Skype replaces P2P supernodes with Linux boxes hosted by Microsoft (updated):

Microsoft has drastically overhauled the network running its Skype voice-over-IP service, replacing peer-to-peer client machines with thousands of Linux boxes that have been hardened against the most common types of hack attacks, a security researcher said.

The change, which Immunity Security’s Kostya Kortchinsky said occurred about two months ago, represents a major departure from the design that has powered Skype for the past decade. Since its introduction in 2003, the network has consisted of “supernodes” made up of regular users who had sufficient bandwidth, processing power, and other system requirements to qualify. These supernodes then transferred data with other supernodes in a peer-to-peer fashion. At any given time, there were typically a little more than 48,000 clients that operated this way.

Kortchinsky’s analysis, which has not yet been confirmed by Microsoft, shows that Skype is now being powered by a little more than 10,000 supernodes that are all hosted by the company. It’s currently not possible for regular users to be promoted to supernode status. What’s more, the boxes are running a version of Linux using grsecurity, a collection of patches and configurations designed to make servers more resistant to attacks. In addition to hardening them to hacks, the Microsoft-hosted boxes are able to accommodate significantly more users. Supernodes under the old system typically handled about 800 end users, Kortchinsky said, whereas the newer ones host about 4,100 users and have a theoretical limit of as many as 100,000 users.

“It’s pretty good for security reasons because then you don’t rely on random people running random stuff on their machine,” Kortchinsky told Ars. “You just have something that’s centralized and secure.”

Kortchinsky discovered the Linux supernodes using a Skype probing technique he and colleague Fabrice Desclaux first demonstrated in 2006. (PDF versions of conference presentation slides are here and here.)

Kortchinsky’s discovery comes as Microsoft said it’s investigating recent demonstrations of an exploit that exposes the local and remote IP addresses of users who are logged in to the service. The attack reportedly relies on the open-source SkypeKit package.