You know how a military guy with a special briefcase was supposed to have followed the US president around, carrying what were allegedly the secret, continually changing codes needed to launch a nuclear attack?
It might as well have been filled with shredded newspaper, as Mashable’s Joe Veix puts it.
That’s because, according to a recently published paper about Permissive Action Links (PALs) – small security devices that prevent setting off nuclear weapons without the right code and the right authority – the “secret unlock” code for all US Minuteman nuclear missiles for almost 20 years during the Cold War was set to the jaw-droppingly simple code of eight zeros: 00000000.
Steven M. Bellovin, a computer science professor at Columbia, discovered how easy it would have been to set off nuclear weapons after coming across a 2004 paper by Dr. Bruce G. Blair, a former Air Force officer who manned Minuteman silos and the subsequent president of the Center for Defense Information.
In his 2004 article, Dr. Blair described a discussion about PALs he had a month earlier with Robert McNamara, the secretary of defense during the Kennedy and Johnson administrations.
McNamara confidently told Blair that yes, such locks were in fact installed on the Minuteman force and that he regarded them as essential to strict central control and preventing unauthorized launch.
The thing is, Blair told a “shocked and outraged” McNamara, the Strategic Air Command (SAC) in Omaha decided to make it easier to launch nukes by quietly setting the locks to all zeros.
During Blair’s stint as a Minuteman launch officer during the early to mid-1970s, none of those zeros had been changed.
In fact, he wrote, protocols had been set up to make sure to keep it that way. Oh, and just in case somebody forgot what the vital combination was? No problem, it was written down for the officers:
Our launch checklist in fact instructed us, the firing crew, to double-check the locking panel in our underground launch bunker to ensure that no digits other than zero had been inadvertently dialed into the panel. SAC remained far less concerned about unauthorized launches than about the potential of these safeguards to interfere with the implementation of wartime launch orders.
Blair went on to co-author a 1977 article with Garry Brewer titled “The Terrorist Threat to World Nuclear Programs” in which he argued for a more serious approach to activating the locks – locks that McNamara, as well as presidents during the relevant time, figured were already activated.
The article worked. It got attention at the top, and the locks were activated that same year.
So to sum it up, nuclear Armageddon originating in the most heavily-armed regime on the planet was an easily guessed password, written down.
Hmmm… simple passwords, written down.
I’m having the strongest sense of déjà vu. I see images of sticky notes with the numbers “123456” stuck to computer monitors.
Many of us, unfortunately, haven’t learned much since the Cold War.
Everybody – and that includes people with their fingers on the trigger of nuclear weapons – should use different, strong passwords for each website they log into or every missile they guard.
Make sure to choose strong passwords made up of at least twelve characters and containing a mix of letters, numbers and special characters.Follow @NakedSecurity