Sophos Cloud Optix
You know how a military guy with a special briefcase was supposed to have followed the US president around, carrying what were allegedly the secret, continually changing codes needed to launch a nuclear attack?
It might as well have been filled with shredded newspaper, as Mashable’s Joe Veix puts it.
That’s because, according to a recently published paper about Permissive Action Links (PALs) – small security devices that prevent setting off nuclear weapons without the right code and the right authority – the “secret unlock” code for all US Minuteman nuclear missiles for almost 20 years during the Cold War was set to the jaw-droppingly simple code of eight zeros: 00000000.
Steven M. Bellovin, a computer science professor at Columbia, discovered how easy it would have been to set off nuclear weapons after coming across a 2004 paper by Dr. Bruce G. Blair, a former Air Force officer who manned Minuteman silos and the subsequent president of the Center for Defense Information.
Both Dr. Blair’s original paper and Bellovin’s more recent paper were cited in articles on Today I Found Out and in the Daily Mail.
In his 2004 article, Dr. Blair described a discussion about PALs he had a month earlier with Robert McNamara, the secretary of defense during the Kennedy and Johnson administrations.
McNamara confidently told Blair that yes, such locks were in fact installed on the Minuteman force and that he regarded them as essential to strict central control and preventing unauthorized launch.
The thing is, Blair told a “shocked and outraged” McNamara, the Strategic Air Command (SAC) in Omaha decided to make it easier to launch nukes by quietly setting the locks to all zeros.
During Blair’s stint as a Minuteman launch officer during the early to mid-1970s, none of those zeros had been changed.
In fact, he wrote, protocols had been set up to make sure to keep it that way. Oh, and just in case somebody forgot what the vital combination was? No problem, it was written down for the officers:
Our launch checklist in fact instructed us, the firing crew, to double-check the locking panel in our underground launch bunker to ensure that no digits other than zero had been inadvertently dialed into the panel. SAC remained far less concerned about unauthorized launches than about the potential of these safeguards to interfere with the implementation of wartime launch orders.
Blair went on to co-author a 1977 article with Garry Brewer titled “The Terrorist Threat to World Nuclear Programs” in which he argued for a more serious approach to activating the locks – locks that McNamara, as well as presidents during the relevant time, figured were already activated.
The article worked. It got attention at the top, and the locks were activated that same year.
So to sum it up, nuclear Armageddon originating in the most heavily-armed regime on the planet was an easily guessed password, written down.
Hmmm… simple passwords, written down.
I’m having the strongest sense of déjà vu. I see images of sticky notes with the numbers “123456” stuck to computer monitors.
Many of us, unfortunately, haven’t learned much since the Cold War.
Everybody – and that includes people with their fingers on the trigger of nuclear weapons – should use different, strong passwords for each website they log into or every missile they guard.
Make sure to choose strong passwords made up of at least twelve characters and containing a mix of letters, numbers and special characters.
If you’re like me, you lack the brain storage to remember them all, so consider a password manager like LastPass or KeePass.
Image of missile courtesy of Shutterstock.
The best passwords aren’t horrifyingly complicated groups of symbols and digits which just ask to be written down, but fairly long easily remembered phrases like “mydogisatailwagger”
you forgot spaces bro
You DON’T want spaces in a string like that. Including spaces would break the string up into discrete words which would be easier to work out due to being shorter and of known lengths. Each word could be listed in a dictionary file, but the entire phrase, without spaces? Not likely!
However, any encrypted string wouldn’t easily reveal where the spaces were, and adding spaces increases the number of possible characters from which to choose, which should increase the number of possible combinations tremendously. Punctuation characters add even more. And then there is whether you use the Oxford comma or not…
Nobody says you have to have the spaces in the right place. They could be a letter off.
All this just matters is for brute force attacks. Trying to get your password buy guessing so many times can be defended against. The real problem is when the internal system is compromised. If that happens they have your data encrypted or not.
keepass has been broken don’tcha know
I’ve always been curious about Keepass. What if you have a keylogger on your system and they get your master pass? Don’t they just have access to every single one of your passwords then?
Which is why we have multi-factor authentication.
So you mean master pass + key file?
I recently tried keepass after it was mentioned on this site but have kicked it out because it is so cumbersome to use. I’ve reverted to my pre-existing system which provides me with a different high quality pw for every application and site, and where the commonly used ones are moderately easy to remember. And for obvious reasons I’m not going to tell you how it works!
Yea, I have to admit, the password manager I use can be, on occasion, cumbersome/cranky. I’ve never been able to get it to work with Android, but I figure that’s got a lot to do with Google’s need to use application-specific passwords for various applications. The heck with
it, though. Given the ability to generate, store and pull up when necessary a password of 100 characters, I figure it’s worth a bit of head-desk-bangy-bangy, and I just don’t use my phone for things I probably shouldn’t be using my phone for anyway.
