SCION: Switzerland's Secure Alternative to BGP Routing Protocol

What SCION Actually Does Differently
SCION addresses BGP's fundamental security flaws through three interlocking mechanisms. First is multi-path routing - where today's internet offers a single path between two points, SCION establishes tens or even hundreds of parallel paths simultaneously. If one fails, the system reroutes within milliseconds. Perrig is precise about the threshold: "Human reaction time for auditory stimulus is roughly 150 milliseconds. We can reroute in less than that."
The second mechanism is cryptographic path validation. Every packet in a SCION network carries cryptographic proof that its route has been authorized by the networks along the path. This prevents route hijacks and leaks at the architectural level, rather than through add-ons like RPKI or BGPsec.
Current Deployment Status
SCION is already proven in banking and healthcare sectors but has been slow to spread everywhere else. The system has been operational in Switzerland's financial networks since 2016 and handles billions in daily transactions. Major Swiss banks use it for inter-bank transfers, and Swiss healthcare networks use it for patient data.
Adrian Perrig, professor of computer science at ETH Zürich and principal architect of SCION, launched the project in 2009 after gaining tenure. His core frustration was simple: the same vulnerabilities had been documented since the 1980s, and nobody had tried to fix them at the architectural level. "The best security companies in the world are still being exploited through them," he says. "There has not even been an attempt to address them properly."
Technical Architecture
SCION replaces BGP's trust-based routing with cryptographic path validation. Unlike BGP's incremental patches (RPKI, BGPsec, ROA), SCION redesigns the routing foundation entirely. Kevin Curran, a cybersecurity professor at Ulster University who has been teaching computer networks for 27 years, offers an independent assessment: "What we have had over 40 years is a series of Band-Aids. Nothing has come close to addressing the need for truly secure paths across an adversarial network."
The system's isolation properties allow networks to operate independently while still participating in global routing. This addresses BGP's lack of cryptographic chain of custody for packet journeys and its slow rerouting process that can take minutes during network failures.
📖 Read the full source: HN LLM Tools
👀 See Also

Claude models vulnerable to invisible Unicode character hijacking, especially with tool access
Testing shows Claude Sonnet 4 is 71.2% compliant with hidden instructions embedded in invisible Unicode characters when tools are enabled, with Opus 4 reaching 100% compliance on Unicode Tags encoding. Tool access dramatically increases vulnerability across all Claude models.

Practical Security Practices for OpenClaw Agents
A Reddit post outlines specific security practices for OpenClaw users, including scheduled commands for updates and audits, managing agent access in shared channels, and securing API keys and skills.

AI Agent Exploits SQL Injection to Compromise McKinsey's Lilli Chatbot
Security researchers at CodeWall used an autonomous AI agent to hack McKinsey's internal Lilli chatbot, gaining full read-write access to its production database in two hours via an SQL injection vulnerability in unauthenticated API endpoints.

MCP Server CVE Exposure Mapping and Public API Released
Researchers have mapped CVE exposure across thousands of MCP servers and built a public API for querying dependency vulnerabilities. The API allows searching by repo/name, filtering by severity, and sorting by CVE count or recency.