Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US Nuclear Missile Silos Use Safe, Secure 8" Floppy Disks

timothy posted about 4 months ago | from the not-the-onion dept.

The Military 481

Hugh Pickens DOT Com (2995471) writes "Sean Gallagher writes that the government built facilities for the Minuteman missiles in the 1960s and 1970s and although the missiles have been upgraded numerous times to make them safer and more reliable, the bases themselves haven't changed much and there isn't a lot of incentive to upgrade them. ICBM forces commander Maj. Gen. Jack Weinstein told Leslie Stahl from "60 Minutes" that the bases have extremely tight IT and cyber security, because they're not Internet-connected and they use such old hardware and software. "A few years ago we did a complete analysis of our entire network," says Weinstein. "Cyber engineers found out that the system is extremely safe and extremely secure in the way it's developed." While on the base, missileers showed Stahl the 8-inch floppy disks, marked "Top Secret," which is used with the computer that handles what was once called the Strategic Air Command Digital Network (SACDIN), a communication system that delivers launch commands to US missile forces. Later, in an interview with Weinstein, Stahl described the disk she was shown as "gigantic," and said she had never seen one that big. Weinstein explained, "Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.""

cancel ×

481 comments

Sorry! There are no comments related to the filter you selected.

That big? (5, Funny)

jonnythan (79727) | about 4 months ago | (#46867601)

"I've never seen a floppy that big!"

"Wait til you see it spinning."

Re:That big? (1)

Anonymous Coward | about 4 months ago | (#46867747)

"I've never seen a floppy that big!"

Just wait until she sees the 14" hard disks.

They say 8" (5, Funny)

Anonymous Coward | about 4 months ago | (#46867621)

They say 8", but their wives privately shared that they were only 6" on a good day.

"...and said she had never seen one that big" (4, Funny)

QilessQi (2044624) | about 4 months ago | (#46867625)

"Uh... phrasing."

Re:"...and said she had never seen one that big" (0)

DigiShaman (671371) | about 4 months ago | (#46867825)

That's what they all say to me.

It's Trollicious! (-1)

ThatsDrDangerToYou (3480047) | about 4 months ago | (#46867633)

"Stahl described the disk she was shown as "gigantic," and said she had never seen one that big. Weinstein explained "That's what she..

No, sorry. Not gonna do it.

Security through Antiquity? (1)

jlegelis (2746197) | about 4 months ago | (#46867647)

Brilliant strategy...

Re:Security through Antiquity? (2)

the magic word (3592255) | about 4 months ago | (#46867691)

That's why I always surf on my C64. If floppies are safe, I must be invunerable with my tapes.

Re:Security through Antiquity? (1)

B33rNinj4 (666756) | about 4 months ago | (#46867693)

All jokes aside, it actually is fairly secure against some types of intrusions. The real issue is maintaining antiquated technology, and making sure new users are trained on it.

Re:Security through Antiquity? (2)

MightyMartian (840721) | about 4 months ago | (#46867851)

Indeed. How long has it been since anyone manufactured 8" disks? Twenty years at least, I'd say. I inherited an old Tandy 6000 computer running Xenix which had an 8" drive back in the early 1990s, and I remember even then they were special order items. At that point high density 5.25" inch and 3.5" drives were coming into their own.

Not only are the floppies old, but the drives are old, and keeping old floppy drives going can be a pain.

Re:Security through Antiquity? (1)

rjune (123157) | about 4 months ago | (#46867917)

I have a set of 8" Floppy drives that I can't give away! (DS-DD drives with a 1.2 MB capacity!) Post a reply if you want them (SE Wisconsin area)

Re:Security through Antiquity? (0)

Anonymous Coward | about 4 months ago | (#46867959)

If you use them all the time, its not nearly as bad as if you got an old floppy drive out of your attic. If things go wrong, you fix them. I don't really see a problem so long as they aren't using vacuum tubes.

Re:Security through Antiquity? (5, Insightful)

Anonymous Coward | about 4 months ago | (#46867723)

Not so much. This is actually more along the lines of "If it aint broken, don't fix it".

Some systems are so deeply entrenched that replacing them often becomes a nightmare and you are not necessarily gauranteed with a more stable, robust replacement system.

Even though some of these systems are old, they are often very very stable.

Re:Security through Antiquity? (1)

K. S. Kyosuke (729550) | about 4 months ago | (#46867899)

Not so much. This is actually more along the lines of "If it aint broken, don't fix it"

I think you've just broached the interesting problem of fixes, spare parts, and replacements.

