Forgot your password?
typodupeerror
Security

The World's Most Dangerous Password 696

Posted by timothy
from the harsh-consequences dept.
NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"
This discussion has been archived. No new comments can be posted.

The World's Most Dangerous Password

Comments Filter:
  • by Roland Piquepaille (780675) on Saturday May 29, 2004 @05:56PM (#9286965)
    What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it?

    Stupid David played with the WOPR again!
    • WOPR's 'guesses' (Score:5, Informative)

      by The Monster (227884) on Saturday May 29, 2004 @06:15PM (#9287044) Homepage
      I remember watching WOPR 'cracking' the launch codes - each time it 'found a match' that character in the launch code would lock, while the others would continue to change in seemingly random fashion. I thought at the tima that it was incredibly stupid to have a system that would disclose which characters were correct - if you're using upper-case alpha and digits, that would require no more than 36 guesses to get any code.

      Now I realize that the movie wasn't nearly as stupid as reality.

      • Re:WOPR's 'guesses' (Score:3, Interesting)

        by adipocere (201135)
        Just remember the code: CPE1704TKS
    • by JMandingo (325160) on Saturday May 29, 2004 @07:22PM (#9287355)
      A flight attendant invited me to a party a few years back, and it was mostly pilots and flight attendants at the party. All getting sloshed, of course - pilot and flight attendants DRINK. Since most airline pilots started their careers in the military I got to spend a lot of the evening listening to 'war' stories.

      One pilot I talked to used to copilot one of the two big planes (747s?) that they send up that can launch all the missiles remotely in case NORAD gets knocked out. He told a story about how they would run all these drills where they would scramble, get in the air immediately, and then get transmitted codes from the ground. They would unscramble the codes as "do not launch" and then return to base without transmitting anything to the silos, drill over.

      According to him, on one of these sorties received the "launch" code in error. So they asked the ground to repeat the transmission. Which they did, and it was the same. So they took a chance and broke protocol and radio'd the ground and told them that they had just sent the "launch" codes, and did they really want them to transmit this along to the silos? Of course the ground told them to cease and return to base.

      Scary truth or dunken bravado? Who knows.
      • by ghostlibrary (450718) on Saturday May 29, 2004 @09:04PM (#9287707) Homepage Journal
        That's why 'man in the loop' is worth keeping. Fully automated systems are not just 'risky', but absolutely totally insane.

        You read about trying to cut people out of the loop to save costs, think about this and just pay the $40k/year salary, for goodness sake.
        • by MagicDude (727944) on Saturday May 29, 2004 @11:34PM (#9288204)
          There is someone in the loop. The missle silo's in Colorado are manned by Air Force officers. A college buddy of mine was Air Force ROTC (Reserve Officer Training Corps, pronounced rot-see). In return for the Air Force paying most of his tuition, he serves 4 years active duty and an additional period of time in the reserves. He has been assigned to the "Space and Missiles" program, which means that after a year of training he'll either be sent to "Space" which is mainly research and development, or to "Missiles", which is sitting in the missile silos. Of the people assigned to this program, about 20% go to space, and 80% go to missiles. As my friend describes it, he'd work on a 3 day rotation, where every third day he'd have a 24hr shift in an underground bunker where his primary job would be to wait for the signal to come in and then do the thing with the two keys and entering the final launch code or however it works these days. So there are still people in the loop for the US's long range missiles.
      • by netsharc (195805) on Saturday May 29, 2004 @09:12PM (#9287738)
        You were at a party with stewardess, ehm I mean flight attendants..? Who cares about the war stories, did you score???
  • by Anonymous Coward on Saturday May 29, 2004 @05:56PM (#9286970)

    Username: cisco

    password: cisco

    'nuff said.

  • trust (Score:4, Insightful)

    by Doc Ruby (173196) on Saturday May 29, 2004 @05:56PM (#9286971) Homepage Journal
    This is why we trust politicians, ridiculous as they are, with our lives, and make the warriors answer to them. Because incompetent politics generally inhibits war, while incompetent warriors encourage it. And they're all incompetent - nobody knows the right way to do it.
    • Re:trust (Score:3, Insightful)

      by geeber (520231)
      "Because incompetent politics generally inhibits war"

      As has been clearly demonstrated recently in Iraq...

      Oh wait, nevermind.

      • Re:trust (Score:3, Interesting)

        by TheGavster (774657)
        I think that the general case is mostly correct ... you have to allow for some deviation from the norm, especially with a politician as ... unique ... as the one in question.
      • Re:trust (Score:4, Insightful)

        by Jerf (17166) on Saturday May 29, 2004 @07:06PM (#9287271) Journal
        As has been clearly demonstrated recently in Iraq...

        Indeed; incompetent politics can start wars as well as prevent them.

        If Saddam Hussein didn't have WMDs, all he had to do was cooperate with the inspecters, verify he didn't have them, and there would have been no war. He'd still be alive, running the country, and killing whoever he pleased, whenever he pleased.

