Slashdot Mirror
Britain's Newest Warship Runs Windows XP, Raising Cyber Attack Fears (telegraph.co.uk)
Chrisq shares a report from The Telegraph: Fears have been raised that Britain's largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-board hardware and software "would have been good in 2004" when the carrier was designed, "but now seems rather antiquated." However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks.
It makes sense to me. Where else are they going to get minesweeper?
they will have cyber specialists on board to defend the carrier from such attacks
They are supposed to defend unsupported proprietary software. The right name is not cyber specialist, but rather priest.
are missiles plug and play with no *nix drivers or something?
There are wild pigs on the warship too?
... control system is assisted by Clippy.
It comforts me the flagship named ship in the GB fleet will get a computer upgrade in a DECADE when the threat is TODAY.
that crash's when you enter zero into the data field for the Remote Data Base Manager
Ransomware writers around the world are salivating.
Seriously who would make such a boneheaded decision?
It might be high tech like US destroyers, but can it avoid becoming a hood ornament for a container ship? That is the test.
"And senior officers said they will have cyber specialists on board to defend the carrier from such attacks."
ALL UNPLUG FULL!
Answering all unplug full aye!
Every military appears subject to the same idiocy. Seriously, you are spending literally billions of USD, GBP, or EUR (I tried to use the actual symbols for GBP and EUR, but I forgot about Slashdot and unicode). You can't spring a few million for a custom built or customized (e.g., based on OS/2, QNX, VXWorks, Linux, etc.) OS that has all the networking and other non-essential components removed? Then you can allow network access via a very tightly controlled and well audited interface.
The main reason, I think, for this conundrum is that there are two competing objectives: 1) extremely rigorous system engineering processes with the attendant configuration control; 2) use more COTS and fewer custom components. For instance, those decisions were definitely made over a decade ago and any change to them would require tons of paperwork, additional certification, and also add to the cost and delay the schedule. It's no wonder they just stuck with what was already approved.
That said, I simply cannot believe that one or more of the big defense firms (e.g., BAE, Lockheed-Martin, Boeing) has not come up with something better than slapping Windows on it.
Now, I know (or rather, I truly hope) that things like navigation, fire control, and other critical ship functions are not dependent on any Windows (or other consumer OS). However, I know that some years ago the US Navy had a "Windows-power ship" end up dead in the water and had to have it towed back to port. That was the result of a divide by zero bug in some piece of software but Windows did not handle it gracefully, if I recall correctly.
Either way, they will be lucky if they don't end up with some very serious problems along the way. It seems like it is just not possible to keep ransomware out of any decently sized network. And I can imagine a major world power's flag ship being a tempting target.
... Windows for Warships? (Seriously, that exists) Anyway: despite windows XP's age Microsoft will still actively support it for organizations willing to send them a boatload of money, and the rates only go up the more time passes. But when you're talking about the operating costs of a large warship, the cost for continued xp support is only a rounding error in the total.
The last time I recall the Navy being concerned about running Windows was maybe 15 years ago. The LinuxBIOS project attracted a lot of attention from some Navy guys because of its rapid reboot capability.
At LANL, LinuxBIOS researchers could reboot a small (1K diskless compute nodes connected via Myrinet) scientific computing cluster in 3 seconds, ready for work. So, theoretically, one could change from a Linux cluster to a Windows cluster, but no one ever wanted to.
Whatever became of that technology?
The die-cision to use anything from Microsoft in a mission-critical environment, let alone a 16+ year old OS with a giant list of known exploits goes so far beyond amazingly stupid I can't even find the words.
April Fools!!! LMAO! Wait... we are in April right?
I suppose better than having your latest battleship subject to some of the latest ransomware attacks.
Really, it depends on how isolated the system is. If it's air gapped or VPN'd only and not readily accessible with inputs like USB ports, it's more secure than a Win10 system on a WAN. There are DOS and Win3.1 systems you're never going to hack unless you get physical access to them. Sometimes a dumb, limited configuration is better than the latest connected hardware.
Anyone over there watch the IT crowd?
Moss: "What kind of operating system does it use?"
Bomb squad: "Vista!"
Moss: "We're going to die!"
