On the whole, we can still sleep safely in our beds tonight regardless of this report.
Boom!
Had you going...
Trident nuke subs are hackable, thunders Wikipedia-based report
A group of anti-nuclear campaigners have claimed Britain’s nuclear deterrent submarines are vulnerable to hackers – and their report setting out the “evidence” quotes, in part, from Wikipedia. The British American Security Information Council (BASIC) reckoned that Blighty’s four Vanguard-class nuclear missile submarines could …
-
-
Thursday 1st June 2017 20:21 GMT Destroy All Monsters
July Gold Boojum
Didn't have to go to RT.com for this.
-
Friday 2nd June 2017 12:46 GMT I ain't Spartacus
Re: July Gold Boojum
NATO doctrine for most of the Cold War was to use nuclear weapons first, in certain circumstances. Mostly to wipe out large Soviet tank formations breaking through NATO lines. There was an awful lot of theorisiing about nuclear escalation paths, and the difference between tactical, theatre and strategic nuclear weapons. Not as much in reality as people hoped, I rather suspect...
Trident is accurate enough to use as a counter-force weapon. Though the UK hasn't ever held that nuclear posture, as it would have been too expensive. So our policy has always been limited but massive retaliatory strike as deterrent.
Where the enemy has liquid fuelled ICBMs (say North Korea), a first strike with your solid fuelled (quicker to launch) ones may be a possibility, if you're convinced they're about to fire.
-
-
-
Friday 2nd June 2017 08:04 GMT DavCrav
"Sounds about as well researched as one of the 'Girl with the Dragon Tattoo' books where a hacker was described as being so amazing he'd been able to take control of a RN submarine as it patrolled the deeps."
That's at least physically possible. In an episode of Bones, an ueber-hacker etches a virus on a bone, so that when it's scanned into the system it infects the protagonist's computer.
-
-
Friday 2nd June 2017 10:11 GMT Anonymous Coward
DavCrav
That's rather plausible... IF you know their OCR is active on all images/files (as part of the scanning suite... because they ALWAYS add automated junk to those HP drivers ;) ) and know their is an exploit to run code (say like that MS defender scanning bug or some other exploit).
I don't mind shows and films pulling out the improbable, but when they do the impossible, it should be with some humor! https://youtu.be/u8qgehH3kEQ
-
-
-
Friday 2nd June 2017 06:55 GMT Black Betty
Re: Normal USB Attack Vector
No this is where some numpty of an ensign doesn't see anything wrong with installing Конфеты хруст on a work terminal or possibly even just the onboard crew entertainment system.
Just how air gapped/integrated are the onboard systems from/with each other. Can a thumb drive plugged in in the forward torpedo room conceivably affect anything in the engine room?
The danger of networked systems on a war vessel is that a saboteur no longer needs physical access to a system to compromise it. Furthermore computerisation makes possible sabotage that stays hidden until the captain punches the great big "This is not a drill" button.
-
-
-
-
-
Thursday 1st June 2017 21:32 GMT James O'Shea
Re: Single Point of Failure
In a Real Navy, two to four of the same kind of ship is a 'division', two to four divisions would be a 'squadron', more than four divisions would be a 'flotilla' ('little fleet') and a bunch of squadrons, divisions, not all of the same type, and whatnot a 'fleet'. Alternatively, instead of grouping things by type of ship you could group them by task. A small task would get a 'task group' of 2-7 ships of varying type, typically in these times a few anti-submarine ships and a few anti-air-warfare ships, the ASW ships usually being unable to defend themselves against surface or air threats, the AAW ships being able to hit surface or air threats but not being much good against subs. Real Navies (that would be American, Russian, French, and Indian) would typically have an aircraft carrier or an amphibious assault ship or both in there as well, and might have support ships such as tankers. A 'task force' would be a larger group, often consisting of multiple task groups. In Ye Goode Olde Daze of 1945, British Pacific Fleet operated as Task Force 57 inside the United States Fifth Fleet. British Pacific Fleet had six fleet carriers, four light carriers, 9 escort carriers, four battleships, 11 cruisers (including 2 each New Zealand and Canadian, the Australian cruisers were operating with MacArthur's Navy, a.k.a. US 7th Fleet) plus lots more. Fifth Fleet had over 530 ships, including TF 57.
Four subs isn't even a flotilla.
-
-
-
Friday 2nd June 2017 12:55 GMT I ain't Spartacus
Re: Single Point of Failure
Subs that don't float are unpopular with crew members.