        Instead, he let his ego get in the way of his politics, he fought the inspecters tooth and nail, and it ended up running his regime into the ground.

        (There's some more to the story then that, such as how stupid it is to run a "shoot the messenger" regime if you actually want to survive, but that outline is true.)

        Incompetent politics can definately start wars.

        (Oh, you were trying to blame the current President? Maybe if he'd actually started this war that would make sense, but since there is an unbroken string of broken UN resolutions dating back to Saddam's invasion of Kuwait, I'd say it makes just as much sense to call this a continuation of that, Saddam's Greatest Mistake. Not saying Bush is blameless, just saying that if you want to point at one person who's utterly incompetent politics for over a decade started this war, it's much, much more rational to point at Saddam. One little thing he had to do to remove any pretense, and his ego wouldn't let him do it.)
        • Re:trust (Score:5, Insightful)

          by Zork the Almighty (599344) on Saturday May 29, 2004 @07:13PM (#9287313) Journal
          "The reason we start a war is to fight a war, win a war, thereby causing no more war!"
        • Re:trust (Score:5, Insightful)

          by LPetrazickis (557952) * <leo...petr+slashdot@@@gmail...com> on Saturday May 29, 2004 @07:43PM (#9287435) Homepage Journal
          If Saddam Hussein didn't have WMDs, all he had to do was cooperate with the inspecters, verify he didn't have them, and there would have been no war. He'd still be alive, running the country, and killing whoever he pleased, whenever he pleased.

          Yes, announcing that you don't have significant weapons and appearing weak is a good idea when you have a powerful and belligerent Iran next door.
          • Re:trust (Score:5, Insightful)

            by Bald Wookie (18771) on Saturday May 29, 2004 @09:43PM (#9287831)
            Yes, announcing that you don't have significant weapons and appearing weak is a good idea when you have a powerful and belligerent Iran next door.

            Given a choice of fighting Iran or the US, I'd take Iran every single time.
        • Re:trust (Score:5, Insightful)

          by Anonymous Coward on Saturday May 29, 2004 @08:44PM (#9287641)
          " but since there is an unbroken string of broken UN resolutions dating back to Saddam's invasion of Kuwait, I'd say it makes just as much sense to call this a continuation of that"

          Then I guess we'll be taking out Israel next, for all the UN resolutions they've broken/ignored?
        • Re:trust (Score:5, Insightful)

          by thdexter (239625) <dexter@NosPaM.suffusions.net> on Saturday May 29, 2004 @09:02PM (#9287697) Journal
          Oh, you were trying to blame the current President? Maybe if he'd actually started this war that would make sense, but since there is an unbroken string of broken UN resolutions dating back to Saddam's invasion of Kuwait[...]

          Link me to the UN resolution that gives the US executive power and the ability to act as its security council without oversight or resolution.
        • Re:trust (Score:5, Informative)

          by Mostly a lurker (634878) on Sunday May 30, 2004 @12:34AM (#9288347)
          If Saddam Hussein didn't have WMDs, all he had to do was cooperate with the inspecters

          Well, according to Dr Hans Blix (the head of the inspection commission) Iraq was cooperating fairly well. The message that cooperation was inadequate was coming from the same source that was claiming incontrovertible evidence of ongoing WMD activity. Most of the world wanted inspections to continue, based on the doubts raised by the US, in spite of the fact that inspections were revealing nothing.

        • Re:trust (Score:5, Interesting)

          by JWSmythe (446288) <.jwsmythe. .at. .jwsmythe.com.> on Sunday May 30, 2004 @01:54AM (#9288539) Homepage Journal
          If I recall, it was a big game of the inspectors looking, and not finding anything and crying "He's hiding them". So Hussein showed them more locations, and again, the inspectors cried "he's hiding them".

          Eventually, I'd suspect it appeared to him that the inspectors weren't there to find WMD's, but to gather intelligence on what his forces were, etc, etc.

          Now, this would appear more correct than paranoia.

          But, exactly how do you go about saying "we want to see the WMD's" and know that you're being taken to the correct places? The spys tell you where they are, of course. Again, breaking the trust.

          Inspectors: "Hi, We'd like to inspect this list of locations for WMD's."

          Iraq: "Who gave you the list?"

          Spys: "Don't say spys. Don't say spys."

          Inspectors: "Ummm, we guessed?"

          Iraq: "Ok, we'll give you access to those locations"

          Inspectors: "We didn't find anything there, you must be hiding them, we want to see what you have at these installations now."

          Lather, rinse, repeat.

          Now imagine any group of inspectors trying to see what the US has hiding around the world. It isn't going to happen. The US has enough to destroy the world many times over, and in reality that's unchecked. Everyone knows "Area 51", but there are countless other "secret" installations that foreign (read: enemy) inspectors can't just walk into.

          The US is powerful enough where any country won't push for inspection, in fear that the US would push back.

          Foreign Power: "Let us check all of your 'secret' bases!"

          U.S.: "Sure, let us nuke you first."