Lets see what the real issue is :
1. The carrier has enough reserves only for 7 days. That means it can only fight for 7 days unsupported if it has to.
2. Its a carrier with no aircraft. It cant fight to begin with.
3. It relies on gas turbines. Which means continuous refueling when in use. And the fuel only lasts for 7 days anyway.
4. It has two islands. That means the captain cant handle ship navigation and oversee aircraft operations at the same time. instead he has to run between the two islands if he wants to be present for both or requires that situational awareness.
5. The radar can only go upto 400km for normal aircraft or 20km for stealth fighters. Yes thats 20km to detect a stealth aircraft, well within launch range of anything.
6. The two huge islands aka office towers block anti missile defenses That means they cannot defend against missiles or even detect the due to the block shadow.
7. There are only 3 anti missile guns on board. Yes only 3 CIWS weapons suitable for engaging last ditch missile attacks. And they are all blocked by the huge office towers sitting on the deck.
8. There are tons of egress and therefore ingress points on the flight deck - any hostile force landing will have an easy time to reach the internals.
Is there even a word for this level of stupidity? The die-cision to use anything from Microsoft in a mission-critical environment, let alone a 16+ year old OS with a giant list of known exploits...
I believe the word you're looking for is "congressional". ;)
Anons need not reply. Questions end with a question mark.
if falkland.
s is any indication, well yeah
uk needs beater ship defence
The die-cision to use anything from Microsoft in a mission-critical environment, let alone a 16+ year old OS with a giant list of known exploits goes so far beyond amazingly stupid I can't even find the words.
Can you name a single known exploit that applies to this ships XP systems as deployed?
That's because you assume a control system with an HMI that runs on a version of XP is at all like your grandma's computer. There is no reason for an operator interface to run Windows 7, or Windows 10, or some specialized Unix that costs $10,000 per HMI.
Yes it's possible to infect any system, but the odds that it will happen here are slim. It's not connected to the internet like your computer and most of the HMIs I've worked on are locked down and behind firewalls.
Control systems have to run with high uptime, and there is no reason to assume a new version of Windows is better in this use case.
FTFA:
This snippet is the key - is the mission critical computer in question on a LAN with other machines, or not? Because if it's not, the OS vulnerabilities could be mostly a moot point. Yes, someone could infect it with a USB key (if the thing even has USB ports enabled). Generally, if you have physical access to the machine, the game is already over.
You can find XP in 24/7 use in the US missile defense command.
It has been extremely reliable.
However, these control systems are never connected to an external network.
... has managed to develop their own QNX based base operating system to ensure safety & security. They've also been doing it for a couple decades.
It seems insane that the Royal Navy & BAE systems couldn't figure this out themselves. This has the smell of a kickback based sales agreement to me. Almost any other operating system is a better choice simply because they are smaller attack targets than any version of Windows.
Anyone who buys anything made in the U.K. should not be surprised when it falls apart. That's the reputation the British have developed over decades. Crappy McCrapCrap.
Do you believe the ship's control systems will be browsing the net? It's highly unlikely they're networked into a general network and thus the largest concern is someone plugging in an infected device. Don't forget the military pays top dollar to continue to get support from Microsoft and has access to the source code. Well, that's American ships. I don't know if Britain bought the same support package.
Just fucking google it. There are large numbers of unpatched XP exploits. Microsoft themselves even admit the entire OS is fundamentally insecure and will never be fixed. They even said the same thing about Win 7 as soon as they wanted you to buy Win 8.
Just because they used XP in there, doesn't mean the MI-666 won't show up in his doorstep if he actually *knows* of an exploit that can cause damage to that ship (or is unlucky enough to actually guess it correctly).
Here's a start:
https://www.cvedetails.com/vul...
The Register in 2009
According to the Ministry of Defence (MoD), HMS Montrose has now entered a planned docking and refit period during which BAE Systems plc will replace her original DNA(1) gear with DNA(2), said to be "based on the system being fitted to the Royal Navy's powerful new Type 45 Destroyers". This means it will be based on fairly everyday hardware running legacy Windows OSes - people who have worked on these programmes inform us that both Win2k and XP will be in use across the fleet.
Anons need not reply. Questions end with a question mark.
You don't need to run explorer.exe as your shell (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell) under XP Embedded. Writing your own shell and turning off things like network discovery are but a couple of the many techniques that were available to harden XP Embedded back in the day. Given how much research goes into hacking these days it was only a matter of time before those techniques ceased being effective.
Just fucking google it. There are large numbers of unpatched XP exploits. Microsoft themselves even admit the entire OS is fundamentally insecure and will never be fixed. They even said the same thing about Win 7 as soon as they wanted you to buy Win 8.
