The World's Most Dangerous Password
NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"
If it gets cracked. I cant imagine anyone who had ACCCESS to ust this password having used it, the fact that were all still here shows it was perfectly secure, dont forget its not like some script kiddie could hop on the "Net" and use this password. There were some SERIOUS layers of physical security.
of some of Microsoft's choices for authentication passwords. For example: 1111111111111111 (dont remember how many, but a good guess) for activating a MS Visual studio package. Nice protection for a $1500 license.
Just remember the code: CPE1704TKS
I think that the general case is mostly correct ... you have to allow for some deviation from the norm, especially with a politician as ... unique ... as the one in question.
"Because Science" is one step from "Because old book". Try "Because of my experiment testing my falsifiable assertion".
I work for an outsourcing group for telco (V something). We are non union, so they abuse us over the hourly union people.
t up
This isn't a joke, after all the hacking, the passwords are still the same! Even after Palifornia passed the law about reporting security break ins, they still are not reported!
Here is a sample list of actual of passwords I've kept track.
lucent:lucent
nortel:nortel
nortel:etas
admin:setup
admin:admin
admin:config
setup:se
root:toor
FOA WCDMA hardware that all you need to do is telnet too (no ssh) and run a simple password guessing program, and gain access.
IT's worse than you think.
Maybe this is a fake password. Only a few people know the real password, but "everyone" knows this one. Anyone foolish enough to try to use it would immediately find themselves in a world of trouble.
Am I part of the core demographic for Swedish Fish?
I'd be more worried about the password for this [...]
Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense. None of it has been shown to work in practice, while nuclear weapons have, and are a hell of a lot simpler, and thus scarier.
Alibek would just have been one of the numerous unemployable ex-Soviet scientists if he hadn't exaggerated the technology of a country that had little to no biological infrastructure (thanks to Trofim Lysenko, who managed to get nearly every competent Soviet biologist killed off from 1930-1960)
However, there's no question that all this hysteria has pumped money into microbiology -- the institute where I work has gotten quite deeply into anthrax research, despite B. anthracis basically being boring B. subtilis with a bad attitute.
If you really think it only takes one password to launch an american military nuke (even if we were in the 60s), you're totally mislead.
Now wait a minute, who has been misled here? One layer of security was complete and utter bullshit - and the Secretary of Defense who had it installed didn't know. How many other layers were complete and utter bullshit?
Not only that, but this was the moral equivalent of a military coup against the elected government. The PALs were there to prevent the military from launching without authorization from the National Command Authority (i.e. the President or his successor).
A flight attendant invited me to a party a few years back, and it was mostly pilots and flight attendants at the party. All getting sloshed, of course - pilot and flight attendants DRINK. Since most airline pilots started their careers in the military I got to spend a lot of the evening listening to 'war' stories.
One pilot I talked to used to copilot one of the two big planes (747s?) that they send up that can launch all the missiles remotely in case NORAD gets knocked out. He told a story about how they would run all these drills where they would scramble, get in the air immediately, and then get transmitted codes from the ground. They would unscramble the codes as "do not launch" and then return to base without transmitting anything to the silos, drill over.
According to him, on one of these sorties received the "launch" code in error. So they asked the ground to repeat the transmission. Which they did, and it was the same. So they took a chance and broke protocol and radio'd the ground and told them that they had just sent the "launch" codes, and did they really want them to transmit this along to the silos? Of course the ground told them to cease and return to base.
Scary truth or dunken bravado? Who knows.
Vonnegut was right: Of all the words of mice and men, the saddest are, "It might have been."
I couldn't find this particular scene in the canon anywhere, although, "A Scandal in Bohemia" from The Adventures Of Sherlock Holmes , seems to fit somewhat.
Show me on the doll where his noodly appendage touched you.
He has a rather obvious agenda, as you can tell from his introduction.
Its his word against common sense for some of his statements, and i personally dont belive him.
---- Booth was a patriot ----
>Don't be. I'm a microbiologist and personally I think all this noise about bioweapons is a lot of nonsense.
Mother Nature's bioweapons did a devastating job on the native populations of the Americas when the Europeans arrived.
If reports are true, an accidental release of weaponized Soviet smallpox killed several vaccinated people at Aralsk in 1971. The reports may not be true -- Dr. Donald Henderson(*) is skeptical and he knows smallpox well.
Bioweapons are bad candidates for military weapons because they're hard/impossible to control once released. Artillery shells go exactly where they're told and don't mutate in midair. Generals don't like *uncontrollable* destruction. Terrorists might.
(*)Leader of the worldwide effort that eradicated smallpox last century. Deserves a statue for winning the war against a virus which had killed more people than Stalin, Hitler and Pol Pot put together.
Has anyone seen crimson tide? It is a worst case senerio where a nuke sub gets a 1 hour launch command. The sub is hit and com goes down in the middle of a message. The Captian wants to launch and CO does not. There is an option for just the Captain and not the CO to launch. The navy acctually changed protocall after the movie came out to prevent this senerio.
I worked with the Minuteman Missile System for eight years. I was a member of a three man Combat Targeting Team. Our task was aiming the missile and selecting the targets by programming the onboard computer.
A lot of really strange things can happen in the military involving authentication, encrypting and decrypting information and in the whole target selection process itself.