Re:Security through Antiquity? (2)

jythie (914043) | about 4 months ago | (#46867973)

With tech from that erra, it is a lot easier to fabricate replacements from scratch then today. For that matter, more of it can be fixed as opposed to being integrated in such a way that your only option is to trash and replace.

Re:Security through Antiquity? (5, Insightful)

The123king (2395060) | about 4 months ago | (#46867743)

Loving the sarcasm, but seriously, these antiquated systems are probably a lot more secure than many modern systems. After all, it's next-to-impossible to hack one of these missile control systems if they're not connected to the internet and code must be loaded on 70's era floppy disks (which are next-to-impossible for Joe Bloggs to get hold of)

Sure, it's terrible energy-inefficient, and the support costs must be through the roof, but i'm more comfortable knowing that the missile control systems are running on pre-internet (and even ARPANET?) systems. It means the many enemies of the US cannot just hack into the missile control systems and start armageddon. No internet, no hacking, no problem.

Re:Security through Antiquity? (1)

FatLittleMonkey (1341387) | about 4 months ago | (#46867945)

(which are next-to-impossible for Joe Bloggs to get hold of)

I don't think Joe Bloggs is the one trying to breach a US nuclear silo.

Re:Security through Antiquity? (2)

IQzeroIThero (978481) | about 4 months ago | (#46867987)

No Skynet to launch Nuclear Missiles and start a machine vs human war :D

Re:Security through Antiquity? (0)

Anonymous Coward | about 4 months ago | (#46867751)

Sure! No evil USB ports, so people cannot load a Stuxnet-like virus. 8" floppies, so nobody can load in any trojan programs from their own floppy - where would you get one? Ebay? How old might that disk be? Antique OS, with system calls no one knows anymore.
It's perfect! Now, if it just fires up one more time, when needed...

Re:Security through Antiquity? (2)

jythie (914043) | about 4 months ago | (#46867955)

Actually it is a pretty good one. Older equipment has been vetted for a good long time, and is generally simpler so there are fewer points where new vulnerabilities might exist. One of the reasons we have had so many security problems is the constant flow of new features being tacked on at every level combined with people wanting the technology to do so much more.

thats what (-1)

Anonymous Coward | about 4 months ago | (#46867653)

she said

That's what she said... (-1)

Anonymous Coward | about 4 months ago | (#46867667)

According to the article she said she had never seen one that big...

Security through obscurity (4, Insightful)

Anonymous Coward | about 4 months ago | (#46867669)

Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.

No, they don't. Claiming obsolete hardware and software is more secure is just a thinly veiled security through obscurity claim. There are other claims here; the machines are airgapped, and I suspect that the physical site security is pretty good; but the use of old software and hardware adds nothing at all to that.

Re:Security through obscurity (1)

syntheticmemory (1232092) | about 4 months ago | (#46867703)

At least they are no longer using a clay tablet reader.

Re:Security through obscurity (5, Insightful)

mrchaotica (681592) | about 4 months ago | (#46867719)

There are other claims here; the machines are airgapped, and I suspect that the physical site security is pretty good; but the use of old software and hardware adds nothing at all to that.

You have to admit, the old hardware makes it hard for some random officer to violate the air gap by plugging in his USB-using cellphone.

Re:Security through obscurity (0)

Anonymous Coward | about 4 months ago | (#46867983)

With budget cuts everywhere its easier to exploit the weakest link in the security: people. It works regardless of technology level.

Re:Security through obscurity (1)

Resol (950137) | about 4 months ago | (#46867739)

Well, I suppose it's possible that the systems were small enough back then that they were able to prove that the systems were correct to essentially eliminate bugs, but as you point out, once past the physical security, I suspect there's a number of new techniques that could be brought to compromise the systems - even without exploiting what might be called traditional flaws.

Re: Security through obscurity (1)

Anonymous Coward | about 4 months ago | (#46867771)

The use of old machines adds quite a bit: today's large USB sticks allow a hostile force to hide complex software. You simply can't hide much if neither the media not the machine have much space to spare.

Re:Security through obscurity (1)

gurps_npc (621217) | about 4 months ago | (#46867815)

Old software does have an advantage in that it is more thoroughly bug tested. But that's about it.

Re:Security through obscurity (1)

The123king (2395060) | about 4 months ago | (#46867827)

Sure, you can get the same security by isolating modern machines from a network and loading code using USB's or CD's and DVD's, but why fix something that's not broken? These systems only have one job, and they were a significant investment when they were installed, and the still do their job pretty effectively. The US therefore has little to no incentive to upgrade the systems already in place.