The existence of exploits is different from question of which exploits are applicable to XP systems as actually deployed on this ship.
1. For major vulns Microsoft is still releasing free security patches for XP (just recently happened)
2. For a few million you can buy security patches from Microsoft still
3. McAfee SolidCore or other whitelist technologies do allow for only permitted authorized code to execute and not malware
In general though the longer you go the more you end up paying for mitigating controls and operational maint. expense versus replacing the hardware and OS.
Uh oh! Your missile launch codes have been encrypted by ransomboatie. To get the decryption key, send $10,000,000 worth of Bitcoin to: 15VnnCwcXKxzDoeGvErBYg2oqJmPWrpKCJ
The real story here is how much even normal people hate everything that came after XP. They hate it so much they'll put up with an the ancient XP.
It's all about that classic start-button-in-the-corner interface.
It is light years beyond stupid. Darwin Awards would approve.
It costs a lot of money for certification so Lockheed-Martin and Boeing don't want to do that again. Lockheed-Martin and Boeing earn more money for fixing stuff, so they want the military to buy upgrades: Building for early obsolescence is a capitalist necessity.
The real issue being, software was locked-in early on a 13 year project to design, certify and build military hardware. Their project management needs to address software later in the process and concentrate on specifying the API (eg. Win32) and hardware interfaces (USB, SATA, PCI, DIMM, FPGA), not versions/releases.
This also allows project management to address the UI and user experience long before the coding phase of the software. Given that modern warfare control rooms have failed spectacularly (USS Vincent), they might want to reduce the chance of a re-occurrence.
I believe the word you're looking for is "congressional". ;)
In England, they call it "Parliamentarian" old chap, bip-bip, cheerio.
The U.S. nuclear fleet still runs on Microsoft Bob.
I'd love to see the on boar systems they mention.
Website Just Down For Me? Find out
It looks like you are trying to turn the surface of the earth into glass. Would you like help?
Windows being used in security critical applications simply boggles the mind. Have they ever heard of seL4 or QNX, Linux or pretty much anything else that would be open source. At least you can continue to maintain it after it becomes obsolete. I assume these ships are going to be used for more than 5 years. Your tax dollars at work...
That said why do people use Windows in some embedded applications? I think it makes no sense to use a proprietary operating system when they drop support after a few years anyway.
Think of it from a UK mil perspective.
They have to find people to use the computer GUI. Make a bespoke UK OS? Thats a lot of new computer tasks to learn and teach to average people new to the navy.
Trying to keep people in the navy is not helped by some strange, new, expensive, complex new UK mil OS.
No need to teach the users how to write code in something like a new Ada to do GUI things.
That keeps teaching costs lower and makes teaching methods for new crews more easy. Just like a really big home computer but at sea.
The gov and mil security thinking works like this:
The port, repair areas are totally secure as all the contractors and mil staff are allowed to be on site and are 100% trusted.
When the ships need service or get towed back to port again contractors get all systems working again.
No cult, person who is loyal to their religion or another nation or is political motivated can get to the XP computers that are secure thanks to a big, high, strong fence around the port.
No person is allowed to bring any different electronic device with them from home. Thats a really strict rule and no personal equipment is allowed on any UK ship or near a ship in port.
So nothing can go wrong. The fence around the port is huge. When the ship is at sea its totally protected from random people walking onto the ship.
Staff, contractors and people at sea would never ever use or bring any other digital devices. From home to the port or for their own use for the long time spent at sea or under the sea.
People at sea are sleeping, learning about the GUI, eating or taking tests and are not alone. They have no time to use their own computers they would never have with them as they have been searched for such devices.
So the selection of the OS saves the gov money when teaching very new users, GUI applications look like what average people are used to, its easy for contractors to work with a lot and get overtime to fix when in port. Its win, win, win if everyone is vetted, the fence is big and nobody ever brings files or computer devices from home to the port or on the ship.
The term is air gap.
Domestic spying is now "Benign Information Gathering"
...but they’re held back by some unresolved incompatibility that causes Harpoon to crash on Windows Vista.
this hit fark a good 12 hours ago.
That said, I don't get the thinking here. WinXP is old, outdated, and insecure. If you don't want Win10 or whatever you've got linux, along with several modern RTOS's. Hell, rolling your own is probably better than WinXP.
