LOGBOOK

HELP

1 / 14
Other keys: showSpace: good1-4: rate0: skip5: flag6: invert

Question

Why wasn't security a priority in the original design of the internet?

Answer

It grew out of ARPANET, a small closed network of trusted academic/military institutions, so the designers optimised for sharing — not defending against malicious users.

The internet evolved from ARPANET — a network of trusted academic and military institutions. The designers assumed:

  • All users were known and trustworthy
  • The network was closed and controlled
  • The goal was information sharing, not protection

This resulted in protocols (HTTP, SMTP, FTP, DNS) with no built-in authentication or encryption - because in a trusted network, why would you need them?

Modern consequence: We now run these inherently insecure protocols on a global network with anonymous users and malicious actors. Security has to be bolted on (HTTPS, SMTPS, DNSSEC) rather than being fundamental to the design.

Go deeper:

Internet users in 2023 as a percentage of a country's populationSource: International Telecommunication Union.[160]
Internet users in 2023 as a percentage of a country's populationSource: International Telecommunication Union.[160]
Jeff Ogden (W163) · CC BY-SA 3.0 · Wikimedia Commons
or press any other key