The other thing worth mentioning is the simplicity of these systems. Older hardware is suprisingly easy to service, modify and alter purely because they're so primitive. Sure all those discreet components might be less reliable, but when something does go wrong, it's often a case of a bit of solder and a new component, instead of buying and installing a whole new SoC or daughterboard.

Re:Security through obscurity (2)

CanHasDIY (1672858) | about 4 months ago | (#46867937)

Sure, you can get the same security by isolating modern machines from a network and loading code using USB's or CD's and DVD's,

Except that's not the same security - Anybody these days can get their hands on USB drives, CDs, and DVDs, but you'd be hard pressed to find a working 8" floppy, drive, and computer to write it with.

Re:Security through obscurity (0)

Anonymous Coward | about 4 months ago | (#46867829)

Actually, in this case, it does prevent against hardware backdoors. We already know this is a real thing and is being used by a few governments, some of which we do business with.

Re:Security through obscurity (1)

MightyMartian (840721) | about 4 months ago | (#46867873)

Indeed. The principle security here seems to be that they are in a well-secured facility and are airgapped. Windows 95 would be relatively secure in such an environment.

Re:Security through obscurity (2)

Xest (935314) | about 4 months ago | (#46867969)

I don't think that's true, how long would it take you to ensure no backdoor had been slipped into even the Windows 95 binaries you're installing on the machine compared to auditing the source code and compilation process of even say an early version of DOS? let alone something even more simplistic again.

The fact is more code = more chance of missing malicious code. Older hardware and software almost always means smaller codebases, more simplicity, and less scope for malicious code.

Re:Security through obscurity (5, Insightful)

Attila Dimedici (1036002) | about 4 months ago | (#46867905)

Actually, it does. The fact that you cannot load data on these machines using a USB device does mean that they are more secure. The fact that anybody carrying around something that would allow them to quickly and easily load software (whether malicious or not) onto these machines would be obvious to anyone watching them does in fact increase security. The security does not come from the fact that the hardware is old, but from the fact that attempts to load software onto it are obvious. And on the software side it is not the fact that it is old that adds security, rather it is that the people who are knowledgeable enough about it to hack it are extremely rare. In both cases, these facts are a result of them being old, but the age is not what he is claiming makes them more secure. Rather it is a side effect of them being old.

Re:Security through obscurity (2)

Xest (935314) | about 4 months ago | (#46867939)

Actually I'd argue that's not entirely true. It's far easier to verify there's no back door in vastly simpler hardware and software from back then than there is in the vastly more complex hardware and operating systems of today.

That was a time before I believe we even had computers automatically attempting to optimise circuitry - it was all hand done and the reasons for designs were entirely understandable and known by humans.

Back then processors did exactly what you told them to, nothing more, and nothing less, with none of that fancy optimisation shit!

I think there's a lot to be said for that by way of security, it's far harder to slip something subtle and subversive in when there's far less complexity.

Re:Security through obscurity (5, Insightful)

bluefoxlucid (723572) | about 4 months ago | (#46867947)

Actually, you're wrong.

These old networks are airgapped in so many ways, not just by removing the CAT6 to the Internet. The disks themselves are airgapped, as they're not constantly in systems which can read them; likewise, there's a huge airgap between a spy and a reader: if the disks are stolen, they need a huge honkin' machine to read them, or they need to use base facilities which have cameras and guards. Further, the media is low-density: you need to physically transport a truckload to get what fits on a modern CD-R, much less on a 64GB microSDHC.

Just as with 1000 iteration hashing, these large systems impose a time limitation on mass copy. If you want to access this top-secret file, it's merely 15kB of text stored on a 40kB disk. If you want to steal the wealth of information archived here, you must find the disks you want and then copy each of them. If you want it all, you must spend weeks if not months copying each individual disk to a portable flash drive.

There are some real difficulties involved in stealing this much data in this form. That provides a layer of security by requiring high-visibility or excessively slow methods of data access, both of which sharply increase risk in espionage. You are more likely to catch and interrupt any significant espionage attempt in this model than in a model where we put all our stuff on a USB drive that's taken to a modern machine in a secure room.

Cyber engineers? (0)

Anonymous Coward | about 4 months ago | (#46867675)

You can tell that people have no clue when they keep using the word Cyber.

Sounds like we have a new phrase... (2)

jcochran (309950) | about 4 months ago | (#46867679)

Instead of "Security through obscurity", we now have "Security though obsolescence."

Re:Sounds like we have a new phrase... (0)

Anonymous Coward | about 4 months ago | (#46867701)

"Obsolescence" is an understatement.

Re: Sounds like we have a new phrase... (0)

Anonymous Coward | about 4 months ago | (#46867709)

Considering the size of those disks it's more security through obesity.

