Forum adverts like this one are shown to any user who is not logged in. Join us by filling out a tiny 3 field form and you will get your own, free, dakka user account which gives a good range of benefits to you:
No adverts like this in the forums anymore.
Times and dates in your local timezone.
Full tracking of what you have read so you can skip to your first unread post, easily see what has changed since you last logged in, and easily see what is new at a glance.
Email notifications for threads you want to watch closely.
Being a part of the oldest wargaming community on the net.
If you are already a member then feel free to login now.
Some of the most cutting-edge weapons in the US's military arsenal can be "easily hacked" using "basic tools", a government report has concluded.
The Government Accountability Office (GAO) found "mission-critical" cyber-vulnerabilities in nearly all weapons systems tested between 2012 and 2017.
That includes the newest F-35 jet as well as missile systems.
Spoiler:
In the report, Pentagon officials said they "believed their systems were secure", NPR reported.
The committee's members expressed concerns about how protected weapon systems were against cyber-attacks.
The report's main findings were:
the Pentagon did not change the default passwords on multiple weapons systems - and one changed password was guessed in nine seconds
a team appointed by the GAO was able to easily gain control of one weapons system and watch in real time as the operators responded to the hackers
it took another two-person team only one hour to gain initial access to a weapons system and one day to gain full control
many of the test teams were able to copy, change or delete system data with one team downloading 100 gigabytes of information
The GAO added that the Pentagon "does not know the full scale of its weapons system vulnerabilities".
The Pentagon has not issued a detailed response to the 50-page report but the document quoted officials as saying that some of the security test results "were unrealistic".
Ken Munro, an expert at security firm Pen Test Partners, said he was "not at all surprised" by the findings.
"It takes a long time to develop a weapons system, often based on iterations of much older systems. As a result, the components and software can be based on very old, vulnerable code.
"Developers often overlook 'hardening' the security of systems after they've got them operating, with the philosophy, 'it's working, so don't mess with it'.
"However, that's no excuse. This report shows some very basic security flaws that could easily have been addressed by changing passwords and keeping software up-to-date."
Oh wow...this invokes memories of key naval ship computers operating on Windows 95 all over again. In a way it's charming and maddening at the same time, that super secret high-tech weapons developers AND handlers are like everybody else, and apparently keep "12345" as their password or kind-of tape their password on a sticky note directly to the fire-and-forget missile, just in case...
The flip side is that old software can act as a defence as much as a vulnerability past a point. Good luck finding a Chinese cyber-specialist who can affect a COBOL system which utilises floppy discs for operation.
Ketara wrote: The flip side is that old software can act as a defence as much as a vulnerability past a point. Good luck finding a Chinese cyber-specialist who can affect a COBOL system which utilises floppy discs for operation.
This. And the systems running on these old OS are not running on the home edition but rather custom developed versions of the OS.
They are also intended to do very specific things. If an old OS can support the software you need for that then why use a newer one? That newer OS needs more processing power and memory to run, which means you need a bigger CPU and more ram which is more expensive, higher power requirements etc.
The Laws of Thermodynamics:
1) You cannot win. 2) You cannot break even. 3) You cannot stop playing the game.
Colonel Flagg wrote:You think you're real smart. But you're not smart; you're dumb. Very dumb. But you've met your match in me.
While not strictly related (and admitted far off the F-35 path), the Russians ordered 10,000 new typewriters a few years ago, acknowledging that hacking of computers and even their own intranet (their government/military has their own) was too prevalent and they're considering reverting to classic briefcase-chained-to-wrist couriers with typewritten documents for some information.
I think that says a lot about the curren status of cyberwarfare.
Ketara wrote: The flip side is that old software can act as a defence as much as a vulnerability past a point. Good luck finding a Chinese cyber-specialist who can affect a COBOL system which utilises floppy discs for operation.
This. And the systems running on these old OS are not running on the home edition but rather custom developed versions of the OS.
They are also intended to do very specific things. If an old OS can support the software you need for that then why use a newer one? That newer OS needs more processing power and memory to run, which means you need a bigger CPU and more ram which is more expensive, higher power requirements etc.
Because an old OS no longer gets updated as frequently as it needs to be (Microsoft isn't doing anymore, and the DoD doesn't have the resources for it), which means that any vulnerabilities in it that get discovered can be easily exploited because it will take a long time for them to get fixed, if ever.
Ketara wrote: The flip side is that old software can act as a defence as much as a vulnerability past a point. Good luck finding a Chinese cyber-specialist who can affect a COBOL system which utilises floppy discs for operation.
