The World's Most Dangerous Password 696
NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"
Its only a bad password (Score:3, Interesting)
Reminds me ... (Score:5, Interesting)
Re:hmm (Score:3, Interesting)
Wasn't there a Sherlock Holmes novel where the police ransack some guys apartment looking for a document, prying up floorboards and turning every page of every book, and whatnot? he document ended up being in a stack of letters on the guys desk, or something. Hiding stuff in the most obvious place _is_ a well used technique, but I don't think it applies to this.
Re:Its only a bad password (Score:3, Interesting)
Re:WOPR's 'guesses' (Score:3, Interesting)
Re:trust (Score:3, Interesting)
Verizon (Score:3, Interesting)
This isn't a joke, after all the hacking, the passwords are still the same! Even after Palifornia passed the law about reporting security break ins, they still are not reported!
Here is a sample list of actual of passwords I've kept track.
lucent:lucent
nortel:nortel
nortel:etas
admin:setup
admin:admin
admin:config
setup:se
root:toor
FOA WCDMA hardware that all you need to do is telnet too (no ssh) and run a simple password guessing program, and gain access.
IT's worse than you think.
maybe this is just the duress password (Score:5, Interesting)
Re:Biopreparat (Score:5, Interesting)
Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense. None of it has been shown to work in practice, while nuclear weapons have, and are a hell of a lot simpler, and thus scarier.
Alibek would just have been one of the numerous unemployable ex-Soviet scientists if he hadn't exaggerated the technology of a country that had little to no biological infrastructure (thanks to Trofim Lysenko, who managed to get nearly every competent Soviet biologist killed off from 1930-1960)
However, there's no question that all this hysteria has pumped money into microbiology -- the institute where I work has gotten quite deeply into anthrax research, despite B. anthracis basically being boring B. subtilis with a bad attitute.
Re:Totally wrong. (Score:5, Interesting)
Now wait a minute, who has been misled here? One layer of security was complete and utter bullshit - and the Secretary of Defense who had it installed didn't know. How many other layers were complete and utter bullshit?
Not only that, but this was the moral equivalent of a military coup against the elected government. The PALs were there to prevent the military from launching without authorization from the National Command Authority (i.e. the President or his successor).
Re:Someone's gotta say it (Score:5, Interesting)
One pilot I talked to used to copilot one of the two big planes (747s?) that they send up that can launch all the missiles remotely in case NORAD gets knocked out. He told a story about how they would run all these drills where they would scramble, get in the air immediately, and then get transmitted codes from the ground. They would unscramble the codes as "do not launch" and then return to base without transmitting anything to the silos, drill over.
According to him, on one of these sorties received the "launch" code in error. So they asked the ground to repeat the transmission. Which they did, and it was the same. So they took a chance and broke protocol and radio'd the ground and told them that they had just sent the "launch" codes, and did they really want them to transmit this along to the silos? Of course the ground told them to cease and return to base.
Scary truth or dunken bravado? Who knows.
Thinking ahead (Score:1, Interesting)
Re:Its only a bad password (Score:1, Interesting)
They had to be able to launch in the event that one of the missle-men shot the other after all.
Consider the source (Score:3, Interesting)
Blair's assertion is very serious if it's true. But as Sagan used to say, extraordinary claims require extraordinary proof. In my book, this one ranks as an extraordinary claim.
Re:hmm (Score:5, Interesting)
I couldn't find this particular scene in the canon anywhere, although, "A Scandal in Bohemia" from The Adventures Of Sherlock Holmes [gutenberg.net] , seems to fit somewhat.
The Worlds Most Dangerous Place Lat 0 and Long 0 (Score:3, Interesting)
He commented that the worst place to be in the event of a nuclear exchange was at Lat 0, Long 0 because if something went wrong the memory overlays (kludge for keeping code within a 64k addressable space) the missles would try to find their way here [confluence.org] and activities such as this [confluence.org] would not be recommended.
Nice story, But i dont buy it (Score:4, Interesting)
Its his word against common sense for some of his statements, and i personally dont belive him.
Re:Biopreparat (Score:5, Interesting)
Mother Nature's bioweapons did a devastating job on the native populations of the Americas when the Europeans arrived.
If reports are true, an accidental release of weaponized Soviet smallpox killed several vaccinated people at Aralsk in 1971. The reports may not be true -- Dr. Donald Henderson(*) is skeptical and he knows smallpox well.