Not for long though...
Wasn't it the USS (should that be CSS?) Hunley in the Civil War that sank 3 times. Killing 21 members of those 3 different crews. Only managed to get into one battle, won (just barely), but sank on the way back to port in water too deep to raise it. So no more Confederate crews had to suffer.
-
-
-
-
-
-
-
-
Thursday 1st June 2017 14:25 GMT 0laf
Boom
Mate of mine used to be a submariner on a Trident boat and wangled a tour for a few mates including me.
The systems on those boats look like well maintained relics from the late 70s early 80s (probably because they are). I can't imagine there is much hacking that can be done without a screwdriver and a soldering iron.
My mate's work console had a worrying resemblance to Homer Simpson's station at the power-plant.
So no, not really worried about a v boat being hacked by hippies with iPads.
-
-
-
Thursday 1st June 2017 16:37 GMT Peter2
Re: Boom
What is the figure of 1600 based on? I thought it was based on a rough guess and assumptions that pretty much all of the soviet era stuff is in use and maintained perfectly.
The Russians sensibly refuse to comment but given their known defence budget and known spending their figure is almost certainly closer to 16 than 1600.
-
-
Friday 2nd June 2017 13:20 GMT I ain't Spartacus
Re: Boom
In Soviet days it used to be 200 cities in the UK that were individually targeted. Doubt thats changed much.
No cities are supposed to be targetted. Assuming the Russians (and we) are sticking to our post Cold War agreements. That de-escalation was agreed with Yeltsin in the 90s. Along with the removal of tactical nuclear weapons from deployment into storage. This means that it takes an extra few minutes to launch, and supposedly gives more time to think - as well as reducing everyone's readiness state a little.
-
-
Friday 2nd June 2017 11:33 GMT JohnG
Re: Boom
"The Russians sensibly refuse to comment but given their known defence budget and known spending their figure is almost certainly closer to 16 than 1600."
The Russians have about 7300 nuclear warheads - like us, they can't test them, due to treaty constraints. However, they do test one of the possible delivery systems every time they send people to the ISS. They have recently tested new delivery systems and newer systems are in development e.g. RS-28 Sarmat AKA SS-X-30 SATAN 2.
-
-
-
Friday 2nd June 2017 10:11 GMT Anonymous Coward
Re: The reply will be a quick conversion of most of the UK to a glass lake.
And then, this:
http://physicstoday.scitation.org/doi/full/10.1063/1.3047679
(from cited article)
100 Hiroshima-sized weapons would pose a worldwide threat due to ozone destruction and climate change. A superpower confrontation with a few thousand weapons would be catastrophic.
I'm not convinced that 100 13kt weapons would cause the effects claimed in that theory.
I say that because there have been 2053 nuclear tests from 1945 to when the test ban treaty was put in place, many of which have been much larger than 13 kilotons, such as the 57,000 kiloton Tsar Bomba that the Russians detonated. (nice graphical detonation map below)
https://www.youtube.com/watch?v=I9lquok4Pdk
(note that many of these tests are not actual detonations, such as testing new warhead designs to see if they would explode if set on fire etc)
However, there have been way more than 100 detonations, and the theory is quite demonstrably incorrect as the effects suggested haven't happened in real world tests. It does however serve as a good way of keeping people scared of nuclear weapons, which helps discourage people from actually using them which in turn achieves the stated aim of deterrence. So it's a good thing, even if the scientific process gets massacred in the process.
-
-
Friday 2nd June 2017 08:25 GMT Mark Dempster
Re: Boom
>The reply will be a quick conversion of most of the UK to a glass lake. 16 missiles versus 1600. Not a pretty math.<
Which is why Trident can carry multiple independently-targeted warheads per missile; up to 12 each I believe, although 8 is the norm. Of course the Russians also have similar capability and more missiles, but it's overkill. What we have is enough to inflict huge damage on them, which is a sufficient deterrent to make a first strike unthinkable (except for the current crop of Tories, it appears...)
-
Tuesday 13th June 2017 13:39 GMT Dave the Cat
Re: Boom
@ AC
The Vanguard boats were designed to carry 16 missiles each with 12 independent warheads (MIRVs) for a total of 192 warheads per boat. This is the thing with nukes, and the Mutually Assured Destruction (MAD) doctrine, once your past a few tens of warheads, ultimate numbers don't really mean that much. Even if only 50% of UK warheads were to get through, that's still enough to destroy several major Russian cities and quite literally millions of it's citizens. Sure Russia might be able to turn the UK "to a glass lake" but we can wipe out a huge chunk of the Russian population in return. No one wins, and that's the whole point of MAD.