          Foreign Power: "Fair enough, give us a diplomatic tour of Washington D.C., with plenty of liquer and hookers."

          U.S.: "I see we understand each other."

      • Re:trust (Score:4, Insightful)

        by Doc Ruby (173196) on Saturday May 29, 2004 @07:08PM (#9287285) Homepage Journal
        No, that's competent politics in action - they want war in Iraq, they got it. And everything that comes with it. Their inability to spin is incompetent, but if that gets BushCo out of the White House, they'll still have the zillions they latched onto.

        And the incompetent warriors at the top of the Pentagon went in without an exit strategy - just an exit fantasy of slavish Iraqi gratitude. Their further incompetence at fighting a guerilla war, which has been standard warfare since their incompetence in Vietnam certified it, has kept the war going. To stave off the inevitable "support the troops" replies, I note that the troops actually fighting are tactically competent, topping the world in killing power. Too bad their strategy leaders in the Pentagon don't support them as well as we do.

        So we've got political competence combined with warrior incompetence, and a war. Probably the worst war the US has seen since WWII - and there's no limit to what's to come. I never felt so bad about being right.
    • Re:trust (Score:5, Insightful)

      by Tiro (19535) on Saturday May 29, 2004 @07:00PM (#9287229) Journal
      No, you're wrong;

      In the current political establishment in the US, it is the politicians & Pentagon civilians who are promoting war, and the officers were generally very skeptical of what they were doing.

      Basically one portion of the political elite has decided that we should start acting like Israel if we are to maintain political power in the world, and they have gone on the offensive, entering into many regional conflicts around the world. I would argue this goes back to the Clinton administration at least; Wolfowitz and Pearle have taken it to the logical extreme.

      Remember how skeptical retired General Clark was of the war when he became a politician? So was Eisenhower; he warned us of the military-industrial complex, which becomes dangerous because the big money/corporate side of it has lots of influence on Washington politicians. Guys with military experience often know better than the politicians, and this is why Kerry or McCain would be much better leaders than the wide array of war cheerleaders in power now who avoided the draft in various ways [see last couple of weeks of doonesbury].

    • Re:trust (Score:5, Insightful)

      by Zak3056 (69287) on Saturday May 29, 2004 @07:05PM (#9287263) Journal
      Because incompetent politics generally inhibits war, while incompetent warriors encourage it.

      You, sir, are completely incorrect in your assertation. Once upon a time, you might have been largely correct--back in the days when those who had military power were the same people as those with political power (Napoleon for example) the warriors would be the ones to start the wars.

      OTOH, looking at the history of 20th century US wars, not one was started by soldiers. Politicians are the ones who lead us into wars. Soldiers are the ones who die fighting them. Learn the difference.

  • by rice_burners_suck (243660) on Saturday May 29, 2004 @05:57PM (#9286976)
    And here I thought that password would be something like, "password" or "login"... Instead, they chose the kind of code an idiot would put on his luggage.
  • Hilarious (Score:5, Funny)

    by sam0ht (46606) on Saturday May 29, 2004 @05:57PM (#9286977)

    Funniest thing I've read all day. Makes lots of seemingly 'implausible' films about unauthorised nuke launches and hacking, a lot less implausible.

    'Hmm.. it's asking for a password ? Try zero zero zero'
  • by EdMcMan (70171) <moo.slashdot2.z.edmcman@xoxy.net> on Saturday May 29, 2004 @05:58PM (#9286983) Homepage Journal
    As long as everyone outside the department thought it had a good password on it, no one would bother trying to steal one.

    So, the passwords were surprisingly effective. FUD at its finest ;)
    • You're an idiot (Score:4, Insightful)

      by metalhed77 (250273) <andrewvc@gmCOWail.com minus herbivore> on Saturday May 29, 2004 @06:49PM (#9287188) Homepage

      As long as everyone outside the department thought it had a good password on it, no one would bother trying to steal one.

      So, the passwords were surprisingly effective. FUD at its finest ;)


      The fact that everyone in SAC knew them means that if a terrorist had gotten to a low level in position in SAC he would have known the codes. At this point your detterent is useless. If the code was distributed on a proper need to know basis then this wouldn't be possible.

      This isn't fud, mcnamara himself was outraged, those locks were there for a damn good reason. That password should NOT be available to everyone in SAC regardless their security clearance. It is should be strictly need to know.
      • Re:You're an idiot (Score:3, Insightful)

        by sydb (176695) *
        I would guess that if the codes were something other than staggeringly trivial, they wouldn't have spread so far and wide.

        I can imagine people laughing, "Guess what? The code to the bombs is all zeros!" You'd want to share that nugget!

        A worthless code does not inspire respect.
  • by Draconix (653959) on Saturday May 29, 2004 @05:59PM (#9286984)
    12345 Though now we know the President's suitcase combination. :)
  • by m0rphin3 (461197) on Saturday May 29, 2004 @06:00PM (#9286991)
    Airman 1: Hey, Jeff, what do you think the secret password is?
    Airman 2: Dunno. Try P-A-S-S-W-O-R-D or something.
    Airman 1: Nah, it's just numerals. And it's not like the secret code could be 0000000. Nobody would be _that_ stupid.