Re:Sounds like we have a new phrase... (1)

barlevg (2111272) | about 4 months ago | (#46867725)

I wonder how many modern hackers would be able to make sense of, say, a PDP-7 [slashdot.org] if given physical access.

Not Internet Connected (5, Insightful)

EmagGeek (574360) | about 4 months ago | (#46867683)

The silo wins the security battle through two things:

1) Physical security
2) Not being on the Internet

Yes, it's old stuff. Who cares? Nobody can touch it, and it's not on the global network. Not much else is required.

Re:Not Internet Connected (4, Insightful)

Thanshin (1188877) | about 4 months ago | (#46867783)

The silo wins the security battle through two things:

1) Physical security
2) Not being on the Internet

3) Armed guards with instructions to shoot on sight.

They are to security what rubber hoses are to cryptoanalysis.

Re:Not Internet Connected (1)

Doug Otto (2821601) | about 4 months ago | (#46867871)

3) Armed guards with instructions to shoot on sight.

As long as they're awake....

Re:Not Internet Connected (0)

Anonymous Coward | about 4 months ago | (#46867921)

4) Bunker full of nukes.

Re:Not Internet Connected (0)

Anonymous Coward | about 4 months ago | (#46867933)

Wouldn't that be "physical security?"

Your #3 is really #1.

Re:Not Internet Connected (0)

Anonymous Coward | about 4 months ago | (#46867967)

...I'd assume that it also has to do with the same reason that I was told that NASA used to tend to use older technology, all(most?) of the hardware defects were known with workarounds, and I'd presume that the software is relatively simple by modern standards and presumably easier to work with if it needs to be done.

Re:Not Internet Connected (0)

Anonymous Coward | about 4 months ago | (#46867979)

8" disks are security through (hardware) obscurity, and that'll put off the casual attacker.
You know what else puts off casual attackers? Men with guns.

Are there any old drives around that read these? (1)

bejiitas_wrath (825021) | about 4 months ago | (#46867685)

Are there any old drives around that can read these disks? What do they do if the drives fail? I am surprised this really still works, but I guess the stuff works, so they have no real inclination to upgrade it anytime soon. What old operating system do you need to read 8" floppy disks? Would DOS 6.22 work or would you need something even older?

Re:Are there any old drives around that read these (3, Interesting)

wiggles (30088) | about 4 months ago | (#46867727)

IBM PC architecture never used the 8" FDD to my knowledge.

I seem to remember those 8" drives on old DEC equipment - VAX minicomps and the like.

Re:Are there any old drives around that read these (1)

OzPeter (195038) | about 4 months ago | (#46867847)

IBM PC architecture never used the 8" FDD to my knowledge.

I seem to remember those 8" drives on old DEC equipment - VAX minicomps and the like.

I worked on systems in the late 80's that used 8 inch floppies (Network 90 DCS - which I think ABB owns nowadays). These were installed in the Operator Interface Units (OIUs) for backups etc. In my case I was running a pseudo multi-tasking program written in TI-Basic that read and wrote data to the floppies by overlaying variables in the Basic address space with absolute sectors from the floppies.

Yes .. it was primitive, even for its time.

Re:Are there any old drives around that read these (1)

Major Blud (789630) | about 4 months ago | (#46867865)

A lot of CP/M machines had them too. I have a TRS-80 Model 4p at home that has two built-in 8" drives.

http://en.wikipedia.org/wiki/T... [wikipedia.org]

Re:Are there any old drives around that read these (1)

lowen (10529) | about 4 months ago | (#46868029)

I've got to see pics of that, as that would be one rare 4P (I have two in my office right now.....). The case after all only allowed two Tandon TM-50 single-sided 5.25 drives to fit.

Now, the Model II had a single internal full-height 8; the 12, the 16, the 16B, and the 6000 had two internal 'slimline' 8's.

And 8's were the most common for the various CP/M boxen. Side-by-side 8's fit quite nicely in a 19 inch rackmount chassis, such as several boxen by Altos.

Then there were the RX01 and RX02 drives for PDP 11's.

Re:Are there any old drives around that read these (5, Informative)

lowen (10529) | about 4 months ago | (#46867805)

Yes, there are. I have one, and a Catweasel controller that can read and write basically any format on it.