Currently the Vanguard boats deploy with 8 missiles on board, with each missile carrying 6 warheads. Following the 1998 strategic defence review, the UK has <200 warheads. Still enough to do serious damage and still the whole point of MAD.
-
-
Thursday 1st June 2017 18:38 GMT Anonymous Coward
Re: Boom
>If the command system got hacked and the "correct" signal sent out then Russia could be warmed a "bucket of sunshine"
Even if it were possible to launch, it wouldn't get far - our American cousins are required to provide guidance once it breaks the surface. It's only an independent deterrent to the extent we choose when and where to park it....and the US doesn't get to launch them without our approval.
-
Thursday 1st June 2017 22:27 GMT I ain't Spartacus
Re: Boom
The submarines use GPS to work out where they are. Or more accurately to calibrate their inertial navigation gear, as they only get GPS data when at periscope depth with an antenna up.
The warheads themselves use a star-tracker to get their position, so don't need GPS.
So you're incorrect. It's an independent deterrent until the US refuse to cooperate on maintenance. At which point the missiles have a ten year rated lifespan, and we usually have 2 or 3 boats loaded at any one time. So we could probably maintain a credible reduced deterrent for 6 months to a couple of years.
So not enough to get a replacement solution in place, but long enough that the US can't cut us off at the knees halfway through a crisis.
-
Friday 2nd June 2017 08:33 GMT Anonymous Coward
Re: Boom
Spartacus,
you're going to upset a lot of my Corbyn-supporting friends.They've been busy going round telling people we have to ask American permission to launch, and here you are, providing information that doesn't support the party line. Oh no, wait, it does support the party line, just not the party leader's line.
Who needs facts and accuracy when we have politicians as an alternative? ;)
-
Friday 2nd June 2017 08:40 GMT Mark Dempster
Re: Boom
>So you're incorrect. It's an independent deterrent until the US refuse to cooperate on maintenance. At which point the missiles have a ten year rated lifespan, and we usually have 2 or 3 boats loaded at any one time. So we could probably maintain a credible reduced deterrent for 6 months to a couple of years.
So not enough to get a replacement solution in place, but long enough that the US can't cut us off at the knees halfway through a crisis.<
And that maintainance is only a contractual obligation. I'd be VERY surprised if the Navy didn't have people with the required skills available to do the work if needed.
-
Friday 2nd June 2017 13:17 GMT I ain't Spartacus
Re: Boom
And that maintainance is only a contractual obligation. I'd be VERY surprised if the Navy didn't have people with the required skills available to do the work if needed.
According to Peter Hennessey's book on the RN submarine service since the Cold War (that I'm currently on the last chapter of) that wouldn't be so easy.
With Polaris we had a maintenance facility at Coulport. So we'd pull missiles from the joint pool held in the US, bring them over to the UK and maintain them for a while ourselves. Only sending them back for major refits - or more likely permanent replacement. Obviously that gave us stocks of spares and trained personnel.
The US offered to share the maintenance of Trident, which was accepted as it saved money. The reason for this appears to have been that Trident was newer, and so designed to need much less maintenance. Supposedly you could load a Trident missile into the sub, and leave it there in the silo for ten years, before it needed a total refit. Plus they're designed so that maintenance can be done on them in-silo. According to his RN sources, this meant we could carry on operations without US support for longer with Trident, even without maintenance facilities and spares stocks of our own. Which is where that 6 months to a couple of years figure comes from.
I'm sure we could reverse engineer physical parts, with sufficient applications of money. But the electronics would be much tougher. I'm also sure we've got maintenance experience, and several other solid rocket missile companies manufacture in the UK - so I suspect they could keep a diminishing number of missiles going for a while, by cannibalising the others for parts.
We also licensed MIRVs with Trident, rather than using our home-grown Chevaline. That has the star-trackers and countermeasures, but not as many, and though you get to hit more than one target with your warheads, I think they have to be reasonably close together. Given our satellite industry, I'd have thought MIRVs would be much easier and cheaper than they looked in the 70s.
We ought to be able to design a good-enough solid fuel missile in 5-10 years, given a crash program and lots of cash. I'm sure BAe would be delighted to help...