    *ATTENTION - PREPARE FOR GLOBAL THERMONUCLEAR WAR*

    Airman 1: What you say!
  • If a hacker (Score:5, Funny)

    by NIK282000 (737852) on Saturday May 29, 2004 @06:01PM (#9286992) Homepage Journal
    If a hacker tried to brute force that, I think it would have been the fastest hack on record.
  • by MajorDick (735308) on Saturday May 29, 2004 @06:01PM (#9286993)
    If it gets cracked. I cant imagine anyone who had ACCCESS to ust this password having used it, the fact that were all still here shows it was perfectly secure, dont forget its not like some script kiddie could hop on the "Net" and use this password. There were some SERIOUS layers of physical security.
    • by Anonymous Coward
      There are fewer layers than you think. These missiles would have had to be launched within minutes in response to an attack. How many layers of security can you pack into 15 minutes? This was probably one of the reasons for choosing a braindead password in the first place.
      • by Penguinshit (591885) on Saturday May 29, 2004 @06:40PM (#9287142) Homepage Journal

        The physical security refers to someone trying to get in from the outside. The two guys inside the silo launch center would be able to get the launch off in time.

        Insofar as a single deranged person trying to launch the missiles, both launch keys have to be turned at the same time. The keylocks are separated by a distance making it impossible for a single human being to turn both simultaneously.

        Crews are rotated such that the same two are not on duty on any but one shift (to prevent conspiracy), and the crewmen are subjected to some excruciatingly serious background and psychological tests before, during, and after their tours of duty in the silos.

        Great care was taken in designing a fail-safe mechanism, where if the protection mechanism fails, it fails into a safe mode (like a default-deny in IPTables).

        It was determined that it was better that a few missiles not leave the silos during a nuclear exchange than a few leave a silo during peace-time.

    • by Kjella (173770) on Saturday May 29, 2004 @06:48PM (#9287184) Homepage
      I cant imagine anyone who had ACCCESS to ust this password having used it, the fact that were all still here shows it was perfectly secure, dont forget its not like some script kiddie could hop on the "Net" and use this password. There were some SERIOUS layers of physical security.

      *zoom back three years* "the fact that noone has ever deliberately flown a jumbojet into a building shows it is perfectly secure" I hope the military has some better understanding of risk analysis ;)

      There were serious layers of physical security? How serious? Just as serious as their passwords? Besides, the brass may be tough but the grunts guarding it are not above blackmail or greed.

      Good security is layered. That also means that breach of security shouldn't be caused by a single failure. But in reality it often turns out one or no layers of security are actually *working* because everybody assumes the other layers will cover for it.

      Kjella
      • by YrWrstNtmr (564987) on Saturday May 29, 2004 @07:00PM (#9287237)
        Security in the form of extensive background checks, rotating crew assignments, and physical separation of the two keys, so that one person cannot reach both at the same time.
      • by joshki (152061) on Saturday May 29, 2004 @07:46PM (#9287444)
        Besides, the brass may be tough but the grunts guarding it are not above blackmail or greed.

        What?? You thinking putting a bar on someone's shoulder makes them "tough?" And just because you call someone a "grunt" they're more suceptible to "blackmail or greed?" Newsflash -- EVERYBODY is suceptible to blackmail and greed. That's why the people who work with nukes are vetted by the security services -- officers and enlisted alike. You think the techs who worked on those missiles didn't know how to bypass those PALs regardless of what password was used?

        My point is simple -- don't question someone's patriotism because I'm enlisted -- just because they don't get paid as much doesn't mean their values aren't just as strong as an officer's. The enlisted men and women in the military are the ones you have to trust -- we're the ones who make it all work.

  • by lordrich (647355) on Saturday May 29, 2004 @06:02PM (#9286998) Homepage

    ROLAND: No, wait, wait. I'll tell. I'll tell.

    HELMET: I knew it would work. All right, give to me.

    ROLAND: The combination is one.

    HELMET: One.

    SANDURZ: One.

    ROLAND: Two.

    HELMET: Two.

    SANDURZ: Two.

    ROLAND: Three.

    HELMET: Three.

    SANDURZ: Three

    ROLAND: Four.

    HELMET: Four.

    SANDURZ: Four.

    ROLAND: Five.

    HELMET: Five.

    SANDURZ: Five.

    HELMET: So the combination is one, two, three, four, five. That's the stupidest combination I've ever heard in my life. That's the kinda thing an idiot would have on his luggage.

    HELMET: We have the combination.

    SKROOB: Great. Now we can take every last breath fresh air from planet Druidia. What's the combination?

    SANDURZ: One, two, three, four, five.

