? It'd be complete bureaucratic hell.
And further, coming from another angle, I bet you money there are prior implementations of P2P chat long before... 2005.
I was working for a large hardware company (I'm not going to name names) that typically files for hardware/firmware patents. There was a push for everyone to file more patents, even from the software teams.
I was working on an app that had graph-like data so we decided to use a graph database...nothing super innovative. My coworker, who apparently had a couple patents, said that we could probably patent this algorithm. I looked at him and said, how can you patent traversing nodes and vertices... that's graph theory 101?!
Big companies try to patent everything because its a metric they can use to show how amazing they are, and acts as blackmail (or cold war). If you sue me, I'll sue you.
> So Microsoft had to change the architecture (which wasn't designed with mobile devices in mind) into a more centralised approach that could work with mobile devices.
As an engineer and software developer, I find this to be extremely unlikely.
If "super-peers" can already route traffic for others, it seems very likely they could simply route all traffic for Mobile users through some "super-duper peer", instead of routing all traffic for all users through some "super-duper peer".
Operators have no interest in being reduced to "dumb pipes" (as the industry calls it). So OP is correct, P2P overlay routing has traditionally caused headaches for network operators traffic shaping. Any P2P tech that reaches this kind of scale would run into serious scalability challenges due to operator throtteling.
If all the mobile traffic is being routed through a single Microsoft-controlled "super-duper peer", then there is no P2P traffic.
Or to put it another way: If I accept the choice is between routing mobile traffic to Microsoft, or no mobile-Skype support, I don't understand how it follows that all traffic needs to move through Microsoft, or no mobile-Skype support.
Because centralized and P2P architecturally are different beasts altogether. It'd be very hard to make a protocol that essentially did both, and centralization covers all use cases, so, as a company, it makes most sense to go with that.
I'm sure there were other reasons involved in the decision, I don't pretend to know them, but from a business perspective alone, you choose one connection methodology and you stick with it. Anything more is wasteful of resources.
> It'd be very hard to make a protocol that essentially did both
They already had a protocol that essentially did both.
Once you have forwarding/routing i.e. what Skype called "super-nodes", P2P is a clear superset of "centralised".
Anyone who says different doesn't know what they're talking about.
> I'm sure there were other reasons involved in the decision, I don't pretend to know them, but from a business perspective alone, you choose one connection methodology and you stick with it. Anything more is wasteful of resources.
I'm not speculating.
I've seen engineers do stupid things that don't make sense; I'm not arguing that there are stupid reasons for it, and I'm not going to argue that there's non-technical reasons for it.
But technical reasons? I don't buy it. I need some convincing: If one protocol (the P2P one) does both use cases, then you don't need another protocol just to handle one use case. That's just not how protocols work.
Very hard is a strong overstatement, nearly as dubious as saying they did it for the backdoors. It was either a license issue, patent issue, or just unwillingness to maintain the P2P code base in face of some features (mobile, conferencing) needing the centralised one too.
> As far as I understood the reason Microsoft broke Skype so badly was because they used centralised servers with backdoors
In fairness, it was eBay that first bought Skype [1] in 2005 centralizing the data. eBay then sold it to a private investor group which Microsoft then bought Skype from [2] in 2011.
Following the Snowden leaks as well as the information from Bill Binney, NSA scoops up the data regardless..
>the reason Microsoft broke Skype so badly was because they used centralised servers with backdoors for countries who wanted them.
That seems like pretty unreasonable tinfoil. There is no reason for Microsoft to want to give information to governments. I assume they don't pay, and the cost is consumer trust. Makes a lot of sense to rearchitect such that you can't give in to government demands.
> That seems like pretty unreasonable tinfoil. There is no reason for Microsoft to want to give information to governments.
No? I don't think you are being fair.
First of all Microsoft is not one mind. There are lots of motivations bouncing around inside that entity, and not all of those motivations are 'reasonable' like you purport to be.
Second, secret court orders get issued to these big companies all the time. You don't know what kind of affordances Microsoft has provided for US and foreign government and intelligence services.
> I assume they don't pay ...
Oh let's not be pollyannaish, any contract work done for governments would be paid work. Cha-CHING! I see dolla signs. $$$
It's infinitely reasonable to distrust large internet companies that gather interesting user data. paule89 just came right out and says what a lot of us reasonable folk are thinking.
Maybe someone at Microsoft's decided it would be more profitable to salvage the Skype name and introduce some real end-to-end encryption just like the competition has. Or, maybe Microsoft is helping the Five Eyes to use Skype + Signal as a big real-world test bed for cracking or weakening Signal's encryption. I mean, it's just impossible to know what's really going on here.
Highly plausible, but I would suggest the reason would more likely be competition than anything else. Right now Skype's biggest competitor is whatsapp which is growing quickly, has end to end encryption and you dont need a skype name and password you've probably forgotten.
If they pay for more access than is required, why wasn't that in the documents Snowden dumped? Instead, we saw the normal court rulings requiring companies to comply with data access requests.
PRISM is/was a small program. "Upstream" programs is the what most should be worried about and goes sort of around companies (and anyone/anything else).
Though, some companies are handed a court order to "share" their data (quarterly, about 80 companies so far). And NSA has standard rates for this.
They don't "share" the data, and the NSA doesn't pay for it. The slides clearly show that the data requests are consumed by the FBI, which is the organization that the companies deal with.
If only consumers cared. As it stands there's very little downside to handing information over to government(s), and I would assume some upsides (back scratching).
Apple might actually be making consumers care in an odd way by making it such a public issue.
Absolutely. I'm just referring to the high profile news around specific events that might have made people think about it briefly. Possibly more effective than any hand wringing we might do.
Without addressing the tinfoilery... ummm... have you ever actually looked at the size of government contracts in the US? They're usually the largest customer any Fortune 500 company has, so large that losing them as a customer would destroy the company. There are a handful of exceptions, but for most companies, they are very much not going to bite the hand that feeds them. If daddy asks for access, daddy gets access. That's one of the reasons I support making ISPs a municipal public utility. Municipal governments will tell the government to pound sand if they don't have a court order with a judges seal. Any private company in the US will only open the door for them and ask if they've had a chance to review their bid on the latest government contract.
>>How will Microsoft and Skype handle backdoors now
Backdoors require quite a few MSFT people with--way more than--FU money agreeing to it. I would bet that something like this would leak. All it takes is one to annon leak a screenshot or a memo
Need to know. Members of the kernel team generally have zero knowledge of what happens in the build lab between the sources and the product that's released to the world.
Totally uninformed comment. Signal the app relies on centralized servers to route messages & discover contacts. Signal the protocol (which is what Skype is rolling out) is a messaging encryption library that encrypts messages on the client using the other client's public key. Central servers (and anyone else in between the two clients) only sees encrypted gibberish, never plain text.
That was my first thought. This is how they kill Signal. It was how they killed Skype. Take a P2P communication system that is difficult to spy on, give Microsoft a big pile of money on the sly to buy it and re-engineer it to be a centralized system and restore spy-ability. It almost seems so laughably obvious as to be childishly unwise to attempt.
How would Signal working with Microsoft to implement the Signal protocol in Skype somehow kill Signal?
Signal (the organization) has worked with other companies, like Facebook and WhatsApp (owned by FaceBook, I know), to implement the Signal protocol on their respective messaging services. It appears that's precisely what they're doing with Skype in this case. It's not like Microsoft is buying out Signal.
But this. This baffles me. Deeply.