The Brexit deal recommends using outdated systems like…Netscape?
What a time to be alive.
In what seems to finally be the end of the saga known as Brexit, the UK and EU have finally agreed on a trade deal. There’s plenty to wade through in the 1200-page document produced, but something that seems to have caught people’s attention relates to technology, encryption, and security.
It recommends using outdated systems that are vulnerable to cyber-attacks while pegging them as modern software. Mozilla Mail, Netscape Communicator 4.x, 1KRSA, and SHA-1 are all mentioned.
Yes, Netscape Communicator. Not only has the 1997 internet suite not been updated since 2002, but it was completely discontinued in 2011. Mozilla Mail is also a defunct service, having been replaced by the SeaMonkey Internet suite in 2006.
Just in case you’ve forgotten, want to conjure memories of dial-up modems, or are too young to remember it, here’s how Netscape looked:
If that doesn’t make you think of those wonderful days where you’d surf the AOL bulletin boards, chat on MSN Messenger, and perfect your MySpace Top 8, I don’t know what will. Throw in a few Nickelodeon classics or Dragon Ball Z and that’s basically my early teens covered in two sentences.
The security measures – 1KRSA and SHA-1 – are incredibly outdated. RSA with 1024-bit key length security can be broken down by a decent GPU. SHA-1 was shown vulnerable to collision attacks and was superseded by SHA-2 in 2016. Both were ideal for use around a decade ago, but all the advances in technology mean that neither one is up to the task these days.
So what’s the deal?
It’s been suggested that this specific section of the deal could be copied and pasted from a 2008 EU agreement on data sharing (shown above). But even in 2008, the programs were ridiculously out of touch. This deal was the perfect time to change the details to something more relevant. Something less vulnerable to cyber-attack.
In an even more ridiculous idea, news site Hackaday went as far as to suggest the initial quotes could have been cut from a late-90s security document. We could be looking at encryption legislation that’s a quarter of a century old and still expecting it to be relevant.
I mean, in some respects I get it. We’re dealing with the kind of people who want to cut the rest of the planet off from the UK without realizing or caring that it’s the UK who will suffer most. It’s understandable this kind of person might think Netscape and Mozilla are state-of-the-art tools to use on the World Wide Web.
Plus, they’ve only had since 2016 to create a Brexit Plan. How was anyone going to get the chance to proofread a 1027-page document in that time?
The Brexit train has picked up steam since the vote back in 2016, and this does seem like it could be a small oversight. However, mentioning outdated systems and security methods may make it more tempting for hackers to try and peek under the hood of what’s actually happening in the UK’s government.
- Russia is being blamed for a massive malware attack on the U.S.
- The person flying a jet pack near LAX might have finally been caught on video
- Bozo dentist who posed for a picture on a hoverboard lands 12 years in jail
- Apparently, an old TV in the UK was causing internet outages for an entire village