Slashdot Mirror


The World's Most Dangerous Password

NonNullSet writes "Minutemen ICBMs were deployed in the early 1960s, and grew to over 1000 in number. They were allegedly protected from a "rogue launch" by an approach known as PAL (Permissive Action Link). The PAL required that the correct 8-digit launch code be entered by the missiliers before the missile would establish ignition. What if all the PAL codes had been set to '00000000,' and 'everyone' in the Strategic Air Command knew it? That is unbelievably what happened, as described in this article from the Center for Defense Information. Not exactly a great example for getting people to choose difficult passwords!"

4 of 696 comments (clear)

  1. Reminds me ... by shadowkoder · · Score: 5, Interesting

    of some of Microsoft's choices for authentication passwords. For example: 1111111111111111 (dont remember how many, but a good guess) for activating a MS Visual studio package. Nice protection for a $1500 license.

  2. maybe this is just the duress password by pedantic+bore · · Score: 5, Interesting

    Maybe this is a fake password. Only a few people know the real password, but "everyone" knows this one. Anyone foolish enough to try to use it would immediately find themselves in a world of trouble.

    --
    Am I part of the core demographic for Swedish Fish?
  3. Re:Someone's gotta say it by JMandingo · · Score: 5, Interesting

    A flight attendant invited me to a party a few years back, and it was mostly pilots and flight attendants at the party. All getting sloshed, of course - pilot and flight attendants DRINK. Since most airline pilots started their careers in the military I got to spend a lot of the evening listening to 'war' stories.

    One pilot I talked to used to copilot one of the two big planes (747s?) that they send up that can launch all the missiles remotely in case NORAD gets knocked out. He told a story about how they would run all these drills where they would scramble, get in the air immediately, and then get transmitted codes from the ground. They would unscramble the codes as "do not launch" and then return to base without transmitting anything to the silos, drill over.

    According to him, on one of these sorties received the "launch" code in error. So they asked the ground to repeat the transmission. Which they did, and it was the same. So they took a chance and broke protocol and radio'd the ground and told them that they had just sent the "launch" codes, and did they really want them to transmit this along to the silos? Of course the ground told them to cease and return to base.

    Scary truth or dunken bravado? Who knows.

    --
    Vonnegut was right: Of all the words of mice and men, the saddest are, "It might have been."
  4. Sounds a bit Alarmist by rstovall · · Score: 5, Interesting
    I was in SAC from 1978 - 1982, as a missile maint. tech. (a.k.a. "Missile Monkey"). While I can't speak to security prior to that time, I can say that by 78:
    • Security clearances for all personnel associated with the program were extreme... mine took over 6 months, and I know they talked to many people.
    • To the best of my knowledge, PALs were active by that time, though I was not launch crew. Certainly we were trained that PALs were a factor.
    • The warheads were physically configured such that they could not fully arm until they had experienced the stresses of launch and reentry. There was no way to set them off "in the tube".
    • Visits to the actual capsules in the LCC (Launch Control Center) by non-military were limited to the training simulator.
    • While the LCF (Launch Control Facility) appears to be a soft facility on the surface (simple wooden buildings, chain link fences, lightly guarded) nothing up there matters as far as control over the weapons. Only the LCC, the actual capsule a classified number of feet underground, matters and physically it's very imposing. There is no way to open a capsule in short terms from outside (the only accuators for the door locks are inside) and would certainly be a matter of many days even with modern equipment. Of course, even a minor violation the "topside" security was immediately and vigourously responded to, so these sites are not trivially penetrated as the author implies.
    • The missile sites were in some ways tougher. Even an authorized entrance to the hardened facility where everything worked properly took a minimum of 30 minutes plus the worse case time it would take for a security team to respond to that site. If any of the locks failed (I had it happen twice in the 3 years I was in the field) the break in procedure involved two jackhammers, a 16 ton crane, a load of other equipment and two days.. if pressed, I suspect it could have been done in one very long day. Of course, that would set number of alarms, including seismic and radar. Short of entering the hardened launch facility (the launch tube) there is no way to affect the missiles status.. you could not cause of prevent a launch from outside.

    In short, perhaps if someone could gain access to a capsule they could have commanded a lauch, but they'd have had to subvert 2 complete LCC crews to command an immediate launch, and that's just not likely, even if the PALs were not active. One LCC could not command an immediate launch, and would have been overriden by the other capsules in the flight had it attempted to. As discussed above, penetrations of the control center or the actual missile facility could not yield results before an overwhelming response ended the threat. The way we were watched (and the capsule crews were more watched than we were) I doubt four people so profoundly without anyone noticing.

    As for the "bad guys" gaining access to a warhead from the missile site... not a chance. First, to do that they'd have to penetrate the missile facility (not less than 12 hours work) without setting off any alarms and without any of the heavy equipment being noticed be the frequent roving patrols. Penetrating the LCC would not give anyone "access" to the warheads, as the LCC did not control the locks at the missile site, they just monitored them.

    The only significant risk of the warhead falling in the "wrong hands" was during transport, and I can speak from personal experience that those movements were exceptionally well prepared monitored, and armed, with air support close by at all times.
    --
    Confined though we are, infinity dwells within.