Policy on Skype

Skype is a popular application for Internet telephony (Voice over IP, or VoIP for short) allowing you to make long distance telephone calls from your computer to other Skype users for free or at low rates to traditional telephone numbers. Due to growing concerns about its impact on our network, the ITS Security Office is currently blocking the use of Skype on certain segments of the campus network including the School of Dentistry and the School of Medicine.

Skype was designed by the creators of Kazaa, one of the file-sharing programs banned on our network, and was acquired by ebay. Use has been growing rapidly with currently over 100 million registered users and over 6 million concurrent users. Since Skype uses your computer and the UNC network to make these calls, it has raised some red flags for ITS. At a HIPAA security meeting, the following concerns were raised about this product:

  1. It can use high-bandwidth computers (e.g., computers on the University network) as super-nodes meaning your computer could be used for others’ telephone traffic.
  2. It can eat up the University network bandwidth making our whole network an Internet version of the world’s telephone company.
  3. It has similar behavior on the network to a Trojan and thus makes detecting real attacks more difficult for the security people.
  4. The service runs all the time on your computer unbeknownst to the user, is difficult to shut down and definitely can make your computer slower.
  5. It opens ports 80, 443 and a random port making your computer vulnerable to exploits of these open ports. Several security updates have been needed already for this product.