The 8 inch standard format is very similar to the 1.2MB 5.25 inch format. Actually, it's the other way around, as when IBM built the PC AT and the high-density drives for it they apparently intentionally made the formats nearly identical. They're so close that computers that use 8 inch diskettes can typically be modified to run with 1.2MB HD 5.25 drives and media with only a new controller to drive cable and new drive power supply (8 inch drives typically take either AC mains power to run the spindle or 24VDC, and 5.25 drives take 12VDC to run the spindle). See http://nemesis.lonestar.org/co... [lonestar.org] for some tech info on how to do this with one of the first multiuser 'personal' computers, the Radio Shack TRS-80 Model 16 (and descendents the 16B and the 6000). Also see http://www.dbit.com/fdadap.htm... [dbit.com] for the 'proper' adapter board.

8 inch diskettes are famously reliable with good quality media, and the bits aren't packed so densely that an EMP event will wipe them out, as long as they're in a faraday cage with sufficient attenuation and power handling capacity.

Current production high-density PC FDC's can easily handle the 8 inch drive with the proper adapter cable, but the number of supported formats is small. More flexible is the USB interfaced Kryoflux, and the PCI Catweasel MK3 and MK4 (the Kryoflux is currently in production and available for purchase; the Catweasels have been out of production for a while and are a bit difficult to obtain last I checked; I bought my MK4 from amigakit.com, but they appear to only have the Amiga-specific MK2's in stock.

Re:Are there any old drives around that read these (1)

RenderSeven (938535) | about 4 months ago | (#46867819)

I still have my CP/M computer, twin 8" floppies, 64k memory, 4 mhz z80 processor. Every two years or so I fire it up just for fun, and it runs just fine. Agreed it shouldnt, but it does. And Wordstar runs just about as fast as the latest Word 2013. Not that I'd want to go back to those days, but there is no doubt in my mind it will outlive any computer and server in my office.

Re:Are there any old drives around that read these (1)

lagomorpha2 (1376475) | about 4 months ago | (#46867859)

Doesn't magnetic storage start to degrade after 40 years?

Re:Are there any old drives around that read these (1)

FlyingGuy (989135) | about 4 months ago | (#46867911)

Do you really think that the United States military, very specifically, the part of it that can unleash a version of hell that you have trouble even imagining, does not have the budget to get those drives manufactured, one off or any other part of the system?

Re:Are there any old drives around that read these (1)

FaxeTheCat (1394763) | about 4 months ago | (#46867941)

Anything from the 70's and the early 80's will work.
Some VAX computers (11/780 series) used 8" floppy to read the boot loader. OSes like VAX/VMS, RSX-11, RT-11 will read/write them. I also suspect that any old IBM computer/OS will read them.

The main problem is that hardware was more proprietary in those days. You cannot just plug in any 8" drive.
File systems and formatting were different between OSes and vendors, so you need the OS that wrote it to be able to read it (or an emulator).

Re:Are there any old drives around that read these (1)

confused one (671304) | about 4 months ago | (#46867975)

Yes, drives are available used (see ebay). I'm sure there is a contractor somewhere making decent money maintaining these. These drives were "robust" and would be fairly easy to repair. If you really needed a new one, the tech is easy to replicate. I wouldn't be surprised if someone maintains a facility to supply these on an as-needed basis (at an appropriately elevated price, of course). DOS 6.22 might be too new. My DOS 3.3 Sourcebook says it supported some 8" disk formats (that paralleled 5.25" formats) but that most of the 8" formats were obsoleted with DOS 2.x. Last 8" disk I saw was I believe a 250kB capacity used on a DEC PDP in an industrial application in the late 1980's.

Penis jokes aside... (5, Interesting)

barlevg (2111272) | about 4 months ago | (#46867687)

I see no downside to this. There's no reason for our nuclear silos to be networked or to run modern hardware. If it works, don't fix it.

Related: anyone remember in the pilot of the Battlestar Galactica remake how they explained that the reason there was all that old tech (phones with cords, manual doors) aboard a starship made with technology hundreds of years superior to our own was that they designed it that way on purpose to prevent hacking? Kinda makes you wonder--if there's actually a cyber warfare component to the next major conflict, will the military tech that's developed afterwards end up resembling 1970s (or earlier) era hardware more so than the "futuristic" tech you see in most modern SF?

Re:Penis jokes aside... (1)

bruce_the_loon (856617) | about 4 months ago | (#46867753)

I suspect that would be the case. One good war where you lose because your computer controlled weapons system got zero-dayed and the enemy was launching your own missiles at you via TeamViewer while your mouse refused to respond and I suspect your replacement ships would require you to manually program the coordinates and launch the missile by pulling a piece of string from behind a blast screen.

Re:Penis jokes aside... (2)

JaredOfEuropa (526365) | about 4 months ago | (#46867963)

launch the missile by pulling a piece of string from behind a blast screen.

