The World's Most Dangerous Password

NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"

Its only a bad password

[MajorDick]

If it gets cracked. I cant imagine anyone who had ACCCESS to ust this password having used it, the fact that were all still here shows it was perfectly secure, dont forget its not like some script kiddie could hop on the "Net" and use this password. There were some SERIOUS layers of physical security.

Reminds me ...

[shadowkoder]

of some of Microsoft's choices for authentication passwords. For example: 1111111111111111 (dont remember how many, but a good guess) for activating a MS Visual studio package. Nice protection for a $1500 license.

Re:hmm

[FlipmodePlaya]

I have to disagree with you here. If a hacker was guessing thousands of random combinations of numbers, why not all 0s? Is 98347283 any more likely than 00000000?

Wasn't there a Sherlock Holmes novel where the police ransack some guys apartment looking for a document, prying up floorboards and turning every page of every book, and whatnot? he document ended up being in a stack of letters on the guys desk, or something. Hiding stuff in the most obvious place _is_ a well used technique, but I don't think it applies to this.

Re:Its only a bad password

[Anonymous Coward]

There are fewer layers than you think. These missiles would have had to be launched within minutes in response to an attack. How many layers of security can you pack into 15 minutes? This was probably one of the reasons for choosing a braindead password in the first place.

Re:WOPR's 'guesses'

[adipocere]

Just remember the code: CPE1704TKS

Re:trust

[TheGavster]

I think that the general case is mostly correct ... you have to allow for some deviation from the norm, especially with a politician as ... unique ... as the one in question.

Verizon

[Anonymous Coward]

I work for an outsourcing group for telco (V something). We are non union, so they abuse us over the hourly union people.

This isn't a joke, after all the hacking, the passwords are still the same! Even after Palifornia passed the law about reporting security break ins, they still are not reported!

Here is a sample list of actual of passwords I've kept track.
lucent:lucent
nortel:nortel
nortel:etas
admin:setup
admin:admin
admin:config
setup:set up
root:toor

FOA WCDMA hardware that all you need to do is telnet too (no ssh) and run a simple password guessing program, and gain access.

IT's worse than you think.

maybe this is just the duress password

[pedantic bore]

Maybe this is a fake password. Only a few people know the real password, but "everyone" knows this one. Anyone foolish enough to try to use it would immediately find themselves in a world of trouble.

Re:Biopreparat

[Jonathan]

I'd be more worried about the password for this [...]

Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense. None of it has been shown to work in practice, while nuclear weapons have, and are a hell of a lot simpler, and thus scarier.

Alibek would just have been one of the numerous unemployable ex-Soviet scientists if he hadn't exaggerated the technology of a country that had little to no biological infrastructure (thanks to Trofim Lysenko, who managed to get nearly every competent Soviet biologist killed off from 1930-1960)

However, there's no question that all this hysteria has pumped money into microbiology -- the institute where I work has gotten quite deeply into anthrax research, despite B. anthracis basically being boring B. subtilis with a bad attitute.

Re:Totally wrong.

[putaro]

If you really think it only takes one password to launch an american military nuke (even if we were in the 60s), you're totally mislead.


Now wait a minute, who has been misled here? One layer of security was complete and utter bullshit - and the Secretary of Defense who had it installed didn't know. How many other layers were complete and utter bullshit?

Not only that, but this was the moral equivalent of a military coup against the elected government. The PALs were there to prevent the military from launching without authorization from the National Command Authority (i.e. the President or his successor).

Re:Someone's gotta say it

[JMandingo]

A flight attendant invited me to a party a few years back, and it was mostly pilots and flight attendants at the party. All getting sloshed, of course - pilot and flight attendants DRINK. Since most airline pilots started their careers in the military I got to spend a lot of the evening listening to 'war' stories.

One pilot I talked to used to copilot one of the two big planes (747s?) that they send up that can launch all the missiles remotely in case NORAD gets knocked out. He told a story about how they would run all these drills where they would scramble, get in the air immediately, and then get transmitted codes from the ground. They would unscramble the codes as "do not launch" and then return to base without transmitting anything to the silos, drill over.

According to him, on one of these sorties received the "launch" code in error. So they asked the ground to repeat the transmission. Which they did, and it was the same. So they took a chance and broke protocol and radio'd the ground and told them that they had just sent the "launch" codes, and did they really want them to transmit this along to the silos? Of course the ground told them to cease and return to base.

Scary truth or dunken bravado? Who knows.

Thinking ahead

[Anonymous Coward]

From the article which as written in 1977:

Also, any form of preaccess screening of civilians, especially involving information storage systems like databanks, has potential for abuse and warrants close scrutiny.

Wow. If there were people thinking this way then, why don't the politicians get it yet.

