Slashdot Mirror
US Military Is Looking At Blockchain Technology To Secure Nuclear Weapons (qz.com)
Lasrick quotes a report from Quartz: Blockchain technology has been slow to gain adoption in non-financial contexts, but it could turn out to have invaluable military applications. DARPA, the storied research unit of the U.S. Department of Defense, is currently funding efforts to find out if blockchains could help secure highly sensitive data, with potential applications for everything from nuclear weapons to military satellites. The report adds: "The case for using a blockchain boils down to a concept in computer security known as 'information integrity.' That's basically being able to track when a system or piece of data has been viewed or modified. In DARPA's case, blockchain tech could offer crucial intelligence on whether a hacker has modified something in a database, or whether they're surveilling a particular military system. This September, DARPA, which stands for Defense Advanced Research Projects Agency (the agency helped create the internet, among other things), awarded a $1.8 million contract to a computer security firm called Galois. The firm's assignment is to formally verify -- a sort of computer-code audit, using mathematics -- a particular type of blockchain tech supplied by a company called Guardtime. Formal verification is one way to build nearly unhackable code, and it's a big part of DARPA's approach to security. If the verification goes well, it could inch DARPA closer to using some form of blockchain technology for the military, DARPA's program manger behind the blockchain effort, Timothy Booher, said. 'We're certainly thinking through a lot of applications,' he says. 'As Galois does its verification work and we understand at a deep level the security properties of this [technology] then I would start to set up a series of meetings [with the rest of the agency] to start that dialog.'"
I am old, and one of the geeks that has been building networks and connecting people to the internet since the 94. Can you tell me again what DARPA stands for? Speak up sonny.
Silence is a state of mime.
so that 51-percent of the US population has to vote affirmative before the nuclear weapons are unlocked.
https://youtu.be/ZDOI0cq6GZM
joshua what are you doing?
that sounds gay as heck why would they they do a thing like that.. "buttcoin"
blockchain
For actually explaining what blockchain technology is:"The case for using a blockchain boils down to a concept in computer security known as 'information integrity.' That's basically being able to track when a system or piece of data has been viewed or modified."
Bravo! Too many Slashdot stories these days are like walking in on a three hour conversation.
She'll be emailing them to everyone!
The Donald is only interested if it can be used to grab women by the pussy.
Then they'll store it on a pile of 8" floppies.
Just try getting your hands on something to read those 8 1/2 floppies on the proper tape-rolls...
The only security our nuclear weapons need is for a designer to go in, remove one piece, and keep it locked in a safe fifteen feet away from said weapon. Given the complexity of our nuclear weapons (I don't think we are using any Gun-type Uranium models anymore, could be wrong), and the required timing of the explosive charges (I'm thinking of another type here; may not apply to all), that piece of hardware has to be reinstalled in the nuclear weapon in the right place (according to the right measurements, etc.), or you have anything from a dud to dirty bomb to a less-capable nuclear bomb.
I mean, it's not something you can jerry-rig. And you need to disassemble the weapon to put the part back in, then reassemble it. People are going to notice. You can try moving the weapon to somewhere else, so you can disassemble / reassemble it in peace, but again, a spot-check will show the nuclear weapon is gone (you could try replacing it with a fake, but....etc.; if it's to be dropped from a plane, that's one thing, if it's on a ballistic launcher, that's another).
DeathCoin would be a good name for this... for some value of "good".
> The firm's assignment is to formally verify -- a sort of computer-code audit, using mathematics
That's like saying: "an MRI is a sort of selfie, using magnets".
All US military nuclear installations for nuclear missile launch/control (including the Navy SSBNs) use COBAL68 running on IBM System/360 mainframe hardware with OS/360 environment using the PL/I D compiler.
Major Uh Oh!
If you don't want a jailbreak, don't connect the cell door locks to the internet.
If you don't want a nuclear war, don't connect your launch controls to the internet.
Why do I even have to say this?
Let's use this blockchain that has been compromised for literally EVERYTHING. duh.
That's not entirely accurate. For years DARPA has been working on Formal Verification for software. This is essentially a $1.8M checksum. The blockchain community is trying to play this up. This has nothing to do with stopping someone from getting to a weapon. Security is like ogres and onions.
The term "blockchain" is really just a fancy way of saying distributed database with cryptographic signing and trusted timestamping. It was originally conceived to solve a VERY specific problem in the realm of digital currencies, namely the "double spending" problem. Unfortunately for the hype peddlers, the "double spending" problem is pretty much unique to the digital currency realm. If all you need is a distributed database or cryptograhpic signing or trusted timestamping or some combination of them, you don't really need a blockchain to get them. Is there some sort of adversarial problem in nuclear weapon security that can be restated in terms of the "double spending" problem in digital currency? If not then it's hard to see how blockchain offers any advantage over existing permissive action links systems.
Didn't anyone learn anything from wargames, do not connect nukes to the internet period, seriously no remote access
Chainwax.
Comment removed based on user account deletion
Verify and redo the proofs using independent parties, methods and tools. Use the tool set for international arms control operations via UN. Since nobody wants criminals to have access to military grade weapons, sell the system to every military of this planet to reduce the number of weapons stolen by organized crime.
The thing about DARPA is... they are looking at EVERYTHING. So yeah, they may have awarded a million dollar contract (which is trivial to them, BTW) to study Technology X; but that doesn't mean that anybody in the military is about to implement it. - Heck, that doesn't even mean that anybody in the military has even asked for a solution to that problem. DARPA researches all sorts of stuff that never see the light of day.
___ I don't respond to Anonymous Cowards, and I Never Mod them UP.
I think the country needs to be somewhat jaded about DARPA, despite its former reputation.
Obtaining DARPA money has degenerated into 'building relationships' which is Washington-speak for schmoozing the reviewers. DARPA is no longer about inventing the next big thing but has degenerated into feeding the system of suppliers who rotate reviewers into and out of DARPA.
Follow the money on this one. John Launchbury is head of the I2O directorate at DARPA. Galois was the company that he founded and which he had to divest himself of interest in when he took over as head of the directorate. This is money being pumped back into the old company.
Formal verification is unquestionably great science and engineering. Unfortunately it is not even remotely practical for addressing the cyber-security infrastructure challenge this country has. If something like nuclear weapons need to be secure use old technology and don't even let them remotely connect to something which looks like a network. Take a lesson from physical fail safe systems which required that metal shot be allowed to run out of primary pits in order to create an ignitable weapon.
Security is about the challenge of risk management in the face of economic constraints. The greatest security challenge the world faces are millions if not billions of intelligent and network accessible devices being injected by foreign entities, with acknowledged agendas, into every facet of our personal, commercial and governmental lives. Formal methods are never going to be relevant in addressing that problem, which is here and now, not 20 years in the future.
Put the pussy on the chain wax.
Or as Donald would say, grab the pussy on the chain wax.