From the manual: "Antiship missile (with loud report). Light, and get away".

Re:Penis jokes aside... (0)

Anonymous Coward | about 4 months ago | (#46867793)

"If it works, don't fix it."

That's a pretty big if when you are talking about floppy disk technology that is over four decades old.

Re:Penis jokes aside... (2)

Minwee (522556) | about 4 months ago | (#46867869)

"If it works, don't fix it."

Close. The phrase is actually "If it works, then you can't get a multi-billion dollar contract from the government to fix it."

Re:Penis jokes aside... (1)

barlevg (2111272) | about 4 months ago | (#46867891)

If it's lasted four decades (I assume they run tests periodically), what makes you think it's going to break any time soon? My line of reasoning here is something similar to one I've heard about airplanes: in many senses, if you're going to fly, you want to be flying in an old bird--assuming proper maintenance, anything that was going to go wrong in a aircraft would have gone wrong already, so if it's still flying after several decades, it's likely the safest thing in the world.

Re:Penis jokes aside... (2)

Cornwallis (1188489) | about 4 months ago | (#46867821)

Exactly. When the Clinton "young uns" moved in to the White House after Bush One they made a big deal of the old phone system and low-tech offices.

They upgraded to new systems and guess what? The WH started leaking like a sieve because it became easy to do. There was a reason the Bush White house was low-tech.

Re:Penis jokes aside... (0)

Anonymous Coward | about 4 months ago | (#46867841)

[citation needed]

Re:Penis jokes aside... (4, Insightful)

Andy Dodd (701) | about 4 months ago | (#46867849)

It was interesting, that also in BSG they claimed that the fleet did have much newer starships - the Galactica was being decommissioned due to being obsolete.

All those other starships in the fleet perished quickly due to network infiltration by the Cylons. The only remaining operational hardware was the non-networked stuff.

Re:Penis jokes aside... (0)

Anonymous Coward | about 4 months ago | (#46867895)

"I see no downside to this"

Only when it's a "floppy".

Re:Penis jokes aside... (3, Interesting)

smooth wombat (796938) | about 4 months ago | (#46867897)

anyone remember in the pilot of the Battlestar Galactica remake . . . designed it that way on purpose to prevent hacking?

I do and I grinned when I heard those lines. Like so many of us on here, I work in the IT field (mainly solving problems created by others), and want to continually smack people upside the head when I hear them talking about wanting to add devices at random to the network or all the things they do on their smart phones.

The amount of people, in IT especially, who think networking everything is the be all and end all is staggering simply because these people, do not think the process through to realize the HUGE security issues they are opening themselves up to. These are the same people who think pushing the envelope of technology is a good thing until it bites them in the ass and they come running to my area to fix what it is they broke.

In a way, I get a sense of schadenfreude when I hear about people who have their phones lost/stolen with all their information on it, or who install the latest and greatest piece of software and find themselves wide open to attack.

Like most things, there is a reason not being at the forefront of technology is a good thing. You let others make the mistake and get exploited so you know how to be safe. In the case of Galactica, not being networked and not having the latest and greatest was its strongest defense.

Re:Penis jokes aside... (1)

drinkypoo (153816) | about 4 months ago | (#46867991)

Kinda makes you wonder--if there's actually a cyber warfare component to the next major conflict, will the military tech that's developed afterwards end up resembling 1970s (or earlier) era hardware more so than the "futuristic" tech you see in most modern SF?

More likely it will simply result in hardening of electronics, proper shielding and so forth. Anyone who reverts to dumb machines will get owned by people with proper automation.

Re:Penis jokes aside... (1)

bluefoxlucid (723572) | about 4 months ago | (#46867997)

Do you remember in Dune they made it illegal to make a computer which thinks in the way of a man? The prequel to Dune was called "The Matrix".

It makes a lot of sense (1)

Anonymous Coward | about 4 months ago | (#46867707)

Even if you could bridge the air gap nothing on the other side uses USB or runs a modern operating system. The slower a launch command is to be verified the easier it is to stop an accidental launch.

Plus you ensure nobody can use the launch computers for anything else, even if it is reportedly the most boring job in the world being on watch down in the missile silo.

Re:It makes a lot of sense (1)

khr (708262) | about 4 months ago | (#46867971)

Plus you ensure nobody can use the launch computers for anything else, even if it is reportedly the most boring job in the world being on watch down in the missile silo.

They can't play a nice game of chess on them? Only global thermo nuclear war?

this is reassuring (1)

Jodka (520060) | about 4 months ago | (#46867721)

quoth ICBM forces commander Maj. Gen. Jack Weinstein

"Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.""