Re:Its only a bad password

[Anonymous Coward]

I've had it asserted by several friends who used to be missle-men that there was a well known work around the two key locks.

They had to be able to launch in the event that one of the missle-men shot the other after all.

Consider the source

[jmichaelg]

The article may be factual but then again, it may not. I first saw a reference to this story on Fark and the link went to the Moscow Times. [themoscowtimes.com]

Blair's assertion is very serious if it's true. But as Sagan used to say, extraordinary claims require extraordinary proof. In my book, this one ranks as an extraordinary claim.

Re:hmm

[pyrrhonist]

Wasn't there a Sherlock Holmes novel where the police ransack some guys apartment looking for a document

I couldn't find this particular scene in the canon anywhere, although, "A Scandal in Bohemia" from The Adventures Of Sherlock Holmes [gutenberg.net] , seems to fit somewhat.

The Worlds Most Dangerous Place Lat 0 and Long 0

[Camel Pilot]

I once worked with a guy who wrote the O/S for a MilSpec computer (Rolm 64) that was used in ICBM's.

He commented that the worst place to be in the event of a nuclear exchange was at Lat 0, Long 0 because if something went wrong the memory overlays (kludge for keeping code within a 64k addressable space) the missles would try to find their way here [confluence.org] and activities such as this [confluence.org] would not be recommended.

Nice story, But i dont buy it

[nurb432]

He has a rather obvious agenda, as you can tell from his introduction.

Its his word against common sense for some of his statements, and i personally dont belive him.

Re:Biopreparat

[Beryllium Sphere(tm)]

>Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense.

Mother Nature's bioweapons did a devastating job on the native populations of the Americas when the Europeans arrived.

If reports are true, an accidental release of weaponized Soviet smallpox killed several vaccinated people at Aralsk in 1971. The reports may not be true -- Dr. Donald Henderson(*) is skeptical and he knows smallpox well.

Bioweapons are bad candidates for military weapons because they're hard/impossible to control once released. Artillery shells go exactly where they're told and don't mutate in midair. Generals don't like *uncontrollable* destruction. Terrorists might.

(*)Leader of the worldwide effort that eradicated smallpox last century. Deserves a statue for winning the war against a virus which had killed more people than Stalin, Hitler and Pol Pot put together.

Crimson Tide

[JavaPunk]

Has anyone seen crimson tide? It is a worst case senerio where a nuke sub gets a 1 hour launch command. The sub is hit and com goes down in the middle of a message. The Captian wants to launch and CO does not. There is an option for just the Captain and not the CO to launch. The navy acctually changed protocall after the movie came out to prevent this senerio.

Re:trust

[Anonymous Coward]

I'd choose an Iranian prison - at least they don't lie about the government sanctioning brutality.

Re:trust

[magarity]

JFK ordered a pullout of Vietnam

Well, as a matter of fact, when Nixon left as vice President and JFK took office, there were 600 US soldiers in Vietnam as advisors. JFK, followed by Lyndon Johnson, were the two who ramped up troop involvment to the highest levels. Your assertion about this pullout is mentioned at this handy page [mu.edu] at Marquette University:

"Revisionists who claim otherwise about JFK and Vietnam hinge their assertions on two points. One, are the stories told by JFK aides Dave Powers and Ken O'Donnell that JFK had privately revealed his intention to withdraw, but only after the 1964 elections, when it would be politically far more feasible to do so. This assertion has to be taken with a grain of salt."

His successor, Nixon, promised to end the war, but escalated it further

On the contrary, the week Nixon took office as President he ordered troop reductions in Vietnam. At no point in the Nixon administration were troops ever increased there. This continued until all were withdrawn.
Perhaps you've been listening to the character of 'Larry' on Dharma and Greg?

Re:We are forced to trust them all.

[Doc Ruby]

Just because you are having trouble understanding my clear posts doesn't make me a troll.

We could argue about the causation of increasing American casualties, in a war "of choice" (by our government, as opposed to "of necessity", as our government represented), causing the American people to increasingly demand we bring our troops out of danger. I'd cite the steady rise in the percentage of Americans polled who say the war isn't worth its cost. But if you didn't understand that simple causation already (too bloody for the optional effects) I wouldn't expect you to accept those polls.

Knowing the public's appetite for violence makes me think less of my fellow Americans. Knowing we were tricked into actually invading, and watching the public awaken to that fact with anger, helps me think more of them. I respect the impulse of those who join the military to protect and serve our country - including members of my family, who of course I know personally. I have reservations about how they express that impulse. But it's the people running the war, in the White House and the Pentagon, who are worthy only of spite.