-
-
-
Friday 2nd June 2017 08:37 GMT Mark Dempster
Re: Boom
>Even if it were possible to launch, it wouldn't get far - our American cousins are required to provide guidance once it breaks the surface. It's only an independent deterrent to the extent we choose when and where to park it....and the US doesn't get to launch them without our approval.<
There is a HUGE amount of misinformation out there about our deterrent, and your comment is part of it!
1. We do NOT need US permission/codes to launch; it would probably be impossible to get that at time of war anyway! If the sub commander believes the UK government has been 'compromised' then he opens his sealed orders and acts accordingly
2. NO external guidance is required whatsoever. Trident uses an inertial guidance system. The missile is launched towards its target using the most accurate data available at the time. Once the missile reaches an appropriate altitude it takes sightings of several stars and makes any course corrections that might be necessary.
It would be wonderful if posting this meant that I'd never have to correct someone on it againb, but experience proves that that won't be the case...
-
-
-
This post has been deleted by its author
-
Friday 2nd June 2017 15:44 GMT TheVogon
Re: Boom
"once it gets clear of the atmosphere it can see lots and lots and lots of stars."
The sun as viewed from near Earth has an apparent magnitude of -26.7. The brightest star, Sirius, is a -1.5. Since the magnitude scale is 2.512 inverse log, that means that the sun is ~ 1.2x10^10 times brighter than the next brightest star. So as I said, it might be more bit tricky in the daytime...
-
-
-
-
-
-
Thursday 1st June 2017 20:28 GMT Mark 85
Re: Boom
So no, not really worried about a v boat being hacked by hippies with iPads.
Hippies? Really? All they ever wanted was sex, drugs, and rock and roll. Peace protests were their way of meeting up with others for the 3 basics. I'd be more worried about the kid living in the parent's basement that is stuffed with computers..
-
-
Monday 5th June 2017 08:37 GMT Anonymous Coward
Re: Boom
We ought to be able to design a good-enough solid fuel missile in 5-10 years, given a crash program and lots of cash. I'm sure BAe would be delighted to help...
Or easier than that, given the increased co-operation with the French we could simply buy their rocket, and get them to build them, and probably the submarines to carry them while we are at it since BAE seems to be quite poor at producing subs with a long lifespan. Compare the Ohio class build and replacement dates (1976 - 2030) with our subs (1997-2030) and you get the feeling that it might be cheaper in the long term to buy foreign in this particular case.
-
-
Friday 2nd June 2017 11:15 GMT JohnG
Re: Boom
The last time I had anything to do with submarines and the RN, it involved the use of paper tape. [Actually, we used paper tape, the matelots used mylar tape, because it was so resistant to damage]. The MoD and RN had an intense distrust of any magnetic media. I wouldn't be surprised if their current systems were incompatible with USB sticks and similar media.
-
-
-
-
Tuesday 4th July 2017 10:23 GMT Dave the Cat
Re: MAD
Jesus, not this again. How many times does it need to be said? The UK does not require the permission of the US to use our deterrent, the UK does not need launch codes from the US and the US doesn't have a cut off switch to prevent the UK using it's deterrent.
In the unlikely event that the UK looses off all it's missiles, yes, the US could make life difficult then by refusing access to Kings Bay where the common pool of Trident D5 missiles are stored. This is however a bit of a mute point as the UK has ownership of 58 missiles and circa 200 warheads distributed in four boats, 8 missiles per boat, 6 warheads per missile for a total of 196 warheads deployable at any one time, so there'd be little point picking up the missiles in Kings bay as we'd have little to put on them, at least in the short term.
However if it came to that there'd be bigger issues, like the continued existence of the United Kingdom, to worry about.
-
Thursday 1st June 2017 15:25 GMT Threlkeld
The weakest point ... ?
As there is no UK equivalent of the US 'football' which contains the launch codes for the US nuclear systems, one gathers that the crew of a UK Trident have the total responsibility for initiating a launch. They are provided with a letter from the Prime Minister, and no one person can launch by themselves, but apart from that they are locked up for months in an isolated metal tube with rather awesome potential power.
Since the weakest point of any computer system is generally agreed to be the bit between the screen and the keyboard, this probably means that USB sticks are not the greatest of our worries.