Hi Lisa, Have you or any of your colleagues done a study or article on why KeePass or LastPass or any other program. SHOULD be trusted with our sensitive password data? Searching the site, I could not find such an article. Thanks!
Too hard to guess but easy to remember. Use an emotional personal event, describe it in a centence and change a’s to fours etcetera. Wouala! You have yourself a strongest password there is.
OK, but then you have to turn around and do that for Every. Single. Site. Every. Account. Oh. Man. You just *have* to start writing them down, right? I used to have a little notebook full of good pass phrases. They were likely all good passwords, each on its own being easy to remember, but impossible to remember once they start to proliferate, once you get to, say, 10, 20, 30 pass phrases, right? Even if you only had 5, how do you remember which one goes with your bank account x or your bank account z or your Facebook login or gmail account or your Yahoo account or yadda yadda yadda? I’m sticking with the password manager approach, warts and all!
I said what 8*0’s they are having a laugh surely, with all the money they are spending to keep us all supposedly safe by spying on us through the NSA. it’s a shambles.
@jimlawton that’s just ignorant to say the “best passwords”. Anyone running a dictionary attack against those sort of strings would solve it in a few minutes. The example string you gave is also very weak even though it’s a phrase that isn’t so common a brute force attack would solve this string in an hour – if that.
@Robert Parker:
An hour? Love to have a seat at the computer that can figure out that password in an hour. Even assuming a dictionary attack that treats each word as a unique value and randomly puts together words, you’re looking at a six word phrase, with thousands of possible values (words) in each phrase.
I’m not saying it’s the best password in the world. I might go with “mydoG!isAtAilwAGGer!” or “[myd0g1sata1lwagg3r)”, but the claim of an hour to crack it without any prior knowledge is hyperbole at best.
Omg. Why does this surprise me?
Surely there were other security barriers to launching nuclear missiles than just passcodes?
Thinking back to the film “WarGames” (which is my only current reference on the subject, I am afraid) I recall a guarded underground base and some sort of metal door several inches thick all of which would all have to be negotiated by terrorists before using the launch codes to trigger nuclear missile lauches.
If that film were in any way accurate, then I think the issue of all-zero passcodes is a bit of a storm in a teacup.
Perhaps it was considered more of a risk for the passcodes to be lost or forgotten at a time when they were actually needed?
I am quite sure there are many more layers of protection than the passcode but presumably somebody thought it was required. If that’s the case then it should work.
If you allow the fact that there are many layers of security to excuse poor practice in one of them you’re excusing poor practice in all of them, and if you do that…
I don’t suppose the protection was really needed against terrorists. They should have been protecting against one of their own going on a bender and deciding to finish the lot of us. Not everyone who works for the state or the military is actually on our side – look at those who have recently disclosed millions of secrets to the wider world. Thank goodness they weren’t in charge of the missile firing desk.
There’s been a bit of writing about one general in particular from this time period whose colleagues thought he was sadistic. Actually, he himself admitted to being sadistic, as Dr. Blair relates.
That’s amazing! I’ve got the same combination on my luggage.
No offense, but I really feel recommending a cloud based (translation = insecure and unreliable) password utility is quite irresponsible – especially one which has already had security problems.
so is their password now 12345678 🙂
No, they just randomly jumbled the original characters.
If I were to divulge my bank password to LastPass, or let them create the password for me, what would happen if someone were to crack their system and raid my account? I think I would be in breach of the bank’s terms and conditions for allowing a third party to know the password.
See “Command and Control” by Eric Schlosser for a brief history of atomic weapons. He says that the military opposed safety devices because there was a chance that they would cause a weapon to fail. What would you say to the crew of a B52 that had risked their lives to deliver a weapon only to have it fail to go off?
MAD avoided?
The bomber always gets through? It only takes ONE per target to actually get past the defenses and just plain dumb luck failures AKA Murphy’s Law. With point defense concepts, this might become an obsolete concept, though?
I don’t know about anyone else, I laughed at this, I know security is no laughing matter, especially when your dealing with Thermonuclear Weapons, but this is funny. I have 18 or there about digit passwords that my Granddaughter can understand, even with symbols, numerals & letters included. It’s not really hard if you have a way of remembering it.
On the subject of missile silos, I remember a movie which should have served as a warning to the military, the premise of the movie was that after a nuclear war, two men were trapped in a bunker with radiation victims outside try to get in, one is doing a crossword puzzle & asks, “What is an 11 letter word for keep trying?” The off sider said he didn’t know, the cross word puzzle man can’t stand being confined & goes out side & becomes one of those outsiders, but can’t get back in due to his off sider changing the password. He tells his mate who is looking at him on a CCTV monitor, “Oh that 11 letter word, I found out what it is, it’s “persistence.” With that, he starts typing, ” 0000 ….