If you've got a CNC machine, or bioassay device, or whatever, it's fine. As long as the internet can't find it. Soon as the $bad_guys find it, game over.
You know, I built a WinXP HMI back in 2010 and had it work wonderfully for me for years on an airgapped machine. And then about two years in, some screw condition with one of the proprietary hardware drivers on it causes the whole thing to reboot entirely on its own.
Now, you might ask, why would I do something like that at all. And the answer is that the nameless industrial controls vendors Allen-Bradley and National Instruments explicitly marketed a WinXP/LabView solution for HMI as an alternative (not even a cheaper alternative, just an alternative) to a dedicated touchscreen box for customers like me who needed more out of the HMI than what the touchscreen dowhicky came with, namely datalogging and additional helper logic that's naturally implemented somewhere besides the safety-critical ladders.
Now, a the Linux driver for that gizmo that caused the windows box to reboot didn't have that issue. And even if it had, Linux would have failed more gracefully and the controls would have still worked. But Allen Bradley was a Windows-only outfit. So the once a year spontaneous reboot is the price I paid for not having to reinvent a very expensive wheel. I suspect that this aircraft carrier is the same. They need Windows for something that would be very expensive to reinvent, and between their budget pressures, military procurement silliness, and the fact that they just might not have enough time and enough good people to do it...they went with WinXP.
"They even said the same thing about Win 7 as soon as they wanted you to buy Win 8."
Shows what they know.
It looks like you want to play global thermonuclear war
what side do you want??
1. USA
2. Russia
3. United Kingdom
4. France
5. China
6. India
7. Pakistan
8. North Korea
9. Israel
It is a hardened version of Windows, and no it will probably have a BSOD before it is hacked. Plus, the ship's computers cannot be accessed from the 'Net, and I doubt anyone will be allowed to hook up a USB drive either.
Network DDE is used to communicate with the fire control systems running Windows for Warships.
Just imagine if this was on one of their submarines and someone opened a Window while they were submerged. Talk about a crash dive.
Mind you, this is from the same country that bought you flammable warships during the Falklands war.
I googled, could not find a single exploit that applied to the isolated systems of warship. perhaps you can point at some?
https://www.theregister.co.uk/2015/12/18/windows_for_warships_not_on_queen_elizabeth_class_aircraft_carriers/
Hopefully enough of you read this before you commit yourselves to they abyss.....
https://en.wikipedia.org/wiki/Lemmings_%28video_game%29
The last thing you want to see in naval warfare:
Your cruise misses have been encrypted. Do not bother trying to decrypt your cruise missles as they can only be decrypted by us. Send ${YOOGE_BITCOIN_MONIES} to our friendly decryption service to decrypt your cruise missles.
This is serious !
Back in 2015 the MoD declared that this vessel would be 'Windows-XP Free'
Read the article below if you do not believe ---
https://www.theregister.co.uk/...
"senior officers said they will have cyber specialists on board to defend the carrier from such attacks" translates to "they have the original installation floppies standing by".
When they came for the communists, I said "He's next door. Take him away. Goddam commies."
Yes, that word is "cyber"
When you hear someone say cyber, you know you've found stupid.
That's because you no literally nothing about long term asset procurement, fixed asset operation, military equipment, non-networked computer security, or physical access prevention.
Other than that, I completely agree with you.
can't see any on that list that would be relevant for isolated custom systems? perhaps you should be more specific?
Hmmm. Maybe if something seems outrageously stupid to you, and also seems important, with a lot of resources dedicated to it, you should think to yourself, "Maybe I'm not getting something here..."
Of course, on slashdot *everyone* is a reactionary who does not think for a moment before posting, so it doesn't surprise me at all that you're not thinking here.
"Warship sunk by fat Russian boy on the couch of his mother's basement."
For the first 36 of those issues, you need local access. Someone with intent to cause damage, who has local access could probably do more damage to the ship than they could do using the computers.
Most of the remote issues are web based, so it might simply be an idea not to browse random websites.
Which could be used to affect an aircraft carrier in some way?
Probably... ROFL... Smoke another one. :P
[($)]
So they are run on Windows XP big deal, are those pc's connected to the net. if yes then its a big problem, if no and its a closed network then it isn't really that much of a problem unless someone brings something in. Chances are they are just using it cause its cheap easy to use and somewhat stable without appearing intimidating to the users.