Of course your "surprise nuke" scenario is weird - where do you get that from? And I'd say "everyone involved" includes the nukers. But how can you possibly expect a single nuke to go off, and end there? Escalation to nuclear war means the end of the world, as everyone gets into the act - the US would only be one player. And that's the end. Although unfortunately not nearly unthinkable enough, your scenario is pretty weird.

Re:Hilarious

[IdahoEv]

2. There's a public phone line attached to it. Yeah, right.

You know, I'm not so sure. Yesterday, if someone had said, "the nuke launch security code was set to 000000000 on all systems for many years", I would have said "Yeah, right".

How much stupider is attaching a public phone line? Starting to seem possible.

LCF

[Sanat]

I worked with the Minuteman Missile System for eight years. I was a member of a three man Combat Targeting Team. Our task was aiming the missile and selecting the targets by programming the onboard computer.

A lot of really strange things can happen in the military involving authentication, encrypting and decrypting information and in the whole target selection process itself.

Perhaps one of the weirdest occurences that I was personally aware of was when a missile dropped off of "Strategic Alert" (Green Status). There was a two man team of airmen checking out a communications problem in an adjoining building.

Another team arrived on site and entered into the launch facility and saw that the Nuclear Warhead was missing. Needless to say this scurried people from all over with all kinds of alerts being issued... Losing a nuclear weapon was pretty much frowned upon, needless to say.

It turned out that the warhead had fallen off of the missile to the bottom of the launch tube 100 feet below.

The problem was traced to a fuse being changed on the communication box in the soft support building with a screwdriver rather than a fuse puller.

There was a undetected defect in the onboard computer which combined with the shorting of the communications fuse caused the computer to send the "Fire Retro rockets" signal to the RV (nuclear reentry vehicle)

Another time I was programming the computer with its needed information when some "never seen before" status lights lit. D-1 and D-3 which if I remember correctly was "Launch Commanded" and "Launch in Progress".

Normally an individual has to look up these codes in a reference manual. Being the nerd I was back then, I had memorized all of the codes. So I had only a few seconds to react and I proceeded to pop some circuit breakers that would shutdown parts of the operation in case the status was real.

Our job was not to troubleshoot any further at that point so I never found out whether the computer was intending on really launching or if there were two defective lamp drivers.

Of course there is a policy that two trained people always had to be present (two man concept) to ensure that nothing illegal was attempted.

The members of the targeting team were always armed while couriering and programming the launch codes and other vital information into the missile.

The PAL is pretty cool

[crucini]

Too bad they screwed it up. The Titan missiles (you can visit one in Green Valley AZ) had a combination that was evaluated by the launch valve inside the missile. The airman would enter the code with thumbwheel switches on a rack-mount box in the underground control room. That box had cables running through a tunnel to the silo, where they connected to the missile and ultimately the valve assembly.

If the wrong code was entered three times, the valve assembly would mechanically destroy itself so the missile could never be launched. At least, it would need major repairs.

I wonder if the Titan codes were also all 0s.

Re:trust

[GSloop]

And accordingly, one does *everything* one can to prevent having to amputate.

I don't see you in the office for the third time about your ingrown toenail and say "hey lets amputate." You've had time to recover, this is just a problem. We need to *DO* something!

We did mostly nothing for 10 years to Iraq. Bush lays down the ultimatum and we "amputate" in like six months - for a wound that we can't find now.

Anyway - war is the last, *last*, **LAST** resort. We didn't approach it that way at all.

Rant off.
Cheers,
Greg

Re:trust

[JWSmythe]

If I recall, it was a big game of the inspectors looking, and not finding anything and crying "He's hiding them". So Hussein showed them more locations, and again, the inspectors cried "he's hiding them".

Eventually, I'd suspect it appeared to him that the inspectors weren't there to find WMD's, but to gather intelligence on what his forces were, etc, etc.

Now, this would appear more correct than paranoia.

But, exactly how do you go about saying "we want to see the WMD's" and know that you're being taken to the correct places? The spys tell you where they are, of course. Again, breaking the trust.

Inspectors: "Hi, We'd like to inspect this list of locations for WMD's."

Iraq: "Who gave you the list?"

Spys: "Don't say spys. Don't say spys."

Inspectors: "Ummm, we guessed?"

Iraq: "Ok, we'll give you access to those locations"

Inspectors: "We didn't find anything there, you must be hiding them, we want to see what you have at these installations now."

Lather, rinse, repeat.

Now imagine any group of inspectors trying to see what the US has hiding around the world. It isn't going to happen. The US has enough to destroy the world many times over, and in reality that's unchecked. Everyone knows "Area 51", but there are countless other "secret" installations that foreign (read: enemy) inspectors can't just walk into.

The US is powerful enough where any country won't push for inspection, in fear that the US would push back.

