SCION routing fixes BGP's 40-year security gap

Tue, 17 Mar 2026 00:00:00 +0000

Over 7,000 route entries remained invalid in March 2020 despite decades of patch attempts. The Border Gateway Protocol fundamentally lacks native mechanisms to verify address ownership, rendering current fixes like RPKI insufficient against sophisticated route hijacks. While extensions such as BGPsec attempt to secure the AS_PATH attribute, they impose heavy computational overhead and fail to address the core architectural rot of a forty-year-old system.

Manual key rollovers fail; try CDS records now

Wed, 25 Feb 2026 00:00:00 +0000

Only 4.27% of 240.3 million domains are DNSSEC-signed, proving that manual key management has failed the internet for two decades. Despite twenty years of existence since the protocol's 2005 rollout, secure delegation rates stagnated at just 7% in 2025, according to industry analysis. Barbara Jantzen and Peter Thomassen highlight that while validation rates hit 36%, the gap remains due to "overly complex implementations" and error-prone maintenance cycles. The cost of this inertia is stark: global cybercrime costs are projected to reach $10.8 trillion in 2026, fueled by unmitigated threats like DNS spoofing that secure delegation specifically prevents. Current first-quarter 2026 data shows only 8.11% of queries resolve to signed domains, indicating that voluntary adoption has hit a ceiling imposed by usability barriers.

Secure on Wirez

SCION routing fixes BGP's 40-year security gap

Manual key rollovers fail; try CDS records now