Skype, VoIP security, and why service providers are needed for VoIP

* Skype discovers security flaw, hacks to follow?

Last week, Skype announced that it had discovered a flaw in its free VoIP software that could potentially allow hackers to wreak havoc with a Skype user's computer. For the more details (including a link to the software patch), please click see the Network World story "Skype patches critical flaws".

Fortunately, the company has released a software update to fix the problem and noted that there were no known destructive programs, so Skype's proactive release would solve potential problems before they became an issue for users. 

We take note that over the past few months some industry observers have claimed that "free VoIP" will spell the demise of traditional voice service providers.  However, we suggest that peer-to-peer software programs such as Skype that create a VoIP infrastructure are actually a reason FOR service providers to succeed - especially for business users. 

For example, Mike Hluchyj, founder and CTO at Sonus Networks recently pointed out at the Next Generation Networks conference that he wants a service provider to make sure that software programs such as Skype are secure and that they provide the quality of service he expects with his voice calls. And equally important, Hluchyj pointed out that he wants a person to call to fix the problem if something goes wrong. 

We'd also like to observe that although Skype hasn't experienced any hacker attacks to date, the likelihood of attacks grows as Skype's success grows. With more than 185 million downloads, Skype's success could make it a target for attack much like hackers prefer to attack Microsoft Outlook rather than more obscure e-mail programs like Eudora. And while most Microsoft users are accustomed to check for "critical patch" updates each time they log on to their personal computers, we're not sure the same comfort level or user discipline applies to Skype. 

Is the "frequent security update" model a reason to change the way we use peer-to-peer programs like Skype, or is it a reason to have a service provider in the middle to guarantee network integrity?  Which would you choose?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10