Slashdot Mirror
British Royal Navy Submarines Now Run Windows
meist3r writes "On his Government blog, Microsoft's Ian McKenzie announced today that the Royal Navy was ahead of schedule for switching their nuclear submarines to a customized Microsoft Windows solution dubbed 'Submarine Command System Next Generation (SMCS NG)' which apparently consists of Windows 2000 network servers and XP workstations. In the article, it is claimed that this decision will save UK taxpayers £22m over the next ten years. The installation of the new system apparently took just 18 days on the HMS Vigilant. According to the BAE Systems press release from 2005, the overall cost of the rollout was £24.5m for all eleven nuclear submarines of the Vanguard, Trafalgar and Swiftsure classes. Talk about staying with the sinking ship."
This roll-out must be 5 years overdue, windows 2000 server?
Compared to what? Going open source would save even more money, no? Maybe submarine apps don't run on Linux. We need someone to code GNU Nuke Reactor.
-- http://ninthagenda.com/
Source for obvious reasons. I know the Brits and Americans are friends, but still, running an OS that is doing Bill-knows-what doesn't sound very secure in many ways (Would you want the US military running a closed source Red Hat Linux sight unseen?). Even if there is no backdoors/spying, the ability to compile the source and see what it is doing at every step will have benefits in the future, to look for holes previously unknown, to see what it is doing every step of the way, or to graft new abilities into it.
Linux/BSD/whatever. In fact, I'm wondering why corporations run MS now, considering all this.
20 posts before the first one that actually provides useful information.
Is that a typical ratio on slashdot? I haven't been keeping track.
> to look for holes previously unknown
especially valid remark in a submarine, IMHO...
Votez ecolo : Chiez dans l'urne !
Didn't the Brits hear about what happened to the USS Yorktown [wikipedia.org] when they tried Windows as a naval solution. God save the Queen, please.
Perhaps the Brits are smart enough to put user input validation into their applications ?
Given the fairly legit reasons average tech users have to believe that windows has a few backdoors installed for groups like the NSA to use(whether this is true or not we can't be sure but personally I'd bet on there being a backdoor) that militaries in other countries would have the sense to not use windows on their most expensive assets.
With the Royal Navy's recruitment advert for IT crew where the guy goes on about how complex the equipment is and then finishes the advert with the punch line "but sometimes, I just switch it off and back on again".
Perhaps this is why it's saved tax payers £22 million too, we no longer need high paid IT staff with a clue what they're doing, we can just get 16 year old school drop outs who IT qualifications are that they built their own PC and set up an internet on uncle Joes computer by sticking the AOL disc in. I mean, hey the nuclear missile launch console has failed to fire off our nuclear deterrent after Russia just obliterated Europe in a nuclear attack, just reinstall Windows and make sure you stick the latest nuclear weapons launch drivers on, if not just pop round to the local PC World store and get the Tech Guys (UK equivalent of Geek Squad) to fix it for £125.
I can sleep comfortably knowing that our nuclear deterrent is in safe hands.
Not since 1776. Look up the definition of a gallon or a ton.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
1. GP does not sound psychotic at all
2. I see nothing irrational or excessive at all. The US has deliberately sent the Lucetania into a battle zone in order to enter WWI, disregarded intelligence that could have prevented Pearl Harbor, entered a virtual battle in Tonkin to enter Vietnam, and made up stories on WMD to enter Iraq. In that light an NSA backdoor does not seem more preposterous to me. And there have been news items on this, even from Bruce Schneier.
I think you owe GP an apology for your incorrect accusation.
Wenn ist das Nunstueck git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput.
Every country in the world that has an aviation or maritime industry still uses knots and feet. Most countries would still have some none-metric units in fairly common use.
Not having input validation on a userland application should NEVER be the reason a whole OS goes belly-up.
Your suggestion could be interpreted that Microsoft was not to blame on the Yorktown debacle, which is wrong.
Wenn ist das Nunstueck git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput.
No, but your average submarine does have an array of sigint antennas, elint, and all the other ints. That said, in the course of sucking down internet from that pencil beam footprint along the cost where president whoever lives, do you really think (all) the processing systems are immune to viruses and malware as well? The bored scope goat running his hand crafted packet sniffer used to strip out files (a.k.a porn) from the data stream, gets a little click happy with the mouse on a dull night watch and runs jessica.exe
Not all viruses get in via the suited moron with the laptop.