Note that the guy in charge of all the nuclear missiles in the United States invokes a security-though-obscurity argument to justify obsolete systems.

Re:this is reassuring (1)

Richy_T (111409) | about 4 months ago | (#46867777)

More like security through not pandering to user ease-of-use.

Re:this is reassuring (1)

mlts (1038732) | about 4 months ago | (#46867799)

Security is about forcing the blackhats to go through time and expense. STO usually doesn't work, but with using thirty year old technology, it would require an attacker to jump through a lot of hoops just to even procure a computer that can read an 8" floppy drive, the drive itself, and the exact media used (hard-sectored or soft-sectored). Even then, there are different ways to format the disk, be it CAV or CLV, one read/write head or two.

Of course, once a usable disk is obtained, it is a lot harder to get that past security than a USB flash drive.

Nothing is 100% secure, but there are not many hacking tools made these days that can physically compromise an old System/3, or machine of similar vintage. It would take old school mainframe experience, something that wouldn't be widespread knowledge.

Re:this is reassuring (1)

Anonymous Coward | about 4 months ago | (#46867817)

You really want the Lord High Executioner to use Windows 8?

Re:this is reassuring (4, Interesting)

FlyingGuy (989135) | about 4 months ago | (#46867835)

to justify obsolete systems.

Wow, you just don't get it! Your remark implies that he is some sort of Luddite with the attitude of, "it worked for my grand pappy so it is good enough for me!"

What the man said is that they did a complete audit of the systems and given the requirements they determined that what they have is the most secure system they can come up with.

Your remark also implies that they should be all modern with a nice tomcat stack running php, python or god alone only knows what bit of Swiss cheese stack of cruft to control the very things that could quite easily turn this entire planet into a spinning ball of radioactive fire."

Re:this is reassuring (1)

CanHasDIY (1672858) | about 4 months ago | (#46867907)

quoth ICBM forces commander Maj. Gen. Jack Weinstein

"Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.""

Note that the guy in charge of all the nuclear missiles in the United States invokes a security-though-obscurity argument to justify obsolete systems.

Well, he does have a point.

For starters, if there's no modern input method (i.e., network connection, USB ports), there's no way to hack the system with modern electronics, and I doubt you could successfully sneak an era-specific "portable" computer [wikipedia.org] in unnoticed.

The other good reason I thought of* is the fact that old, analog electronics are more likely to survive the EMP from a nuclear blast than modern, solid-state stuff. To wit, if a well-placed air-burst nuke drops EM radiation across the continental US, my 2009 pickup will be effectively dead, but my 1967 Mustang, with it's points-type ignition and lack of electronics, will fire and run like always.

* of course, this only applies if the systems in use at the missile silos are analog.

Re:this is reassuring (1)

medv4380 (1604309) | about 4 months ago | (#46867925)

No, it's not security though obscurity, it's security though not being on the internet, not needing the internet, and not wanting the internet. The older tech prevents someone from even being able to hook it up to the internet even if they wanted to. The internet is one big security hole, and if you don't need it then anything that prevents you from having it is a plus for security.

Re:this is reassuring (1)

meustrus (1588597) | about 4 months ago | (#46867927)

Running obsolete systems isn't quite on par with typical security through obscurity. It's not a matter of guessing the right URL to access elevated permissions. It's a matter of procuring 50-year old technology, which by the way nobody outside of the US ever actually got good at producing. How exactly would you go about hacking into a system not connected to any networks and controlled by 8" floppy disks? Especially since, in addition to the obscurity, there are armed guards everywhere?

It's also important to note that newer is not always better. Newer is most often more complex, and in computer security, complexity is the enemy. Add to that the much higher engineering standards of software more than 30 years old, and I'd say it isn't really just obscurity that makes an obsolete system more secure.

Re:this is reassuring (0)

Anonymous Coward | about 4 months ago | (#46868023)

Fine, let's go along with the security through obscurity argument. A few considerations anyway:
* 8'' drives are, outside those silos, mostly museum stuff, IF you can find a functional one.
* No network and no usb ports means a physically and logically isolated system.
* Armed guards
* No common knowledge of location

I agree that security through obscurity is not the best choice, but if you consider that the systems there are impervious to network attacks, and that there are soldiers guarding, i'd would say that those systems themselves are pretty secure themse,ves and that security through obscurity is only a nice little layer of aditional security.

Anyway, i'd go with Eugene H. Spafford's quote: "The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts". There is no such thing as an absolutely secure system, but a military-guarded, no-networked (prolly un-networkable) and nearly impossible to interface in a conventional way... That seems secure enough for me

wha? (1)

MickyTheIdiot (1032226) | about 4 months ago | (#46867803)

"Cyber engineers"?

