Padlock
The CPNI has raised questions over the security of the TCP/IP system

Brits blast TCP/IP security

Report questions safety at the heart of the web

Shaun Nichols in San Francisco

A report from a top UK government defence body is calling into question the security of the basic internet protocol.

The TCP/IP protocol is the basic function used by computers to communicate with outside networks. First adopted in 1983, the TCP/IP system is widely credited with enabling the creation of the internet as we know it.

Advertisement

The same protocol that enables the internet, however, may also be leaving it at risk, according to the Centre for Protection of the National Infrastructure (CPNI)

The company notes that many of the same techniques first used to link up the Arpanet network in 1983 are still in use today by the modern-day internet, and not all of them are secure.

"While many textbooks and articles have created the myth that the Internet Protocols were designed for warfare environments, the top level goal for the DARPA Internet Program was the sharing of large service machines on the Arpanet, " read the introduction to the report.

"As a result, many protocol specifications focus only on the operational aspects of the protocols they specify and overlook their security implications. "

The CPNI noted that over the years vulnerabilities have emerged in everything from the handling of headers to dealing with fragments of code and reassembling data.

Even when those problems are patched, the CPNI pointed out that the fixes are not always approved or recommended by the Internet Engineering Task Force.

"In many cases vendors have implemented quick 'fixes' to protocol flaws without a careful analysis of their effectiveness and their impact on interoperability," the report read.

"As a result, any system built in the future according to the official TCP/IP specifications might reincarnate security flaws that have already hit our communication systems in the past."

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Do you agree?

Related whitepapers

Related jobs

Most watched

iPhone

Video Review: iPhone 3GS

We put Apple's latest iPhone through its paces

V3.co.uk weekly debrief, 5 Feb 2010

This week we cover the continuing controversy surrounding the Orange T-Mobile deal

Analysis and Reports

Using managed services to protect mobile data users from the latest security threats

Counting the cost of data security: the benefits of secured mobile services

Shifting Disaster Recovery targets with SharePoint and SQL server configurations

Using a hostbased recovery system for mission-critical systems

Poll

Adobe Flash poll

Adobe Flash poll

Do you agree with Steve Jobs about Flash being buggy?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

Windows 7

Microsoft denies Windows 7 battery problems

Replacement warning functioning normally, claims software giant

Safer Internet Day

Safer Internet Day highlights online threats

Annual initiative warns of phishing, ID theft and social network...

AMD Fusion

AMD details Fusion innovations at ISSCC

Forthcoming chip with four CPU and one GPU cores will...

MSI Wind U135

Review: MSI Wind U135 netbook

A decent netbook incorporating the latest Intel technology in a...

Primary Navigation