Yes, but even if the source is provided, it does raise some questions:
-does the navy just accept the source, but not compile it as the final product, taking the binary as-is or compiled by Microsoft?, essentially nixing the open sourcing security benefts in the first place
-do they have to compile it with Visual Studio? or any x86 compiler will do?
I believe Ken Thompson himself installed a compiler (relatively benign) trojan that survived many years without detection. And this:
http://books.google.com/books?id=bv2n6o_6LaQC&pg=PA378&lpg=PA378&dq=%22ken+thompson%22+compiler+trojan&source=bl&ots=c-sXYKAlKw&sig=nhoa4LVar3Y3j2aLmcqqtAoxjFo&hl=en&sa=X&oi=book_result&resnum=5&ct=result
And the licensees could also compile from this source themselves, using a compiler of choice?
If not, this is not security, this is security theater, which is far worse than no security at all.
Wenn ist das Nunstueck git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput.
Personally I'd be in favour of changing to all metric, but road signs are the major problem. Changing mph to kph and miles to kilometres across the whole country, then educating everyone about the change would be crazily hard.
Here in America, they tried that during the '70s and some in the '80s but it never caught on.
Just think, trying to change a whole nation like the US when just my state is about the same size as England (not UK). Talk about crazily hard.
INSERT INTO comment VALUE('Doh!') WHERE user='you';
The Irish changed all their signs and speed limits to km and km/h from miles and mph a couple of years ago - a big project, granted, but certainly not 'crazily hard' - it should have been done in the seventies
I'm in my late forties and constantly pull much younger people up for using imperial units - what is the problem? Is it just some strange Al Murray / Pub Landlord sense of 'We're British, so f**k you!'? Spirits are sold in ml, bottled beers are sold in ml and yet it's vitally important not to lose the sacrosanct pint for draught beer - utter bullshit.
The UK needs people who care about a consistent system of measurement to start making as much noise as the Little Englanders
[ ]Half Empty [ ]Half Full [x]Twice as big as it needs to be
The UK needs people who care about a consistent system of measurement
why? doesn't the current system work? I've never had problems buying stuff whether its a pint, a litre of milk or worrying whether I've put 3 or 4 gallons in my car when its measured out in litres - it just doesn't matter, I fill it up and if I want to see how far I've gone it'll tell me - in the universally recognised mpg. In my granny's time, she had no problem whatsoever working in pounds, shillings and pence. And she could add up in her head - something cash tellers today have great difficulty with.
The reason its working fine as is is the same reason English is still used as a language instead of Latin or Esperanto. The latter may be technically 'better' but everyone can make subtle and amusing word plays and still understand what you mean. It may be more confusing and have some unusual constructs, but that doesn't matter. I think those are what makes the world work for humans, its only the soulless who think that art is meaningless, that all measurements should be in a base ten, that we should go with swatch time. The world would be such a dull, geeky place if these people had their way.
I doubt its an Al Murray-esque entrenchment of views, more likely an understanding that it isn't broken, so fixing it would only cost lots for no real benefit, and just annoy everybody.
Not having input validation on a userland application should NEVER be the reason a whole OS goes belly-up.
Indeed.
Your suggestion could be interpreted that Microsoft was not to blame on the Yorktown debacle, which is wrong.
They weren't. The application crashed, not the OS. It is trivial to demonstrate that Windows NT can handle a userspace application dividing-by-zero, you just use Calculator.
What's this "Lucetania" thing? Do you mean the RMS Lusitania?
Conspiracy theories are comforting because they let people think that world events are under someone's control, even if it is with malicious intent. Unfortunately, the unpleasant truth is that there generally isn't a conspiracy, and world events unfold largely out of control, spurred on by ignorance, incompetence, and general bloody-mindedness.
If a job's not worth doing, it's not worth doing right.
That would imply that there was 1 application running the whole ship. Is that true? I always assumed that the only 'app' that ran on the whole ship was the OS. Is seems rather silly to me to have 1 application doing a lot of different things on board. It would be known in advance to be error prone, hard to test and hard to maintain.
Wenn ist das Nunstueck git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput.
Sorry for the typing, should have looked it up.
Fact remains that there was a lot of ammunition on board (secretly put there) and the Germans put an advert in the New York Times calling people NOT to board that ship, because it could easily be targeted because of the war.
The sinking was used heavily in war propaganda.
I agree on your look on conspiracies, but that does not mean that they never happen. This one smells funny.