Perhaps one of the weirdest occurences that I was personally aware of was when a missile dropped off of "Strategic Alert" (Green Status). There was a two man team of airmen checking out a communications problem in an adjoining building.
Another team arrived on site and entered into the launch facility and saw that the Nuclear Warhead was missing. Needless to say this scurried people from all over with all kinds of alerts being issued... Losing a nuclear weapon was pretty much frowned upon, needless to say.
It turned out that the warhead had fallen off of the missile to the bottom of the launch tube 100 feet below.
The problem was traced to a fuse being changed on the communication box in the soft support building with a screwdriver rather than a fuse puller.
There was a undetected defect in the onboard computer which combined with the shorting of the communications fuse caused the computer to send the "Fire Retro rockets" signal to the RV (nuclear reentry vehicle)
Another time I was programming the computer with its needed information when some "never seen before" status lights lit. D-1 and D-3 which if I remember correctly was "Launch Commanded" and "Launch in Progress".
Normally an individual has to look up these codes in a reference manual. Being the nerd I was back then, I had memorized all of the codes. So I had only a few seconds to react and I proceeded to pop some circuit breakers that would shutdown parts of the operation in case the status was real.
Our job was not to troubleshoot any further at that point so I never found out whether the computer was intending on really launching or if there were two defective lamp drivers.
Of course there is a policy that two trained people always had to be present (two man concept) to ensure that nothing illegal was attempted.
The members of the targeting team were always armed while couriering and programming the launch codes and other vital information into the missile.
And in the end, the love you take is equal to the love you make
And accordingly, one does *everything* one can to prevent having to amputate.
I don't see you in the office for the third time about your ingrown toenail and say "hey lets amputate." You've had time to recover, this is just a problem. We need to *DO* something!
We did mostly nothing for 10 years to Iraq. Bush lays down the ultimatum and we "amputate" in like six months - for a wound that we can't find now.
Anyway - war is the last, *last*, **LAST** resort. We didn't approach it that way at all.
Rant off.
Cheers,
Greg
If I recall, it was a big game of the inspectors looking, and not finding anything and crying "He's hiding them". So Hussein showed them more locations, and again, the inspectors cried "he's hiding them".
Eventually, I'd suspect it appeared to him that the inspectors weren't there to find WMD's, but to gather intelligence on what his forces were, etc, etc.
Now, this would appear more correct than paranoia.
But, exactly how do you go about saying "we want to see the WMD's" and know that you're being taken to the correct places? The spys tell you where they are, of course. Again, breaking the trust.
Inspectors: "Hi, We'd like to inspect this list of locations for WMD's."
Iraq: "Who gave you the list?"
Spys: "Don't say spys. Don't say spys."
Inspectors: "Ummm, we guessed?"
Iraq: "Ok, we'll give you access to those locations"
Inspectors: "We didn't find anything there, you must be hiding them, we want to see what you have at these installations now."
Lather, rinse, repeat.
Now imagine any group of inspectors trying to see what the US has hiding around the world. It isn't going to happen. The US has enough to destroy the world many times over, and in reality that's unchecked. Everyone knows "Area 51", but there are countless other "secret" installations that foreign (read: enemy) inspectors can't just walk into.
The US is powerful enough where any country won't push for inspection, in fear that the US would push back.
Foreign Power: "Let us check all of your 'secret' bases!"
U.S.: "Sure, let us nuke you first."
Foreign Power: "Fair enough, give us a diplomatic tour of Washington D.C., with plenty of liquer and hookers."
U.S.: "I see we understand each other."
Serious? Seriousness is well above my pay grade.
But there are several non-obvious ways to tell that some of the password is correct. E.g., a system may check the password left-to-right, and bail out when it finds a difference--in which case accurate and/or repeated timing can tell you how many digits are correct.
:D
You might be kidding, but I can't tell. Anyway, this wouldn't work because the minute differences in response times would not be measurable over a network. Packets do not always take the same amount of time to traverse the Internet, and will often even arrive out of order.
Even over a console connection, you would have to take into consideration that system load would impact the timings, as well.
I'd suggest starting off with some social engineering. You would be amazed at what you can get people to do if you sound like you know what you are talking about. If that fails, then own some joker's broadband PC and have it brute force them into submission. If that fails, then own a lot of boxes and have them all brute force. If nothing else, you'll kill two birds with one stone by doing a DDoS, too.
In short, perhaps if someone could gain access to a capsule they could have commanded a lauch, but they'd have had to subvert 2 complete LCC crews to command an immediate launch, and that's just not likely, even if the PALs were not active. One LCC could not command an immediate launch, and would have been overriden by the other capsules in the flight had it attempted to. As discussed above, penetrations of the control center or the actual missile facility could not yield results before an overwhelming response ended the threat. The way we were watched (and the capsule crews were more watched than we were) I doubt four people so profoundly without anyone noticing.
As for the "bad guys" gaining access to a warhead from the missile site... not a chance. First, to do that they'd have to penetrate the missile facility (not less than 12 hours work) without setting off any alarms and without any of the heavy equipment being noticed be the frequent roving patrols. Penetrating the LCC would not give anyone "access" to the warheads, as the LCC did not control the locks at the missile site, they just monitored them.
The only significant risk of the warhead falling in the "wrong hands" was during transport, and I can speak from personal experience that those movements were exceptionally well prepared monitored, and armed, with air support close by at all times.
Confined though we are, infinity dwells within.