Foreign Power: "Let us check all of your 'secret' bases!"

U.S.: "Sure, let us nuke you first."

Foreign Power: "Fair enough, give us a diplomatic tour of Washington D.C., with plenty of liquer and hookers."

U.S.: "I see we understand each other."

Re:Poor ICBM security ...who cares? Right?

[hemp]

Does anyone hear remember in the late 70's(was anyone here born before the 70's?) the uproar after the remains of several marijuana cigarettes were found in one of the ICBM silos??

It was about the same time there was the rash of army personel in Germany that were caught dealing drugs on post(I believe the tip off was the enormous number of enlisted personel driving expensive European cars on a salary of $300/month).

Re:WOPR's 'guesses'

[Awptimus Prime]

But there are several non-obvious ways to tell that some of the password is correct. E.g., a system may check the password left-to-right, and bail out when it finds a difference--in which case accurate and/or repeated timing can tell you how many digits are correct.

You might be kidding, but I can't tell. Anyway, this wouldn't work because the minute differences in response times would not be measurable over a network. Packets do not always take the same amount of time to traverse the Internet, and will often even arrive out of order.

Even over a console connection, you would have to take into consideration that system load would impact the timings, as well.

I'd suggest starting off with some social engineering. You would be amazed at what you can get people to do if you sound like you know what you are talking about. If that fails, then own some joker's broadband PC and have it brute force them into submission. If that fails, then own a lot of boxes and have them all brute force. If nothing else, you'll kill two birds with one stone by doing a DDoS, too. :D

Re:It's even worse than you think...

[Slashamatic]

Seriously Robert McNamara was one of the main instigators of the Permissive Action Link (PAL) which was supposed to prevent arming or missile launches happening by accident. Unfortunately SAC thought this was for wusses slowing down the launch time too much. Hence the all zeroes code. McNaramara found out much later and went about as ballistic as his missiles.

Sounds a bit Alarmist

[rstovall]

I was in SAC from 1978 - 1982, as a missile maint. tech. (a.k.a. "Missile Monkey"). While I can't speak to security prior to that time, I can say that by 78:

• Security clearances for all personnel associated with the program were extreme... mine took over 6 months, and I know they talked to many people.
  
• To the best of my knowledge, PALs were active by that time, though I was not launch crew. Certainly we were trained that PALs were a factor.
  
• The warheads were physically configured such that they could not fully arm until they had experienced the stresses of launch and reentry. There was no way to set them off "in the tube".
  
• Visits to the actual capsules in the LCC (Launch Control Center) by non-military were limited to the training simulator.
  
• While the LCF (Launch Control Facility) appears to be a soft facility on the surface (simple wooden buildings, chain link fences, lightly guarded) nothing up there matters as far as control over the weapons. Only the LCC, the actual capsule a classified number of feet underground, matters and physically it's very imposing. There is no way to open a capsule in short terms from outside (the only accuators for the door locks are inside) and would certainly be a matter of many days even with modern equipment. Of course, even a minor violation the "topside" security was immediately and vigourously responded to, so these sites are not trivially penetrated as the author implies.
  
• The missile sites were in some ways tougher. Even an authorized entrance to the hardened facility where everything worked properly took a minimum of 30 minutes plus the worse case time it would take for a security team to respond to that site. If any of the locks failed (I had it happen twice in the 3 years I was in the field) the break in procedure involved two jackhammers, a 16 ton crane, a load of other equipment and two days.. if pressed, I suspect it could have been done in one very long day. Of course, that would set number of alarms, including seismic and radar. Short of entering the hardened launch facility (the launch tube) there is no way to affect the missiles status.. you could not cause of prevent a launch from outside.
  

In short, perhaps if someone could gain access to a capsule they could have commanded a lauch, but they'd have had to subvert 2 complete LCC crews to command an immediate launch, and that's just not likely, even if the PALs were not active. One LCC could not command an immediate launch, and would have been overriden by the other capsules in the flight had it attempted to. As discussed above, penetrations of the control center or the actual missile facility could not yield results before an overwhelming response ended the threat. The way we were watched (and the capsule crews were more watched than we were) I doubt four people so profoundly without anyone noticing.

As for the "bad guys" gaining access to a warhead from the missile site... not a chance. First, to do that they'd have to penetrate the missile facility (not less than 12 hours work) without setting off any alarms and without any of the heavy equipment being noticed be the frequent roving patrols. Penetrating the LCC would not give anyone "access" to the warheads, as the LCC did not control the locks at the missile site, they just monitored them.

The only significant risk of the warhead falling in the "wrong hands" was during transport, and I can speak from personal experience that those movements were exceptionally well prepared monitored, and armed, with air support close by at all times.