Bioweapons are bad candidates for military weapons because they're hard/impossible to control once released. Artillery shells go exactly where they're told and don't mutate in midair. Generals don't like *uncontrollable* destruction. Terrorists might.
(*)Leader of the worldwide effort that eradicated smallpox last century. Deserves a statue for winning the war against a virus which had killed more people than Stalin, Hitler and Pol Pot put together.
Crimson Tide (Score:3, Interesting)
Re:trust (Score:1, Interesting)
Re:trust (Score:3, Interesting)
Well, as a matter of fact, when Nixon left as vice President and JFK took office, there were 600 US soldiers in Vietnam as advisors. JFK, followed by Lyndon Johnson, were the two who ramped up troop involvment to the highest levels. Your assertion about this pullout is mentioned at this handy page [mu.edu] at Marquette University:
"Revisionists who claim otherwise about JFK and Vietnam hinge their assertions on two points. One, are the stories told by JFK aides Dave Powers and Ken O'Donnell that JFK had privately revealed his intention to withdraw, but only after the 1964 elections, when it would be politically far more feasible to do so. This assertion has to be taken with a grain of salt."
His successor, Nixon, promised to end the war, but escalated it further
On the contrary, the week Nixon took office as President he ordered troop reductions in Vietnam. At no point in the Nixon administration were troops ever increased there. This continued until all were withdrawn.
Perhaps you've been listening to the character of 'Larry' on Dharma and Greg?
Re:We are forced to trust them all. (Score:3, Interesting)
We could argue about the causation of increasing American casualties, in a war "of choice" (by our government, as opposed to "of necessity", as our government represented), causing the American people to increasingly demand we bring our troops out of danger. I'd cite the steady rise in the percentage of Americans polled who say the war isn't worth its cost. But if you didn't understand that simple causation already (too bloody for the optional effects) I wouldn't expect you to accept those polls.
Knowing the public's appetite for violence makes me think less of my fellow Americans. Knowing we were tricked into actually invading, and watching the public awaken to that fact with anger, helps me think more of them. I respect the impulse of those who join the military to protect and serve our country - including members of my family, who of course I know personally. I have reservations about how they express that impulse. But it's the people running the war, in the White House and the Pentagon, who are worthy only of spite.
Of course your "surprise nuke" scenario is weird - where do you get that from? And I'd say "everyone involved" includes the nukers. But how can you possibly expect a single nuke to go off, and end there? Escalation to nuclear war means the end of the world, as everyone gets into the act - the US would only be one player. And that's the end. Although unfortunately not nearly unthinkable enough, your scenario is pretty weird.
Re:Hilarious (Score:3, Interesting)
You know, I'm not so sure. Yesterday, if someone had said, "the nuke launch security code was set to 000000000 on all systems for many years", I would have said "Yeah, right".
How much stupider is attaching a public phone line? Starting to seem possible.
LCF (Score:5, Interesting)
A lot of really strange things can happen in the military involving authentication, encrypting and decrypting information and in the whole target selection process itself.
Perhaps one of the weirdest occurences that I was personally aware of was when a missile dropped off of "Strategic Alert" (Green Status). There was a two man team of airmen checking out a communications problem in an adjoining building.
Another team arrived on site and entered into the launch facility and saw that the Nuclear Warhead was missing. Needless to say this scurried people from all over with all kinds of alerts being issued... Losing a nuclear weapon was pretty much frowned upon, needless to say.
It turned out that the warhead had fallen off of the missile to the bottom of the launch tube 100 feet below.
The problem was traced to a fuse being changed on the communication box in the soft support building with a screwdriver rather than a fuse puller.
There was a undetected defect in the onboard computer which combined with the shorting of the communications fuse caused the computer to send the "Fire Retro rockets" signal to the RV (nuclear reentry vehicle)
Another time I was programming the computer with its needed information when some "never seen before" status lights lit. D-1 and D-3 which if I remember correctly was "Launch Commanded" and "Launch in Progress".
Normally an individual has to look up these codes in a reference manual. Being the nerd I was back then, I had memorized all of the codes. So I had only a few seconds to react and I proceeded to pop some circuit breakers that would shutdown parts of the operation in case the status was real.
Our job was not to troubleshoot any further at that point so I never found out whether the computer was intending on really launching or if there were two defective lamp drivers.
