I knew this was going to happen eventually, so six months ago I signed up for Secunia security email alerts, in the knowledge that one day, something bearing the name Skype would come in. Such an alert did arrive, two minutes after I left the office yesterday highlighting a buffer overflow vulnerability rated as "highly critical," Secunia's second-highest rating. This, just hours after my post on how dramatically the traffic is growing. Later, the Skype-Siemens USB adaptor phone project felt the steely prick of Om Malik's poison pen, as he revealed that no version will be available in the US market.
Three takeaways from this news so far:
- The buffer overflow vulnerability revelation may make Skype a harder sell into the corporate space, and seems to validate Popular Telephony's concept of switching off the firewall traversal feature for the enterprise version of Peerio. How many of Skype's user base are currently using the software illicitly on company/university/institutional systems?
- The lack of availability for the USB Gigaset for Skype in the US market may dilute the Skype message in the US market, but in Western Europe, where DECT phones are nearly ubiquitous in homes, by my reckoning, the relative exposure of the PTTs to Skype substitution is probably greater than for the US carriers, at least for the time-being.
- It will be interesting to see if there is any visible impact on adoption or usage of Skype in the wake of yesterday's vulnerability news. Perhaps coincidentally, this morning a new reader (apparently Italian) has wandered into my site for the first time. The search query which led them to me was one which I have never seen before - "http://www.google.com/search?sourceid=navclient&hl=it&ie=UTF-8&q=%22alternative+to+skype%22"
UPDATE: Andy Abramson rightly points out that the company took its time in getting the news out, and also highlights the importance of the blogosphere in shaping opinion in situations like these.