But it's OK, we have systems for ensuring that only extremely responsible and stable people are assigned to this very critical position. They won't appoint anyone called Captain William Bligh, Captain Jack D. Ripper or Commander Queeg.
Fascinating to think that the crew's personal entertainment devices probably now have a collective computing power many times that of their boat's command and control systems. it's a funny old world, and as long as nothing goes wrong, rather quaint and endearing. Very British.
-
-
Thursday 1st June 2017 16:41 GMT Threlkeld
Re: The weakest point ... ?
Ah, a counterstrike. Yes, we could kill millions of civilians, none of whom had any responsibility for the original attack, but a few of whom might be related to those who had that responsibility. The latter, being prudent people, would be likely to be very well protected in deep bunkers.
What sort of war crime is that: genocide or collective punishment?
And all done with XP.
'Blue Screen of Death', indeed.
-
Thursday 1st June 2017 17:23 GMT Boris the Cockroach
Re: The weakest point ... ?
Quote:
Ah, a counterstrike. Yes, we could kill millions of civilians, none of whom had any responsibility for the original attack
Its why we aimed at Soviet cities... there was no point aiming at missile silos or airfields or naval bases because the targets would be long gone.
So you aim at the enemy infrastructure.... going to be damn hard claiming victory over the evil capitalist west when most of your major cities are smoking holes in the ground*
That was whole point of MAD, whatever you did to your enemy would land on you 30 mins later
Of course thats assuming that both sides are rational and care about what happens after you press the button.. when one side is glad to kill the unbelievers and is happy that so many of its own people will be on their way to paradise, then you have a problem....
* of course the smoking holes in the ground thing does lead to the great question of nuclear warfare
.... deciding WHICH smoking hole in the ground is the winner
-
-
Friday 2nd June 2017 13:26 GMT EnviableOne
Re: The weakest point ... ?
Crimson Tide anyone .....
As far as I am aware the C&C system for trident requires a go code that can only be transmited from PJHQ at Norwood on authorisation from the head of state.
Plus Sub-Systems are configured simmilar to those on airplanes, there is a lot of isolation, interference reduction and segregation.
-
-
Friday 2nd June 2017 10:14 GMT 's water music
Re: The weakest point ... ?
"the bit between the screen and the keyboard"
Did you mean between the chair and the keyboard, or do you have a particularly dodgy batch of VGA cables in mind?
That would be me last week, leaning way forward whilst waiting for my Optometrist to finish a replacement pair of specs
-
Thursday 1st June 2017 18:57 GMT Chris G
Re: The weakest point ... ?
Bligh was actually a remarkable sailor having survived the munity he is so famous for and then sailing a 23ft launch with 18 crewmen over 4000 miles to Timor.A remarkable feat of both sailing and command.
I have a 1st edition of Bligh and the Bounty written in 1936 by G.R.Bancroft and prefaced by Laurence Irving and based on Bligh's actual 1792 accounts plus other research. It shows him in a better light the the film does. He finished up as a Commodore and then a Rear Admiral.
The Hollywood film with Charles Lawton portrayed him as most Hollywood films portrayed British officers, as unimaginative 'stiff upper lip' tyrants. We will never know the absolute truth but Bligh was probably maligned beyond redemption by a film that like most films was not so much concerned with the truth as much as selling tickets to get bums on seats
-
-
Friday 2nd June 2017 10:36 GMT Threlkeld
Re: The weakest point ... ?
Yes, Bligh was a good officer and a remarkable navigator . However, the fact remains that his Royal Navy crew mutinied, and the mission went terribly wrong. Nobody knows quite why there was a mutiny, and it is clear that in many ways Bligh was a good captain with enlightened views. Wikipedia offers this suggestion: "The modern historian John Beaglehole" [please, no adolescent jokes] " has described the major flaw in this otherwise enlightened naval officer: "[Bligh made] dogmatic judgements which he felt himself entitled to make; he saw fools about him too easily ... thin-skinned vanity was his curse through life ... [Bligh] never learnt that you do not make friends of men by insulting them."
It sounds as if Bligh would have been right at home on today's social media. Or as a US President.
-
Friday 2nd June 2017 12:11 GMT Michael H.F. Wilkinson
Re: The weakest point ... ?
What I have always found most telling about Bligh is that 18 crew members preferred to sail with him in a 23 ft launch rather than stay on the Bounty. It suggests a third of the crew didn't trust the mutineers at all, and thought it better to trust their captain. The fact that Fletcher Christian and many of his fellow mutineers apparently killed each other on Pitcairn Island afterwards suggest the mistrust of the men loyal to Bligh had some merit.