Of course there is a policy that two trained people always had to be present (two man concept) to ensure that nothing illegal was attempted.
The members of the targeting team were always armed while couriering and programming the launch codes and other vital information into the missile.
The PAL is pretty cool (Score:3, Interesting)
If the wrong code was entered three times, the valve assembly would mechanically destroy itself so the missile could never be launched. At least, it would need major repairs.
I wonder if the Titan codes were also all 0s.
Re:trust (Score:4, Interesting)
I don't see you in the office for the third time about your ingrown toenail and say "hey lets amputate." You've had time to recover, this is just a problem. We need to *DO* something!
We did mostly nothing for 10 years to Iraq. Bush lays down the ultimatum and we "amputate" in like six months - for a wound that we can't find now.
Anyway - war is the last, *last*, **LAST** resort. We didn't approach it that way at all.
Rant off.
Cheers,
Greg
Re:trust (Score:5, Interesting)
Eventually, I'd suspect it appeared to him that the inspectors weren't there to find WMD's, but to gather intelligence on what his forces were, etc, etc.
Now, this would appear more correct than paranoia.
But, exactly how do you go about saying "we want to see the WMD's" and know that you're being taken to the correct places? The spys tell you where they are, of course. Again, breaking the trust.
Inspectors: "Hi, We'd like to inspect this list of locations for WMD's."
Iraq: "Who gave you the list?"
Spys: "Don't say spys. Don't say spys."
Inspectors: "Ummm, we guessed?"
Iraq: "Ok, we'll give you access to those locations"
Inspectors: "We didn't find anything there, you must be hiding them, we want to see what you have at these installations now."
Lather, rinse, repeat.
Now imagine any group of inspectors trying to see what the US has hiding around the world. It isn't going to happen. The US has enough to destroy the world many times over, and in reality that's unchecked. Everyone knows "Area 51", but there are countless other "secret" installations that foreign (read: enemy) inspectors can't just walk into.
The US is powerful enough where any country won't push for inspection, in fear that the US would push back.
Foreign Power: "Let us check all of your 'secret' bases!"
U.S.: "Sure, let us nuke you first."
Foreign Power: "Fair enough, give us a diplomatic tour of Washington D.C., with plenty of liquer and hookers."
U.S.: "I see we understand each other."
Re:Poor ICBM security ...who cares? Right? (Score:2, Interesting)
It was about the same time there was the rash of army personel in Germany that were caught dealing drugs on post(I believe the tip off was the enormous number of enlisted personel driving expensive European cars on a salary of $300/month).
Re:WOPR's 'guesses' (Score:4, Interesting)
You might be kidding, but I can't tell. Anyway, this wouldn't work because the minute differences in response times would not be measurable over a network. Packets do not always take the same amount of time to traverse the Internet, and will often even arrive out of order.
Even over a console connection, you would have to take into consideration that system load would impact the timings, as well.
I'd suggest starting off with some social engineering. You would be amazed at what you can get people to do if you sound like you know what you are talking about. If that fails, then own some joker's broadband PC and have it brute force them into submission. If that fails, then own a lot of boxes and have them all brute force. If nothing else, you'll kill two birds with one stone by doing a DDoS, too.
Re:It's even worse than you think... (Score:3, Interesting)
Sounds a bit Alarmist (Score:5, Interesting)
In short, perhaps if someone could gain access to a capsule they could have commanded a lauch, but they'd have had to subvert 2 complete LCC crews to command an immediate launch, and that's just not likely, even if the PALs were not active. One LCC could not command an immediate launch, and would have been overriden by the other capsules in the flight had it attempted to. As discussed above, penetrations of the control center or the actual missile facility could not yield results before an overwhelming response ended the threat. The way we were watched (and the capsule crews were more watched than we were) I doubt four people so profoundly without anyone noticing.
As for the "bad guys" gaining access to a warhead from the missile site... not a chance. First, to do that they'd have to penetrate the missile facility (not less than 12 hours work) without setting off any alarms and without any of the heavy equipment being noticed be the frequent roving patrols. Penetrating the LCC would not give anyone "access" to the warheads, as the LCC did not control the locks at the missile site, they just monitored them.
The only significant risk of the warhead falling in the "wrong hands" was during transport, and I can speak from personal experience that those movements were exceptionally well prepared monitored, and armed, with air support close by at all times.