I'm sorry, but anyone that uses this phrase is highly suspect.

I don't think it affects the information in this case, but there is a reason we think that journalists are stupid when it come to tech.

Floppy drives? (1)

un4given (114183) | about 4 months ago | (#46867813)

My concern here is not cybersecurity, but data integrity. Not sure what's on those ancient floppy disks, but if it is mission critical, then that's a problem. The failure rates on those would be unacceptably high.

Re:Floppy drives? (1)

JDG1980 (2438906) | about 4 months ago | (#46867863)

That was my first thought, too. Decades-old floppy disks might well have developed bad sectors – they do have backups, don't they?

Re:Floppy drives? (0)

Anonymous Coward | about 4 months ago | (#46867887)

and replacement parts?

Re:Floppy drives? (1)

Attila Dimedici (1036002) | about 4 months ago | (#46867929)

I am quite confident that they have a source of new disks. The technology may be ancient, but I doubt the actual disks are.

Re:Floppy drives? (2)

lowen (10529) | about 4 months ago | (#46867949)

Hmmm.....

I know this is opening things up for lots of bad jokes..... but, it really boils down to whether the cookie's lubricant is still effective at allowing the cookie to spin to the correct RPM, +/- the FDC's tolerance. And that is dependent upon the storage conditions (mostly humidity) and the media quality. Being in a military application, this media is likely the most expensive made, if not the highest quality.

Yes, the actual magnetic media is called a 'cookie.' And the word 'cookie' is a bit more difficult to twist into a bad pun.....

If the dry lube used in the oxide coating on the cookie has become ineffective, then there will be a rather distinct screeching sound as oxide (and your data) flakes away. There are techniques to overcome this with bad media; however, back when 8 inch media was common it was also far higher quality that the cheap 5.25 media of the 80's was, and those 5.25 diskettes are the ones that have given my data recovery attempts the most difficulty.

TRS-80 Model II Used 8" Floppies (1)

Hugh Pickens DOT Com (2995471) | about 4 months ago | (#46867833)

The TRS-80 Model II was the business version of the early Radio Shack computers.

We bought one in 1979 and used it for for five years until we bought one of the first Macs in 1984.

The Model II had a word processor, database, and spreadsheet program.

http://www.trs-80.com/wordpres... [trs-80.com]

Secure against Cylons (4, Insightful)

chiefcrash (1315009) | about 4 months ago | (#46867845)

"Galactica is a reminder of a time when we were so frightened by our enemies that we literally looked backward for protection"

Leverage the synergies! (0)

Anonymous Coward | about 4 months ago | (#46867853)

No, no, no! We have to embrace new technology, crowdsourcing, and distributed teams! The missiles should be connected to the world via Web 2.0 technologies and their status can be the result of thumbs up or thumbs down based on targets selected by the community. Put some ads on the voting page and PROFIT!

let's play global thermonuclear war (1)

Joe_Dragon (2206452) | about 4 months ago | (#46867893)

What side to you want.

1. USA
2. USRR
3. United Kingdom
4. France
5. China
6. India
7. Pakistan
8. North Korea
9. Israel

Re:let's play global thermonuclear war (1)

prefec2 (875483) | about 4 months ago | (#46868015)

Option 8 is not a real one. They cannot shot anyone beside China, South Korea and most likely themselves. And option two is called Russia these days.

Cue the immaturity (1)

geekmux (1040042) | about 4 months ago | (#46867935)

"...Stahl described the disk she was shown as "gigantic," and said she had never seen one that big."

And she realized only when the last syllable rolled off her tongue the double meaning of her words, punctuated by the shit-eating grin the General couldn't wipe off his face as he tried to explain that nuclear cowboys wrangling silos must swing big disks to be "secure"...

Needs an update badly (2, Insightful)

istartedi (132515) | about 4 months ago | (#46867951)

This is way out of date. We need to put our missiles in The Cloud, and re-do the launch control UI so it looks pretty. Get on it right away, I expect nothing less than $10 billion spent for a non-working system. Boy though, the guy wearing the fedora will think it's the best thing in the world. It is good for him too. It'll pay off most of his student debt.

Now was it ... (1)

Rambo Tribble (1273454) | about 4 months ago | (#46868025)

... a nice, old single-sided model, or one o' them newfangled double-sided ones?

Security by Obscurity (0)

Anonymous Coward | about 4 months ago | (#46868035)

Because no serious spy could ever get ahold of 8" floppies and drives.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>