    SKROOB: One, two, three, four, five? That's amazing. I've got the same combination on my luggage.
  • Reminds me ... (Score:5, Interesting)

    by shadowkoder (707230) on Saturday May 29, 2004 @06:02PM (#9286999)
    of some of Microsoft's choices for authentication passwords. For example: 1111111111111111 (dont remember how many, but a good guess) for activating a MS Visual studio package. Nice protection for a $1500 license.
  • by sloshr (608388) on Saturday May 29, 2004 @06:02PM (#9287000)
    Things have changed on the global level more than just a little bit, and I'd imagine a good deal of the security surrounding the prevention of launches centered around the PHYSICAL security. If the bad guy can't reach the keyboard to enter the codes - well, then, does it matter what the passwords set to?

    For better or worse, the system seemed to have worked - there weren't any unauthorized missiles launched that I'm aware of.
  • Google Cache (Score:3, Informative)

    by crt (44106) on Saturday May 29, 2004 @06:03PM (#9287004)
    Get your fresh cached copy here [64.233.161.104].
  • Totally wrong. (Score:4, Insightful)

    by ObiWonKanblomi (320618) on Saturday May 29, 2004 @06:04PM (#9287008) Journal
    As with any mission critical systems, there is redundancy in every aspect of the ICBM system from the authentication to the verification of the target being neutralized. So what if there was a password set to 0000000? There still has to be a number of other things set by others in numerous locations in order to do this. One reason was so that the president could not launch a missile on a bad hair day or a mad general (or group, in fact) could not launch in order to lead a coup.

    in addition, the passwords for the different sub-systems would vary as well as require a number of actual physical keys in order to get the nuclear war machine into motion.

    If you really think it only takes one password to launch an american military nuke (even if we were in the 60s), you're totally mislead.
    • There were two personnel in each launch control room with keys which had to be turned simultaneously. They both had pistols. The pistols were to shoot the other one if he went insane.

      This was depicted in 'Wargames'

      The launch code sounds like some politician's idea of a safeguard. You'd think geeks like us would know better - a password is not security. Furthermore, if we DID have to fire the missile, it would suck if someone forgot the password.

      Now we're getting into nuclear deterrence and the differ
    • RT()A (Score:5, Informative)

      by dachshund (300733) on Saturday May 29, 2004 @06:45PM (#9287172)
      So what if there was a password set to 0000000? There still has to be a number of other things set by others in numerous locations in order to do this.

      There are five flights, hence five two-man LCCs, in a 50-missile squadron. Since all missiles and LCCs are electronically interconnected, the "normal" launch of any or all missiles in a squadron requires the cooperation of only two crews - no more, no less. ...

      Located in each LCC are two launch keys, one for each member of the crew, and the codes needed to authenticate presidential launch directives. Only the launch keys, not the codes, are physical prerequisites for generating valid launch commands

      The article goes on to explain that the time from launch command to launch was about eight seconds, if two separate launch control centers (ie, 4 people) chose to turn the keys. Also, visitors were often allowed into these sites after giving only a name and social security number-- backgrounds generally weren't checked.

      So assuming the article's correct: a) there wasn't even one password in the launch process at the time, only physical keys, b) four people in the right place could launch nuclear missiles, and no countermeasures would have been able to stop them, and c) given the lack of stringent security in allowing visitors access to those sites, it's not inconceivable that outsiders could have seized the opportunity to take control of two launch centers.

    • In addition to the other safeguards you describe, the missiles were supposed to be password-protected by this PAL system. They were not. Senior politicians, including the Secretary of Defence at the time, were led to believe that this extra protection existed. It didn't.

      And let's be blunt here. A single Minuteman launched at a major world city could kill millions of people. Doesn't it make you even slightly nervous that the military was prepared to discard one of the layers of security in the interest

    • Re:Totally wrong. (Score:5, Interesting)

      by putaro (235078) on Saturday May 29, 2004 @07:16PM (#9287328) Journal
      If you really think it only takes one password to launch an american military nuke (even if we were in the 60s), you're totally mislead.


      Now wait a minute, who has been misled here? One layer of security was complete and utter bullshit - and the Secretary of Defense who had it installed didn't know. How many other layers were complete and utter bullshit?

      Not only that, but this was the moral equivalent of a military coup against the elected government. The PALs were there to prevent the military from launching without authorization from the National Command Authority (i.e. the President or his successor).
  • No worries (Score:5, Funny)

    by spellraiser (764337) on Saturday May 29, 2004 @06:07PM (#9287017) Journal

    Just enter the recall code. Mandrake has told us it's a variation of the letters POE, which probably stands for 'Purity Of Essence' or 'Peace On Earth'. Just try all the variations, and the launch will be aborted. Hooray!

    Now stop fighting in the War Room!

  • by Lord Graga (696091) on Saturday May 29, 2004 @06:10PM (#9287027)
    I stumbled over THIS [leech.dk] manual about passwords one day, and I found it absolutely amusing!
  • by Viadd (173388) on Saturday May 29, 2004 @06:19PM (#9287062)
    00000000 was the name of Secretary of Defense McNamara's dog.
  • Verizon (Score:3, Interesting)

    by Anonymous Coward on Saturday May 29, 2004 @06:31PM (#9287110)
    I work for an outsourcing group for telco (V something). We are non union, so they abuse us over the hourly union people.

