Insecurity experts claim that they are close to sealing one of the worst flaws in Internet coding which effectively shunted all US traffic through China for half an hour. The incident which happened last year was thanks to a lack of security in the Internet's main routing protocol.
While a fix has been mooted for nearly a decade, a fix should be rolled out in January. Beginning Jan. 1, Internet registries will add a layer of encryption to their operations so that ISPs and other network operators can verify that they have the authority to route traffic for a block of IP addresses or routing prefixes known as Autonomous System Numbers.
The fix, which has been dubbed Resource Public Key Infrastructure (RPKI), is not perfect and it needs adoption by all of the Internet registries as well as major ISPs before it can provide a significant amount of protection. Proponents of RPKI say it is a much-needed first step in improving the security of the Border Gateway Protocol (BGP), which is the core routing protocol of the Internet.
If widely adopted, should prevent ISPs from accidentally disrupting the flow of Internet traffic with erroneous routing information. The RPKI development effort was funded in part by the U.S. Department of Homeland Security, probably as the US woke up to the fact that the status quo was insanity.