-
Friday 2nd June 2017 12:27 GMT I ain't Spartacus
Re: The weakest point ... ?
Bligh also had an amazing record for keeping his sailors alive. I think both from illness/scurvy and accidents. Which was incredibly unusual at the time, where large numbers of your crew dying, was just considered part of the job. You could always get more...
On the other hand you have to shout at people even on well run sites nowadays to get them to comply with health and safety designed to keep them from gettting injured. And that was an era of pretty horriible discipline. So I'd imagine his crew probably didn't love him all that much for it, given the amount of floggings it probably took to achieve it.
As I understand it Fletcher Christian's family were quite well-off and influential, so they got the propoganda going about Bligh at the time. As obviously there was his future court-martial to consider.
As someone's already said, his navigation with incredibly basic tools to find a tiny Pacific island in a very big Pacific Ocean, in a ridiculously small boat, was truly amazing.
-
-
-
-
Thursday 1st June 2017 20:23 GMT Anonymous Coward
Re: The weakest point ... ?
one gathers that the crew of a UK Trident have the total responsibility for initiating a launch
I would think the idea of a submarine traipsing around with city busters would be rather nullified if the crew DIDN'T have "total responsibility for initiating a launch". Especially if the boomer is under the polar ice cap etc.
If you think "The President" is needed to intervene in a launch-for-sub scenario, you might have been told tall tales.
-
This post has been deleted by its author
-
Friday 2nd June 2017 09:33 GMT Anonymous Coward
Re: The weakest point ... ?
If you think "The President" is needed to intervene in a launch-for-sub scenario, you might have been told tall tales"
@realDonaldTrump Had to launch bigly against our enemies! Paris, Mexico and #fakenews will pay for it! failing #nytimes has it coming! [did I get that right, Vovochka?] Then we had the best, the best cake!
-
-
-
-
Thursday 1st June 2017 16:36 GMT bombastic bob
Re: Bog Standard Option in US Submarines, too
a couple of years ago I had a chance to visit my old sub while in San Diego, on its decomission tour [it's now split into multiple sections, which will become 2 training units and a 'sail traning unit' for shipyard construction].
The rules were simple and included: NO DEVICES. We were to leave our phones and other electronic devices behind. Only approved devices were allowed on board. [apparently this was the normal rule for the sailors on board, as well] [I'm also guessing the British Navy would have similar rules in place]
So yeah they had "windows for warfare" running (or whatever it's called) on laptops, which appeared to be ruggedized, for things we used to do manually. The electronics had been upgraded, a few archaic pieces of equipment removed, but most of it bore that "70's look" since that's when it was designed. Even the fire control system was the original.
One advantage of 'old tech' like this is that it's not really "hackable". I mean, how many people have access to a Sperry/Univac UYK/7 ? And if they did, good luck getting the program into the box.
"no school like the old school" - yep. And the military seems more than aware of cyber security threats, not allowing "unclean" devices on the sub. I expect the same in the British Navy as well, especially for operational boats [not ones on their way to the shipyard to be cut up into pieces].
-
-
-
-
Thursday 1st June 2017 20:29 GMT J. Cook
XP on floppies...
Thankfully, no. It was CD-ROM only, no DVD, no USB.
XP Embedded is also different from 'normal' XP in that it's a monolithic pre-compiled image- you have to bake the drivers for your machine into the image on a developer or build system first, then you could deploy it to the device you were preparing. Windows Embedded Standard 2009 (which is the updated release of the XPe SP3) runs out in April of 2019, interestingly enough.
-
Thursday 1st June 2017 22:00 GMT James O'Shea
Re: XP on floppies...
Err... not quite. Win XP normally shipped on DVD, but you could order floppies from Microsoft (10 for a minimum install, IIRC) if you wanted. There used to be a page on Microsoft's site online where you could just download the floppy installs, but it's dead now. See https://www.neowin.net/news/windows-xp-sp1a-floppy-install-disks for pointers to the now dead sites.
I remember having so much fun installing XP from floppy once, and only once, a very long time ago.
-
-
-
Thursday 1st June 2017 16:47 GMT a_yank_lurker
Another Clueless Report, Eh?