I suppose the one that left warships dead in the water don't count?
Article is here: https://www.theregister.co.uk/...
The fact it's connect to the INTERNET is the height of stupidity. If it wasn't it would matter all that much what OS it uses...
Old joke: What does a navy pilot have in common with an internet junkie?
Both break out in cold sweat if their display shows NO CARRIER
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Hardly a surprise that it is going into service with such outdated, insecure systems. This is the Navy that genuinely put this out as a recruitment video a few years back. Now it might have been a joke from the crewman, but the ad is edited in such a way that it suggests not.
re "physical access prevention"
"Margaret Thatcher ordered troops to shoot intruders on sight after protesters boarded nuclear-armed Navy sub
The PM was livid when three demonstrators broke into the control room of vessel carrying Polaris missiles, newly released files show"
http://www.mirror.co.uk/news/u...
Domestic spying is now "Benign Information Gathering"
Witches are more powerful, and if red haired, look better in TV grabs.
But we all know women are bad luck on boats, and would impair the effectiveness
of everything, and imperil all the other souls.
Therefore, what is needed is a Cyber Warlock. In Startrek they even come with English accents. Is this new boat Dreadnought class?
Seroiusly - if they had talent it wold run at least Win7. I don't think it would be a good look for telemetry to give the enemy intel on a plate.
Just think how fucked up you have to be to pick that as your username. Man you must have had an unhappy childhood, overbearing (maybe worse) parents? Gotta love the weird hangups and kinks of people raised by conservative christians. I'm sure having a handle called 'gay boner sex' is just a part of it.
Most of the rest of us grew up and stopped finding differing sexualities interesting a looooong time ago. What a sad little prick you must be. Even if you're straight, which is probably debatable, you evidently think about men fucking a LOT.
I think the point of him picking that name seems to be getting people like you up. Who gives a shit? You claim not find differing sexualities 'interesting' yet you can't help having a go at a stranger on the internet for reminding you of it. Grow up and don't feed the trolls.
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
:)
The U.S. Navy develops Tor and the Airforce, as well as several other agencies use LPS to log into places. You'd think the UK navy would be smart enough to not use Window$ anything. But, this is coming from a country that wants backdoors in everything. One country's bug is another country's feature, I guess.
then you better provide a citation of an exploit that was used to leave them dead in the water.
The term I would use is "gross dereliction of duty".
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Who said the systems will not be connected to the internet? The US naval systems that use Windows are. Or at least they were a few years ago. Windows For Warships, ver. 1.1
Besides, I can probably dig up a quote by Microsoft saying XP is the most secure Windows ever. Of course, I can dig that up about almost every version.
This aircraft carrier is so expensive that there are significant budget limitations for the rest of the Royal Navy, including the carrier group in question.
Since they don't have any airplanes for this carrier, their plan is to reach the enemy port, plug an ethernet cable and let Windows XP do its thing.
But at least they are not running it in the cloud ... yet.
RHEL 6 and 7 have full NIST Secuirty STIGS and are ready to go. And there's a reasonable
chance your 10 year old software will still run.
"Vampire! Vampire! Track 3872 bearing 285 at 20 klicks!" "Taking out track 3872 with bird--" (Screens all over the ship turn blue with the text "A problem has been detected and Windows has been shut down to prevent damage to your computer"...) "What the bloody hell?" "Gates, you arrogant ass! You've killed us!"
Some contractors used Windows XP or Windows 7 on laptops but the warship uses a custom built hardened version of Windows "Windows for Warships" it is mostly based on Windows 2000 server ...
This is much the same as the US fleet, which uses a mixture of Windows 2000 and Windows NT based custom systems ...
Puteulanus fenestra mortis
Real reason for this decision is obvious, retro gaming. https://games.slashdot.org/sto...
A lot of people keep calling this stupid, but it's actually pretty simple. The design started back in 2004. When you're working a rigid project like this, things get locked in once approved, like design and technology. If you postponed even whenever a new Windows came out, you'd have to go back, have a new CONOPS, new requirements, and start all over again and the project would never finish. Yes you'd get to reuse a lot of the previous architecture, but just think about it. If you're running the program, and software people tell you they're going to just use a new OS, you have a whole host of new things to think about.
And in the government, hardware tends to drive software, so software is constantly trying to keep to the same milestones. And believe me, once you've tested, NOBODY wants to think about switching OS and libraries now. Throw in a few of the typical delays that come in the government, (funding/changing of the guard, etc...) and this all makes sense.
