Slashdot Mirror

← Back to Stories (view on slashdot.org)

MoD's Error Leaks Secrets of UK Nuclear Submarine

Posted by timothy on from the captain-ramius-did-have-a-scottish-brogue dept.

Tasha26 writes "UK's Ministry of Defence admitted that secret information about its nuclear powered submarines was leaked on the internet by mistake. A 'technical error' (i.e. turning the background colour of certain text to black) meant that sensitive blacked-out parts of the online MoD report could be read by anyone who copy-pasted it into another document. This accidental leak reveals, among many other things, how easy it would be to cause a Fukushima-style reactor meltdown in a sub, and details of measures used by the US Navy to protect its own nuclear submarines."

14 of 248 comments (clear)

  1. People Are Stupid by Anonymous Coward · · Score: 5, Insightful

    Why are the people who control dangerous things always so stupid?

    Simple: The vast majority of people are stupid.

    1. Re:People Are Stupid by Kilrah_il · · Score: 4, Insightful

      Actually, 50% of the people have below-average intelligence (assuming a Gaussian distribution), which is a far cry from a "vast majority". It's just that here on /. the average intelligence is above that of the general population (yea, I know), so we tend to look down on all the "others".
      Using background color to black-out sensitive material may seem stupid to us on /., but it is understandable that someone who doesn't know much about computers will think it is secure, esp. since the final PDF file is uneditable. The question is why someone with, obviously, minimal computer skills is given such an important task?

      --
      Whenever in an argument, remember this.
  2. Re:hahaha by RoFLKOPTr · · Score: 3, Insightful

    Or perhaps
    Step 1 ) Remove sensitive information

  3. Fukushima-style? by neokushan · · Score: 5, Insightful

    "This accidental leak reveals, among many other things, how easy it would be to cause a Fukushima-style reactor meltdown in a sub"

    Is that it, now? Is every single thing to do with nuclear reactors going to be compared to Fukushima from now on? What about if terrorists wanted to create a Chernobyl-style meltdown, or how about a three-mile-island-style meltdown?
    No really, it's fine, I don't mind throwing random keywords in there to grab extra attention when it's completely unnecessary.

    --
    +1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
    1. Re:Fukushima-style? by Kilrah_il · · Score: 5, Insightful

      Fukushima is the Library of Congress of nuclear meltdowns. Just as 9/11 is the LoC of terror attacks. People love relative terms; nobody understands a 10^9 becquerel of radiation.

      --
      Whenever in an argument, remember this.
    2. Re:Fukushima-style? by TheSync · · Score: 5, Insightful

      Fukushima meltdown means your backup cooling method goes out after a scram (and tsunami), and you are basically screwed. This requires a failure of imagination about worst possible scenarios combined with a bad plant location.

      Chernobyl explosion is a criticality accident. This requires a really high level of ignorant stupidity or purposeful attack.

      Three Mile Island meltdown is that you don't realize a valve is open and your core water boils away. This requires a level of stupidity in human/machine interaction.

    3. Re:Fukushima-style? by thegarbz · · Score: 4, Insightful

      The vast majority don't understand "Fukushima-style" radiation either ;-)

  4. Junior Member? by Kilrah_il · · Score: 4, Insightful

    From the article:

    The senior technology consultant at web safety firm Sophos said: “It’s a staggeringly stupid thing to do. Anyone with even an elementary knowledge of computing would know how to read it. I can only assume they gave it to a junior member of staff to deal with.

    On the contrary, a junior member probably would have had some computer know-how. They probably gave it to some old-timer who knows nothing about computers (apologies to all /. {1,2,3} UIDs; I am talking about mere mortals, and I will be sure to get off your lawn) and he just thought that if he changes the background, the words will remain blacked-out forever.

    Oh, and BTW, what's with the last sentence?

    Two weeks ago two officers were shot – one fatally – on HMS Astute, when it was docked in Southampton. Sailor Ryan Donovan, 23, has been charged with murder.

    I don't see how it is related to the article, except in regards of it talking about one of Britain's submarines. Talk about tangentiality.

    --
    Whenever in an argument, remember this.
  5. Tabloids on slashdot? by Anonymous Coward · · Score: 0, Insightful

    Surprised at the amount of articles that are appearing here that come from newspapers that in the UK have a record of poor journalism. Wouldn't have took long to get an article from a more respected source.

  6. It's not the user's fault by purplie · · Score: 4, Insightful

    Most users are non-technical. This is an old issue and it's not excusable that the application didn't give a warning.

    1. Re:It's not the user's fault by TheRaven64 · · Score: 3, Insightful

      How would the application know? The user is just drawing a black rectangle, or changing the background colour of the text. Deleting data from a PDF is easy - it's all stored as a dictionary of objects, and it's trivial to replace an object with a different one (you can do it in a text editor, and vim will even syntax highlight the PDF markup for you) - but if you use a drawing tool instead of a redaction tool in a graphical editor then that's user error. The user fundamentally needs to know the difference between adding information to a document and removing information. A tool that warns a user whenever they draw a rectangle that they're not redacting data would be insanely irritating.

      --
      I am TheRaven on Soylent News
    2. Re:It's not the user's fault by Alain+Williams · · Score: 3, Insightful

      Most users are non-technical.

      Management should ensure that those should be properly trained to do their job. Those responsible for putting stuff on web sites (or where ever) should know what they are doing. Would it be acceptable to say ''he blew up the nuclear sub because he didn't know how to manage the reactor'' ?

      This is an old issue and it's not excusable that the application didn't give a warning.

      The application was probably instructed to turn the background black, it was probably not instructed to make certain text unreadable.

      This is a management issue but, as ever, I can see them just blaming some muppet at the bottom of the pile.

  7. Re:Daily Star? by PolygamousRanchKid+ · · Score: 5, Insightful

    The newspaper is most famous for its page-3 topless girls

    Which is something that Slashdot could use more of! Forget, "OMG! Ponies!" How about next April 1st, we see a page-3 topless girls Slashdot site. Sure should be more interesting than all of those other April 1st articles . . .

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  8. WYSWYG mindset strikes again by introcept · · Score: 3, Insightful

    The problem is using programs that advertise themselves as WYSWYG editors when in fact they're not.

    Now it's unreasonable to expect the every computer-literate but non-expert user to understand the data format, encoding and specific behaviour of every document editor. The blame here rests solely on the management that should have trained users how to manipulate sensitive documents using approved tools.