The problem is not that any computer system is hackable under some scenario but whether the scenario is likely to occur. I doubt the 'authors' really know much about how to hack RN or USN shipboard software so their imaginary scenario is not likely to be an real issue. I would be more worried about someone who is selling secrets to whomever (you can pick your favorite villain) than some more typical cyber attack. The seller is in a better position to harm you.
-
Friday 2nd June 2017 09:23 GMT Anonymous Coward
Re: Another Clueless Report, Eh?
have the "authors" of the report even been on a submarine (except to say how evil they are) and do they have any practical IT security experience? They cant even plagiarise properly ..... they do have claim (on their website) of research capabilities (does looking up stuff on Wikipedia count as research?). Their boss's bio is interesting too - his technical expertise seems to be open to question. "Paul has an extensive media experience and hosted a weekly peak-time talk show on IRINN (Iranian domestic TV News in Farsi) addressing issues relevant to global security 2007-2012. "
No, I should be nice. in a blog post a year or so ago, thwt same technical expert put "With such rapid changes in processing power, detection, robotics and artificial intelligence, as identified by BASIC in recent months,"
We are all very lucky BASIC is here to tell us of these changes, as otherwise no-one would know!!
-
-
Thursday 1st June 2017 17:13 GMT Anonymous Coward
Well I was going to make a trite remark
Along the lines of whoever connected one of these things to the internet needs to be hanged, drawn and quartered. But thinking on, they were designed and built in more naive times... Now the people who thought the F35 design* should not be completely off net** OTOH....
* Blueprints stolen by the Chinese, who are now making some awfully fancy looking fighter jets.
** Or at least not on any network accessible from the broader internet.
-
Thursday 1st June 2017 18:27 GMT Anonymous Coward
So, thinking about this if I wanted to hack a Trident submarine then the easiest way would be to hack Microsoft and get into their continued XP support program data and put a trojan in the Minesweeper code because lets be honest it must get a bit boring being underwater for months.
Having wrote this I now have the dawning realisation that it will appear on their next "insightful" report.
-
Thursday 1st June 2017 20:36 GMT Arachnoid
A fine book to read : The Silent Deep -The Royal Navy Submarine Service Since 1945
A very interesting and detailed book it relates the history of the UK fleet and how it has been diminished by various Parliaments over the years to the minimum threshold of only four, which barely allows one to be on patrol at all times and another to perform ancillary duties such as training Perishers.Additionally how due to reduced fleet sizes, it gets more difficult every year to provide adequatly trained crews who are prepared to spend months at a time away from home living in confined spaces with no outside contact.
As to firing an ICBM or the newer Cruise missle configuration should it ever be needed , it requires the boat to atain certain states of stable flotation and rediness matched by crew willingness to progress the system to an active state.This whole sequence of events may take up to an hour to achieve so no its not an instant push to launch that some may think.
It would be easier not that it will ever happen,to hack a surface vessel with nuclear capability as they only move in two planes not three.
-
Friday 2nd June 2017 07:03 GMT John Savard
Quite right, but...
While the report in question says nothing new, it actually does make a valid point. While the computers on board those submarines can't be hacked directly, they are connected, when they are maintained when the submarines are in port, apparently to ordinary Windows-based x86 computers that are even connected to the Internet. If that is indeed the case, there is at least a potential for an attack.
The maintenance computers ought not to be connected to the Internet. And they should be running some other operating system besides Windows.
But that's just a first step. Obviously, it's not a panacea is what they're doing is installing updates... delivered to them by memory stick from another computer that is connected to the Internet, to get it from the people who wrote them, also on Internet-connected computers. Even if those computers were running Linux instead of Windows, that's no guarantee.
What to do? And memory sticks can be hacked. Develop the software on computers with no Internet connection, and ship the updates by burning DVD-ROMs?
I think one compromise can be safely made. Put encrypted files on the DVD-ROMs, then use an ordinary computer on the Internet to send those from where the software is written to where the submarines are. Of course, if the receiving computer is hacked, even though the encrypted files can't be tampered with, the DVD-ROMs could be poisoned somehow.
However, presumably a computer running a hardened version of BSD and used for maintaining nuclear submarines will have autoplay turned off.
Still, maybe a long malformed file name could exploit some vulnerability, so that's not a complete panacea, but perhaps other precautions are possible.
-
Friday 2nd June 2017 14:13 GMT Arachnoid
Re: Quite right, but...