    This isn't a joke, after all the hacking, the passwords are still the same! Even after Palifornia passed the law about reporting security break ins, they still are not reported!

    Here is a sample list of actual of passwords I've kept track.
    lucent:lucent
    nortel:nortel
    nortel:etas
    admin:setup
    admin:admin
    admin:config
    setup:set up
    root:toor

    FOA WCDMA hardware that all you need to do is telnet too (no ssh) and run a simple password guessing program, and gain access.

    IT's worse than you think.

  • by pedantic bore (740196) on Saturday May 29, 2004 @06:36PM (#9287125)
    Maybe this is a fake password. Only a few people know the real password, but "everyone" knows this one. Anyone foolish enough to try to use it would immediately find themselves in a world of trouble.
  • Dammit (Score:5, Funny)

    by ed__ (23481) on Saturday May 29, 2004 @06:47PM (#9287178) Journal
    now i have to change the codes on all my nuclear weapons :<
  • by t_allardyce (48447) on Saturday May 29, 2004 @06:52PM (#9287197) Journal
    "it is the stated position of the United States Air Force that their safeguards would prevent the occurrence of such events as are depicted in this film. Furthermore, it should be noted that none of the characters portrayed in this film are meant to represent any real persons living or dead."

    Throws that one out the window then?

    Mein Fuehrer! sorry.. Mr President.
  • by Magus311X (5823) on Saturday May 29, 2004 @06:57PM (#9287216)
    About 15 years ago, when our new computer labs were first opened, five key combination locks were put on the doors, with the access code set to the default.

    15 years later and 5000 miles away on a continent on the other side of the planet, I'm on the walking trails beside our hotel and come across a gate on the boundary fence which has the exact same combination lock. And yes, it had the exact same access code.
  • by 33degrees (683256) <[33degrees] [at] [gmail.com]> on Saturday May 29, 2004 @07:02PM (#9287248)
    According to the article, someone in the chain of command decided that they didn't want this safeguard, and ordered that the password be set to 00000000 and the dials used to enter the password left in that position; in effect, the equivalent of having a blank password so that you don't have to bother entering it.

    The story here, then, is not that a bad password was chosen, but that somebody decided to disobey orders by disabling the password, and that the higherups were completely in the dark about it.
  • by Exocet (3998) on Saturday May 29, 2004 @07:07PM (#9287276) Homepage Journal
    That seems to be the concensus at this point. People have repeatedly pointed out that the *physical* security was VERY VERY STRICT. Just because the password, a deterrant that top-level people thought was VERY VERY necessary was completely missing ...oh, that's fine. They still have keys and ummm other stuff, right?

    RTFA. Blair and Brewer point out that, at the time, the military wanted to improve their public relations and would give TOURS of LCC's! B&B repeatedly point out that virtually anyone who asked could get access! The physical security was crap and the codes weren't in place. IE, any moderately funded and motivated terrorist group could have had a field day if they'd know about this severe weakness.

    "Four individuals (two persons in each of two separate LCCs in the same squadron) acting in concert could succeed in mechanically launching one or more missiles." In seconds. Not minutes or hours.

    "[...] annually thousands of visitors holding no clearance whatsoever were permitted access to operational LCCs."

    "Located in each LCC are two launch keys, one for each member of the crew, and the codes needed to authenticate presidential launch directives. Only the launch keys, not the codes, are physical prerequisites for generating valid launch commands, the purpose of the codes being exclusively that of authenticating an execution directive."

    B&B make it sound as if you happened to be on a tour and decided to overpower the minimal security force (two crew members + a couple of guards at best (isolated locations, remember?) then it's good to go - you already know the launch codes because it's always all zero's. Or, even worse:

    "Technically, crew members can launch a nuclear attack with or without approval from higher authority. Unless PAL or its equivalent forecloses this option, as many as 50 missiles could be illicitly fired. Moreover, unless adequate precautions were instituted, an even more drastic option would be available. Crew members could conspire in the formatting and transmittal of strategic strike directives, deceiving the full contingent of Strategic Air Command (SAC) LCCs, as well as higher authorities, into reacting to a spurious launch directive as if it were valid and authentic. Or they could render the U.S. strategic force virtually impotent by formatting and transmitting messages invalidating the active inventory of presidential execution codes. Finally, crew members could aid accomplices in stealing thermonuclear warheads from missiles on active alert."

    Keep in mind that Blair was working in an LCC as a crew member in the mid-70's. He was obviously in a unique position (which virtually none of us were or are) to write this paper. His direct observation on how to subvert the access/security controls on the ICBM's trump anyone else's estimate on what might or might not happen. His letters and paper in 1977 are basically what got those locks activated in... 1977.

