Brexit deal mentions Netscape browser and Mozilla Mail

  • Published
Related Topics
James Barksdale with a computer showing the Netscape logoImage source, Getty Images
Image caption,
James Barksdale was the CEO of Netscape from 1995 until the company merged with AOL in March 1999

References to decades-old computer software are included in the new Brexit agreement, including a description of Netscape Communicator and Mozilla Mail as being "modern" services.

Experts believe officials must have copied and pasted chunks of text from old legislation into the document.

The references are on page 921 of the trade deal, in a section on encryption technology.

It also recommends using systems that are now vulnerable to cyber-attacks.

The text cites "modern e-mail software packages including Outlook, Mozilla Mail as well as Netscape Communicator 4.x."

The latter two are now defunct - the last major release of Netscape Communicator was in 1997.

This Twitter post cannot be displayed in your browser. Please enable Javascript or try a different browser.View original content on Twitter
The BBC is not responsible for the content of external sites.
Skip twitter post by Prof B Buchanan OBE

Allow Twitter content?

This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’.

The BBC is not responsible for the content of external sites.
End of twitter post by Prof B Buchanan OBE

The document also recommends using 1024-bit RSA encryption and the SHA-1 hashing algorithm, which are both outdated and vulnerable to cyber-attacks.

"It's clear that something is amiss in the drafting of this treaty, and we'd go so far as to venture the opinion that a tired civil servant simply cut-and-pasted from a late-1990s security document," news site Hackaday commented.

Several people have suggested the words were copied from a 2008 EU law, which includes the same text.

'Little excuse'

Prof Bill Buchanan, a cryptography expert at Edinburgh Napier University, said there was "little excuse" for the outdated references.

"I believe this looks like a standard copy-and-paste of old standards, and with little understanding of the technical details.

"The text is full of acronyms, and it perhaps needs more of a lay person's explanation to define the requirements."

Although SHA-1 and 1024-bit RSA "were a good selection a decade or so ago, they are no longer up to modern security standards," he added.

Media caption,

A round-up of the Brexit trade agreement

The Brexit negotiations finally ended on Christmas Eve, with a deal which was more than 1,200 pages long.

Ambassadors from the 27 EU member states have unanimously approved the EU-UK post-Brexit trade deal.

The UK Parliament is expected to approve it on Wednesday, paving the way for it to take effect provisionally on 1 January ahead of a European Parliament vote.

The Home Office said the paragraphs "set out the legally prescribed measures for cooperation."

"We currently use the latest technology to share this data, which is properly protected and in line with the guidance from the National Cyber Security Centre," a spokesman added.