Yes the Computer and even the Personel are open to corruption,technology will never change that,survielance will never change that it all a matter of risk.If anything the risk is much greater that a third world country will gain access to the necesary materials to make an effective nuclear weapon and a capable delivery system.
-
-
This post has been deleted by its author
-
Friday 2nd June 2017 09:56 GMT Anonymous Coward
100% speculation, fiction and bullshit
Complete and utter total nonsense, this reads like a script from a bad episode of “Spooks”.
Clearly written by clueless armchair commentators who don’t know what they’re on about.
You can’t insert any old USB stick – the only ones which work are special MOD approved ones – it’s locked down by device ID or whatever the equivalent of a MAC address is. You then have to enter a password – wrong password three times and the thing locks. Also the capacity of these is very limited, in order to prevent any Bradley Manning-style shenanigans.
Furthermore you may not even have a USB port – the keyboard and mouse connectors are replaced by some weird four pin BNC connectors the like of which I’ve never seen before or since.
You can’t run an executable unless it’s been whitelisted. You can even see it. You can’t delete it. You can’t create so much as a text file unless it’s been whitelisted. TL:DR you can’t do jack shit unless it has been whitelisted. And that’s why hundreds and hundreds of people work on Atlas, and why everything they do is way over budget and years behind schedule: because everything is locked down like mad, tested, documented again and again and again.
Anonymous as I used to work on this stuff.
-
-
Friday 2nd June 2017 14:50 GMT GruntyMcPugh
Military hardware will always run on older operating systems, because the procurement and verification phases are lengthy. The US Patriot Missile system used MicroVAXes for a lot longer than you'd have seen in industry (now replaced by Windows with some real time processing tweaks,... not sure which version of Windows they are now on however).
-
Saturday 3rd June 2017 11:58 GMT Dodgy Geezer
Statement (blindingly obvious)
...Trident nuke subs are hackable, thunders Wikipedia-based report...
No Shit, Sherlock!
ALL computer gear is 'hackable' if you are allowed to imagine any pre-conditions that you like. It's also subject to bugs, hardware failure, incorrect data input and good old human error in interpreting the output. And many more possible threats.
The sub itself is subject to damage or destruction from enemy action, navigational or seamanship error, system failure, corrosion, mutiny.... - the list is endless, including obscure accidents like getting struck by a meteorite.
Wake me up when they have invented an object which isn't subject to any threats at all. The issue is what you do to counter the threats, not that they exist. And I'm guessing that nuke subs:
a) have security policies and procedures suitable to prevent attempts to hack their computer systems
b) are certainly not going to tell the world what these are...
-
Sunday 4th June 2017 09:20 GMT Dr.Strangelove
Aboard a US boomer at sea... with camera...
Try to get hold of the Discovery Channel documentary series "Submarines sharks of steel" It was shot by a small Australian crew with an extraordinary range of interviews and access. When they went to Washington state to film the US Trident submarines a Commander invited them aboard and, impressed with their research, then took them to sea for three weeks while doing a work up and testing after a refit and maintenance. They filmed the entire thing including interviews with the commander and XO During this exercise they received an E.A.M or emergency action message and the crew then ran through the sequence to practice a launch which was filmed in its entirety from end to end! Extraordinary! This is in the days when Commanders of US Trident submarines had absolute control and discretion as designed by Admiral Rickover, the founder of the US nuclear Navy. I believe the launch sequence shown in the movie "Crimson Tide" was derived from this documentary. Naturally US naval command objected strongly to the sequence being published in the documentary but since the crew had permission from the commander they decided to include it anyway, with a couple of "blurred bits" much to the Navy's annoyance. The whole 4 part series is worth a watch but the Trident sequence is the highlight I think. I know the then line-producer who was with the crew (director/camera, soundo, producer, 3 in total). Steve said that they effectively disappeared for 3 weeks as no one ashore, even the navy, knew they were aboard. They later went to Russia and got a tour and interviews aboard a Russian boomer, this being just post Cold War and prior to the rise of V Putin. Check it out...
-
Sunday 4th June 2017 16:50 GMT Anonymous Coward
Re: Aboard a US boomer at sea... with camera...
"Just post Cold War" is the rise of Boris Yeltsin and the looting of CIS (and western taxpayer pockets) by well-connected eastern/western interests (not to mention very public "intervention in the democratic process" which was somehow A-OK back then but now leads to fever rashes on CNN even if no proof is ever shown), but thanks for the hint.
-
Biting the hand that feeds IT