    It is especially hypocritical that the majority of the Slashdot comments were fine with this poor use of a password mechanism. In your own place of business you most likely would NEVER allow this to happen and you just run some servers - as opposed to ICBM's capable turning your city into a big kitty litter box. Don't defend the actions of those in charge in the 60's and 70's. They were flat out wrong and frankly should have been thrown in military prison for such a massive security breach.
    • by xnixman (644195) on Saturday May 29, 2004 @09:46PM (#9287842)
      Gee, you KNOW alot.

      Having worked in this field I'll tell you:
      1. A civilian is never allowed in a live LCC.
      2. The crew is sealed in the live LCC's.
      3. To get access to a live LCC is much more then cutting the chain link.
      4. Even if you got into one, you need to get into two to do anything.
      5. Nevermind the hoards of SP's and armed Helicopters descending around you.
      6. While crew members can send messages between LCCs (and I believe between bases, I can't recall) these messages are not and can not be EAM's which are only sendable from the NCA via special terminals.
      7. Even if you could send the EAM, who would believe an order coming from the wrong originator.
      8. The comm systems in question are not as stupid as e-mail, they are part of a dedicated MLS (b3) system.
      9. Nuclear command and control has always relied on personal responsibility, do you think nuclear submarine commanders or the alert bomber force can/could not just decide to launch, or are you deluded enough to think they have some crm114 gizmo that overrides them?

      In my place of business I'd have no problem with a null password if all access to the server required two trusted administrators with keys that are kept stored in seperate combination locked safes. In fact, a password beyond the assertion of two trusted people would be stupid, and if you don't trust the people allowing them access to the keys would also be stupid.

      Your scenario would be something like this:
      1. Something needs done to the server, so you call the CIO
      2. He gives you and your other Sys Admin a one-time password for the server.
      3. You two go open your safes with your combos (each of you only know one of these combos)
      4. You remove your keys and open the server locks.
      5. You enter the password you got from the CIO
      6. You do your business, and relock the server
      7. You put your keys away

      Damn, I'd hate to work in your shop. Most of us only have trusted sys admins and single passwords.

      Dan
  • Not Stupid (Score:3, Funny)

    by dotwaffle (610149) <slashdot@@@walster...org> on Saturday May 29, 2004 @07:20PM (#9287344) Homepage
    If you're going to crack a password, what do you start with? Birthdays, anniversaries, dates of importance. You'd never think to try all 0's. It's too obvious. Nobody would guess it unless it was a brute force attack. It's actually remarkably clever.
    • Re:Not Stupid (Score:4, Informative)

      by MacWiz (665750) <gzieman54@@@gmail...com> on Saturday May 29, 2004 @07:43PM (#9287436) Journal
      I beg to differ. Having formerly done security system installations, this is a quite common practice, especially if you're dealing with security gueards. A large casino I worked for used '2222' for its security codes. McCarren Airport (Las Vegas) prior to 9/11 had '1234' for its password to get into "secure" areas.

      It has to be something the lowest common denominator on the security team can remember.
  • Consider the source (Score:3, Interesting)

    by jmichaelg (148257) on Saturday May 29, 2004 @07:54PM (#9287468) Journal
    The article may be factual but then again, it may not. I first saw a reference to this story on Fark and the link went to the Moscow Times. [themoscowtimes.com]

    Blair's assertion is very serious if it's true. But as Sagan used to say, extraordinary claims require extraordinary proof. In my book, this one ranks as an extraordinary claim.

  • by nurb432 (527695) on Saturday May 29, 2004 @09:06PM (#9287712) Homepage Journal
    He has a rather obvious agenda, as you can tell from his introduction.

    Its his word against common sense for some of his statements, and i personally dont belive him.
  • by solios (53048) on Saturday May 29, 2004 @09:22PM (#9287767) Homepage
    At least on the NES. The vault door to Fred's lab is locked by a keypad, and the combination is whatever the high score on Meteor Madness (second floor arcade room) happens to be. All you have to do is get the key to the outer door, get captured by Nurse Edna or Weird Ed, and get tossed in the basement before Fred plays Meteor Madness. Do this and the combination for the door is all zeros! :D

    Found this out the hard way when I was a kid- I was stuck and didn't know where to look for the code, so I figured I'd brute force it (yes, I was BORED), and.... surprise, it worked on the first go. Found out it was tied to the arcade machine when I inadvertently closed the door and tried to open it again later.

    Man, that game kicked all of the ass.
  • My God.... (Score:5, Funny)

    by AvantLegion (595806) on Saturday May 29, 2004 @09:47PM (#9287845) Journal
    ... I protect my porn better than that!

  • by lawpoop (604919) on Saturday May 29, 2004 @11:06PM (#9288097) Homepage Journal
    Yes, the passwords were "000000" and *everyone* knew it. Any joker in the military could launch nucler missles. Everyone knew it.

    Including the Kremlin.

  • LCF (Score:5, Interesting)

    by Sanat (702) on Sunday May 30, 2004 @12:03AM (#9288288)
    I worked with the Minuteman Missile System for eight years. I was a member of a three man Combat Targeting Team. Our task was aiming the missile and selecting the targets by programming the onboard computer.