So stupid? That's not really the issue here. It's choosing between a rigid process, that can't afford to do things quickly and is very risk averse...or finishing quickly. The most common mitigation to this issue is to include an update later, with newer Windows and some regression testing. You can't really win with the public these days anyway...imagine if they pushed it out quickly and the report instead said that there was a malfunction because it was a rush job. These days, you're damned if you do (spend a lot of money but this is what we get) and damned if you don't (rush job leads to malfunction leads to public embarrassment).
The sooner hackers, (independent, extremist group, or state-run, who cares) take control of some lethal piece of military hardware and kill a few dozen civilians with it, the better. Governments and companies don't seem to be able to understand that this lack of security is a serious issue, and that running Windows or any other insecure OS on critical devices/infrastructure/machines is begging for a major disaster. Humanity in general seems to have real trouble learning any way but the hard way.
I just hope it happens BEFORE they release some war machine armed with nuclear weapons running Windows Me or something.
As MS updates those XP computers. They buy special services.
The die-cision to use anything from Microsoft in a mission-critical environment, let alone a 16+ year old OS with a giant list of known exploits goes so far beyond amazingly stupid I can't even find the words.
Microsoft makes different military and civilian versions of Windows.
It's nice you felt you had the knowledge to speak on the subject anyway. /s
Exactly. I mean come on. How can you have gay sex without boners.
Run Linux. You can completely customize your distro for warships.
BWA-HA-HA-HA-HA.
There just are not enough derogatory remarks that can be made about designing a warship around a Microsoft Windows version. Especially Windows XP of the Caribbean.
No, No, No. It's just too wrong.
Well, if it will run Windows XP it will run Linux, which would make a much more secure environment for the computing infrastructure of such a warship.
Now, if you'll excuse me, I have to go catch my butt. It ran away when I started laughing.
Yep things sure have come around in 28 years!
But that's not what I meant either. I meant having physical access to the actual "box" itself. Getting onto the boat is a chunk of the battle but the ability to physically compromise the box is the most important part. Gonna be kind of hard to do that with 24 x 7 shifts running, no?
Depends on the navy, the security the person has and if the buddy system can be staffed for that rank, clearance, every mission.
After a while someone gets to be along and needs power for their USB device. They have hours and days to go looking and the need to find any USB power builds.
Domestic spying is now "Benign Information Gathering"
by then XP will literally be a thing of the past.
Using ANY Windows platform for a military application is the stupidest thing I have ever seen (yes, I've done it, but it was not tied to the world). I cannot see any reason why Linux is not the default OS for all military applications. You can make it as small as you need, or as powerful as you need. All with relative security.
It's good to see that you finally decided to create an account, APK.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
I would think that a software upgrade would be not only in order, but perhaps even expected? It would be similar to any large enterprise upgrade, requiring quite a bit of planning, testing and IT support. Not exactly trivial, but neither should it require dry-docking the fleet...
Gay women seem to do it just fine...
That was Windows N(eeds)T(owing). This is XP. They've probably improved it to the point that it eXplodes the Propellers instead.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
The die-cision to use anything from Microsoft in a mission-critical environment, let alone a 16+ year old OS with a giant list of known exploits goes so far beyond amazingly stupid I can't even find the words.
So, you're saying that a country's only aircraft carrier is a mission-critical environment? How so?
Can't they just pop another one out within a month? A boat is a boat, after all.
As a Brit i can tell you that there are MANY islamic people living in the UK as citizens, and are completely eligible to join the forces.
Like it or not it's a fact that the UK is living in denial about many real risks since its a repeat story of young UK Muslims being brainwashed/radicalized in UK mosques. Many have in the past even gone off to fight for IS.
Its a no-brainer that the smarter radical Imams are telling them all to get into positions of trust where they can perform Allah's will.
If you think everyone on that ship cannot possibly be in any way a security threat (even unintentionally) then you are beyond VERY naive.
Think of the efficiencies gained by having the US maintain the British military - why stop with the Royal Navy? NSA wouldn't even have to intercept - there could be a 24x7 direct feed! And then of course with tRump in charge, not only would he make amerika grate again, Britain would be on track to re-establishing the empire!
Of course they can be. And they don't need a computer to do so.
If you are still running Windows XP in 2017, FUCK YOU.