Wenn ist das Nunstueck git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput.
what guarantee is there that Linux - God's gift to nerds - doesn't contain sleeping trojans written by Russians or Chinese ?
I'll bite.
The guarantee comes from the fact that hundreds of people review the kernel sources every day, and the fact that only trusted code is committed to the official (Linus/Andrew Morton, et al) repository(s)
You're free to run anyone's distribution as you wish, so of course you might mistakenly download one with 'sleeping trojans', but I doubt the Navy would.
You would do well to be more concerned about using software from a company who refuses to allow you to review their source code. I'll leave it to you to figure out who that might be.
Microsoft's source code is available for government applications (Government Security Programme), an NDA doesn't make any difference for this topic - it's just paperwork.
But this is besides the point. What I'm hinting at: does it matter that the source is open, given that nobody can inspect that volume in a reasonable time with a reasonable accuracy.
My question does not address open/closed source but the fact that Linux has been open to "hostile entities" since day 1.
And to answer your question directly: Linux source has grown beyond comprehension and analysis for sleeping trojans. You're under the impression that this kind of code is located in a single isolated spot in the source. It's not.
"Violence is the last refuge of the competent, and, generally, the first refuge of the incompetent" - Thing_1
And isn't it common knowledge that Bush _ordered_ his intelligence offices to come up with proof of WMD's in Iraq?
Bush did not order anyone to fabricate intelligence. Neither did Cheney or the others. What they did do was put extraordinary pressure onto the intelligence agencies to come up with something, anything, that would show that Saddam was working on a nuclear weapon. This pressure, combined with the practice of appointing people to positions based on their political ideas, made sure that only intelligence that would please the leaders found its way to the media. Even though it was bad intelligence, it was the only stuff out there. The leaders then used a media tour to promote their war and drown any dissent with the fears of a nuclear Saddam.
That, my friend, is much more sinister than simply ordering someone to come up with intelligence supporting a war.
Remember, You are unique...just like everyone else.
First of all, I find the notion that the UK would send a SUBMARINE to log on to the INTERNET rather silly... I'm sure their department of defense has internet access... no need to go wifi war-diving :)
That said - and assuming you intended to present the more plausible scenario of hacking into the protected wifi network of the coastal palace of . Connecting surveillance equipment directly to the ships network would be extremely poor practice, not matter what operating system it is running.
Such systems are usually isolated.
As for internal threats - soldiers bringing media onboard from home and such: from my experience in the field, such military systems are usually hardened in a manner that you would need a set of wrenches, the admin password, and some wires and assorted spare hardware in order to plug in something you brought from home. This has yet to stop soldiers from doing so - but in this case the correct approach is disciplinary - since I doubt any security system, on windows or any other os, could stand between a sailor on a six month underwater mission and his porn.
Hopefully they have non networked recreational PCs for that purpose...
They would be accessed by an operative prior to installation on board or during servicing in port. The most practical initial objective would be to gather information about submarine operations and the use of IT on the subs.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Hanlon's Razor is really just an extension of Occam's Razor--the simplest answer is often the most correct--and is not a hard and fast rule. It's really just saying that it's much more likely somebody merely blundered into a situation rather than actively plotted and schemed to attain a desired goal.
Backdooring something like the Linux Kernel via traditional means (by attempting to submit malicious patches) would be much, much harder than you think. I mean just read the LKML to understand how thorough the review process is: the owner of the code scrutinizes your patch line by line, suggests improvements, even catches coding style errors, etc. Maintainers are especially cautious about code that comes from unknown developers.
Regarding your comment about hacking servers holding the source code, this would also very likely get caught really quickly, because of the very nature of version control systems whose only purpose is to track changes. As a matter of fact in 2003, a CVS mirror (not the primary repository) of the kernel source tree was successfully hacked and a backdoor was inserted in the code, but the problem got identified and fixed in less than 24 hours
With proprietary software there is only a restricted number of people who review code, typically only a very specific dev/QA team employed by the software vendor. I would even argue that because of the implicit trust between these employees, reviews tend to be shallower. Two examples to prove my point: in 2001 it was discovered that a back door password has been hidden in Borland/Inprise's popular Interbase database software for at least seven years. In June 2008 it was discovered by a security researcher that for multiple years all versions of Windows have been intentionally using a lower-quality cryptographic function for Protected Storage when the locale was set to French.
So, do you trust a development model where malicious code is caught in 24h, or a dev model where backdoors can exist for 7 years ? The answer is obvious to me :)