    A lot of really strange things can happen in the military involving authentication, encrypting and decrypting information and in the whole target selection process itself.

    Perhaps one of the weirdest occurences that I was personally aware of was when a missile dropped off of "Strategic Alert" (Green Status). There was a two man team of airmen checking out a communications problem in an adjoining building.

    Another team arrived on site and entered into the launch facility and saw that the Nuclear Warhead was missing. Needless to say this scurried people from all over with all kinds of alerts being issued... Losing a nuclear weapon was pretty much frowned upon, needless to say.

    It turned out that the warhead had fallen off of the missile to the bottom of the launch tube 100 feet below.

    The problem was traced to a fuse being changed on the communication box in the soft support building with a screwdriver rather than a fuse puller.

    There was a undetected defect in the onboard computer which combined with the shorting of the communications fuse caused the computer to send the "Fire Retro rockets" signal to the RV (nuclear reentry vehicle)

    Another time I was programming the computer with its needed information when some "never seen before" status lights lit. D-1 and D-3 which if I remember correctly was "Launch Commanded" and "Launch in Progress".

    Normally an individual has to look up these codes in a reference manual. Being the nerd I was back then, I had memorized all of the codes. So I had only a few seconds to react and I proceeded to pop some circuit breakers that would shutdown parts of the operation in case the status was real.

    Our job was not to troubleshoot any further at that point so I never found out whether the computer was intending on really launching or if there were two defective lamp drivers.

    Of course there is a policy that two trained people always had to be present (two man concept) to ensure that nothing illegal was attempted.

    The members of the targeting team were always armed while couriering and programming the launch codes and other vital information into the missile.

  • by ronys (166557) on Sunday May 30, 2004 @01:57AM (#9288541) Journal
    Steve Bellovin [att.com] has a fascinating page on the subject here [att.com]

    The quote at the beginning has become one of my favourite metaphors for describing a process that should be close to impossible:
    "Bypassing a PAL should be, as one weapons designer graphically put it, about as complex as performing a tonsillectomy while entering the patient from the wrong end."


  • by rstovall (2133) on Sunday May 30, 2004 @08:48AM (#9289268)
    I was in SAC from 1978 - 1982, as a missile maint. tech. (a.k.a. "Missile Monkey"). While I can't speak to security prior to that time, I can say that by 78:
    • Security clearances for all personnel associated with the program were extreme... mine took over 6 months, and I know they talked to many people.
    • To the best of my knowledge, PALs were active by that time, though I was not launch crew. Certainly we were trained that PALs were a factor.
    • The warheads were physically configured such that they could not fully arm until they had experienced the stresses of launch and reentry. There was no way to set them off "in the tube".
    • Visits to the actual capsules in the LCC (Launch Control Center) by non-military were limited to the training simulator.
    • While the LCF (Launch Control Facility) appears to be a soft facility on the surface (simple wooden buildings, chain link fences, lightly guarded) nothing up there matters as far as control over the weapons. Only the LCC, the actual capsule a classified number of feet underground, matters and physically it's very imposing. There is no way to open a capsule in short terms from outside (the only accuators for the door locks are inside) and would certainly be a matter of many days even with modern equipment. Of course, even a minor violation the "topside" security was immediately and vigourously responded to, so these sites are not trivially penetrated as the author implies.
    • The missile sites were in some ways tougher. Even an authorized entrance to the hardened facility where everything worked properly took a minimum of 30 minutes plus the worse case time it would take for a security team to respond to that site. If any of the locks failed (I had it happen twice in the 3 years I was in the field) the break in procedure involved two jackhammers, a 16 ton crane, a load of other equipment and two days.. if pressed, I suspect it could have been done in one very long day. Of course, that would set number of alarms, including seismic and radar. Short of entering the hardened launch facility (the launch tube) there is no way to affect the missiles status.. you could not cause of prevent a launch from outside.

    In short, perhaps if someone could gain access to a capsule they could have commanded a lauch, but they'd have had to subvert 2 complete LCC crews to command an immediate launch, and that's just not likely, even if the PALs were not active. One LCC could not command an immediate launch, and would have been overriden by the other capsules in the flight had it attempted to. As discussed above, penetrations of the control center or the actual missile facility could not yield results before an overwhelming response ended the threat. The way we were watched (and the capsule crews were more watched than we were) I doubt four people so profoundly without anyone noticing.

    As for the "bad guys" gaining access to a warhead from the missile site... not a chance. First, to do that they'd have to penetrate the missile facility (not less than 12 hours work) without setting off any alarms and without any of the heavy equipment being noticed be the frequent roving patrols. Penetrating the LCC would not give anyone "access" to the warheads, as the LCC did not control the locks at the missile site, they just monitored them.

    The only significant risk of the warhead falling in the "wrong hands" was during transport, and I can speak from personal experience that those movements were exceptionally well prepared monitored, and armed, with air support close by at all times.

One possible reason that things aren't going according to plan is that there never was a plan in the first place.

Working...