Slashdot Mirror


The World's Most Dangerous Password

NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"

6 of 696 comments (clear)

  1. The world was different then by sloshr · · Score: 5, Insightful

    Things have changed on the global level more than just a little bit, and I'd imagine a good deal of the security surrounding the prevention of launches centered around the PHYSICAL security. If the bad guy can't reach the keyboard to enter the codes - well, then, does it matter what the passwords set to?

    For better or worse, the system seemed to have worked - there weren't any unauthorized missiles launched that I'm aware of.

  2. The writeup is misleading.... by 33degrees · · Score: 5, Insightful

    According to the article, someone in the chain of command decided that they didn't want this safeguard, and ordered that the password be set to 00000000 and the dials used to enter the password left in that position; in effect, the equivalent of having a blank password so that you don't have to bother entering it.

    The story here, then, is not that a bad password was chosen, but that somebody decided to disobey orders by disabling the password, and that the higherups were completely in the dark about it.

  3. Poor ICBM security ...who cares? Right? by Exocet · · Score: 5, Insightful

    That seems to be the concensus at this point. People have repeatedly pointed out that the *physical* security was VERY VERY STRICT. Just because the password, a deterrant that top-level people thought was VERY VERY necessary was completely missing ...oh, that's fine. They still have keys and ummm other stuff, right?

    RTFA. Blair and Brewer point out that, at the time, the military wanted to improve their public relations and would give TOURS of LCC's! B&B repeatedly point out that virtually anyone who asked could get access! The physical security was crap and the codes weren't in place. IE, any moderately funded and motivated terrorist group could have had a field day if they'd know about this severe weakness.

    "Four individuals (two persons in each of two separate LCCs in the same squadron) acting in concert could succeed in mechanically launching one or more missiles." In seconds. Not minutes or hours.

    "[...] annually thousands of visitors holding no clearance whatsoever were permitted access to operational LCCs."

    "Located in each LCC are two launch keys, one for each member of the crew, and the codes needed to authenticate presidential launch directives. Only the launch keys, not the codes, are physical prerequisites for generating valid launch commands, the purpose of the codes being exclusively that of authenticating an execution directive."

    B&B make it sound as if you happened to be on a tour and decided to overpower the minimal security force (two crew members + a couple of guards at best (isolated locations, remember?) then it's good to go - you already know the launch codes because it's always all zero's. Or, even worse:

    "Technically, crew members can launch a nuclear attack with or without approval from higher authority. Unless PAL or its equivalent forecloses this option, as many as 50 missiles could be illicitly fired. Moreover, unless adequate precautions were instituted, an even more drastic option would be available. Crew members could conspire in the formatting and transmittal of strategic strike directives, deceiving the full contingent of Strategic Air Command (SAC) LCCs, as well as higher authorities, into reacting to a spurious launch directive as if it were valid and authentic. Or they could render the U.S. strategic force virtually impotent by formatting and transmitting messages invalidating the active inventory of presidential execution codes. Finally, crew members could aid accomplices in stealing thermonuclear warheads from missiles on active alert."

    Keep in mind that Blair was working in an LCC as a crew member in the mid-70's. He was obviously in a unique position (which virtually none of us were or are) to write this paper. His direct observation on how to subvert the access/security controls on the ICBM's trump anyone else's estimate on what might or might not happen. His letters and paper in 1977 are basically what got those locks activated in... 1977.

    It is especially hypocritical that the majority of the Slashdot comments were fine with this poor use of a password mechanism. In your own place of business you most likely would NEVER allow this to happen and you just run some servers - as opposed to ICBM's capable turning your city into a big kitty litter box. Don't defend the actions of those in charge in the 60's and 70's. They were flat out wrong and frankly should have been thrown in military prison for such a massive security breach.

    --
    Exocet Industries - Taking over the world, one computer at a
  4. Re:WOPR's 'guesses' by the_mad_poster · · Score: 5, Insightful

    I think a +5, Informative on a joke about posting a root password to the world is as funny as the joke itself. It's like the mods adding to the original joke: "Here everyone, r00t this guy."

    --
    Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
  5. Re:trust by Anonymous Coward · · Score: 5, Insightful

    " but since there is an unbroken string of broken UN resolutions dating back to Saddam's invasion of Kuwait, I'd say it makes just as much sense to call this a continuation of that"

    Then I guess we'll be taking out Israel next, for all the UN resolutions they've broken/ignored?

  6. Re:trust by Bald+Wookie · · Score: 5, Insightful

    Yes, announcing that you don't have significant weapons and appearing weak is a good idea when you have a powerful and belligerent Iran next door.

    Given a choice of fighting Iran or the US, I'd take Iran every single time.