6 Aging Protocols That Could Cripple the Internet

From BGP to SSL, several Internet protocols are no match for today’s malicious hackers -- and should be replaced

6 aging protocols that could cripple the Internet
Kheng ho Toh

Internet protocols on the brink

The biggest threat to the Internet is the fact that it was never really designed. Instead, it evolved in fits and starts, thanks to various protocols that were cobbled together to fulfill the needs of the moment. Few of those protocols were designed with security in mind. Or if they were, they sported no more than was needed to keep out a nosy neighbor, not a malicious attacker.

The result is a welter of aging protocols susceptible to exploit on an Internet scale. Some of the attacks levied against these protocols have been mitigated with fixes, but it’s clear that the protocols themselves need more robust replacements. Here are six Internet protocols that could stand to be replaced sooner rather than later or are (mercifully) on the way out.

BGP: Border Gateway Protocol
Wikimedia

BGP: Border Gateway Protocol

BGP is used by Internet routers to exchange information about changes to the Internet’s network topology, making it one of the oldest and most crucial Internet protocols. It’s also among the most fundamentally broken, built at a time when Internet peering was based on little more than mutual trust. With a little work, Internet routing information can be poisoned with bogus routing information, aka BGP spoofing.

Such spoofing has happened before, many times. The resulting disaster is usually obvious enough that it's detected and corrected in short measure, but it offers enough of a window for an attacker to do terrible damage. Worst of all, the problem is essentially unfixable as it currently stands. As Dave Rand of Trend Micro explained to Larry Seltzer, no central authority can be used to confirm whether a particular address belongs to a particular network. And because BGP is such a foundational protocol, there’s no replacing it in the short term. At least the Core Infrastructure Initiative has put “fixing BGP” on its to-do list.

SMTP: Simple Mail Transfer Protocol
Wikimedia

SMTP: Simple Mail Transfer Protocol

Despite myriad initiatives launched over the years to kill it off, email remains in wide use, along with one of its underlying protocols, SMTP. SMTP’s biggest problem, as put in an email by Steve Hultquist, chief evangelist at network analytics firm RedSeal, is that it has no inherent security due to its origins in more innocent days: “SMTP was conceived as a simple way to transfer email between users on the Internet when it was young and before the protocol architects had recognized the threat of bad actors.”

Over time, various bolt-ons for SMTP have been developed to tighten its security. Chief among them is reverse DNS checking to ensure the sender is in fact who they purport to be. But the protocols themselves don’t mandate that kind of security; it’s a matter of who bothers to implement them. All it takes is one mail gateway that doesn’t perform due diligence with incoming email to blow the game for everyone. Maybe Inbox will be able to show a way out of the email labyrinth, but don’t hold your breath.

DNS: Domain Name System
Wikimedia

DNS: Domain Name System

Because the Internet protocol that translates IP addresses into domain names is so foundational to the way the Internet works, it’s a common attack target, due to flaws in the protocol and security weaknesses in the software that implements it. The Iranian Cyber Army outright took over the DNS servers for Twitter’s domain, and the Syrian Electronic Army hijacked The New York Times’ domain registration account.

A wake-up call for DNS security was sounded in 2008 when security researcher Dan Kaminsky unearthed a massive flaw in the protocol’s design. That spurred work on DNSSEC, a security extension for DNS, as a way to keep forged data from being inserted into DNS servers. But DNSSEC needs to be implemented to work in the first place. Worse, it can impact the performance of a DNS server under heavy load and could even be used to launch denial-of-service reflection attacks. The cure may not be as bad as the disease, but it’s clearly a work in progress.

NTP: Network Time Protocol
Wikimedia

NTP: Network Time Protocol

NTP’s noble purpose is to keep the clocks of computers around the world in sync, from whole server farms to lowly desktops. But it, too, is a product of an age in which security wasn’t a top priority. That made it possible to use the mechanics of the protocol, in conjunction with a fleet of compromised computers, to launch denial-of-service attacks.

Fortunately, good work is being done to ensure that NTP servers are patched against such exploits and have been set up properly from the beginning to keep the attacks from happening. But nothing says future exploits of NTP aren’t possible, especially given the lack of scrutiny over the protocol and its implementations in the past.

IPv4
Wikimedia

IPv4

Despite all the clever dodges to work around the depletion of the IPv4 address space, nobody denies the days of IPv4 allocations -- even for big names like Microsoft -- are fast coming to an end. The only workable long-term solution has been known for years: Migrate to IPv6.

IPv6 is making good headway in new technology markets such as the mobile world, where IPv6 is widely used for 4G networks. For everyone else, the obstacles in the way of moving to IPv6 are seemingly endless. Simple inertia is a big one: Many won’t upgrade unless they are forced to. Qualified IPv6 expertise remains scarce, according to California IPv6 Task Force co-chair Ed Horley. And the NIST is worried that attackers are poised to pounce the minute the switches are thrown. Then again, nobody said altering the fundamental infrastructure of the Internet would be easy.

SSL: Secure Sockets Layer

SSL: Secure Sockets Layer

As a rule of thumb, the older a protocol, the more likely it is to be broken in some way -- and the more urgently it needs to be replaced with a successor. Secure Sockets Layer has had a replacement for years, but only now are we getting around to ditching SSL, mainly because disaster struck.

SSL was designed to provide cryptographic protection for application-layer connections like HTTP, but its last public revision was in 1996. A replacement protocol, Transport Layer Security appeared three years later, and its widely used 1.2 version landed in 2008. But SSL itself remained in use, in big part as a backward-compatibility measure. Consequently, all major browsers have continued to support SSL even if it’s used in only 0.3 percent of the transactions conducted today (according to Mozilla).

Now we have as good an incentive to ditch SSL altogether as there could be: The infamous POODLE attack, for which the best mitigation measure is to get rid of SSL -- period. Mozilla and Google are now doing that, meaning any enterprises that used SSL internally for whatever reason also need to ditch it, stat. Maybe backward compatibility isn’t all it’s cracked up to be.