As long as there are valuable systems that run on COBOL you can be sure that there are also hackers specialising in working with it.
This message was edited 1 time. Last update was at 2018/10/13 16:01:17
Waiting for my shill money from Spiral Arm Studios
What the Military should do if they want to use the old systems is begin doing their own software support. Or heck, just develop their own operating system.
Self-proclaimed evil Cat-person. Dues Ex Felines
Cato Sicarius, after force feeding Captain Ventris a copy of the Codex Astartes for having the audacity to play Deathwatch, chokes to death on his own D-baggery after finding Calgar assembling his new Eldar army.
Grey Templar wrote: What the Military should do if they want to use the old systems is begin doing their own software support. Or heck, just develop their own operating system.
That requires massive funds and manpower though, something the military doesn't have to spare.
This message was edited 1 time. Last update was at 2018/10/13 18:47:39
To be fair, it's open source and everything done is supposed to be examined openly and approved before being included in the system and released. I doubt the military would comply with that aspect of the philosophy behind open source.
However, the point is that while Windows and MacOS required multi-billion dollar companies to produce them, Linux doesn't.
Thinking further, since secure software is becoming so crucial to national security, it would make sense for the military to put a vast amount of effort into secure development.
This message was edited 1 time. Last update was at 2018/10/13 19:45:05
To be fair, it's open source and everything done is supposed to be examined openly and approved before being included in the system and released. I doubt the military would comply with that aspect of the philosophy behind open source.
However, the point is that while Windows and MacOS required multi-billion dollar companies to produce them, Linux doesn't.
Thinking further, since secure software is becoming so crucial to national security, it would make sense for the military to put a vast amount of effort into secure development.
That would require a Congress that isn't still upset about being forced to use this new fangled 'wheel' when 'tame wolves' can pull the travois just fine.
Fate is in heaven, armor is on the chest, accomplishment is in the feet. - Nagao Kagetora
Ketara wrote:The flip side is that old software can act as a defence as much as a vulnerability past a point. Good luck finding a Chinese cyber-specialist who can affect a COBOL system which utilises floppy discs for operation.
Yeah but then you're left with a situation where the guys fresh out of college are told they need to fix an application written in Clipper, and all the documentation for how to use it has been lost and the users have been training each other by word of mouth for fifteen years. GLHF.
Crazy_Carnifex wrote:Welp, I think the weapons are officially smarter than we are.
Ketara wrote:The flip side is that old software can act as a defence as much as a vulnerability past a point. Good luck finding a Chinese cyber-specialist who can affect a COBOL system which utilises floppy discs for operation.
Yeah but then you're left with a situation where the guys fresh out of college are told they need to fix an application written in Clipper, and all the documentation for how to use it has been lost and the users have been training each other by word of mouth for fifteen years. GLHF.
That's fine, they'll think the floppy discs are 3D printed save icons anyway.
Its crazy the Air Force is shooting for 1,700 F-35s. Given the idiocy of shutting down the F-22, I wouldn't be surprised they never hit 1,700 either. Not that I think anyone is going to catch up to the F-35's capability, but something will happen where they will need to divert funds to something else, and kill the production early. Who knows maybe I will be wrong.
Automatically Appended Next Post: This is interesting too:
Off-topic a little, but I saw a model of a hypothetical firefighting A-10 with a water tank under the centre fuselage and no weapons. I wonder if that would pull to the left, without the weight of the cannon?
Vulcan wrote: I don't think the A-10 could carry enough weight on ONE hardpoint for enough water to have any real impact on a fire.
On the other hand, it can carry a total of 16,000 pounds (7,200 kilograms) of mixed ordnance across eleven pylon stations. The lightest firefighting planes are cropdusters carrying only 2 or 3 cubic meters of water.
Water bombs have been tested and proved ineffective, so you'd need some other delivery mechanism. If you worked that out the A-10 could pass "light" firefighting planes and place on the lower end of "medium".
I TOLD YOU ALL TO STAY ON TOPIC!!! IAMNOTGOINGTOTELLYOUAGAIN!!!
Hey what about that daisy cutter bomb to put out a fire. I thought it sucks the oxygen out of the area. But then again, I am sure the blast would cause another fire too.
So bomb puts out fire 1 and then starts fire 2. Correct me if I am wrong. I am writing all this without taking a moment to verify any of it.
KTG17 wrote: I TOLD YOU ALL TO STAY ON TOPIC!!! IAMNOTGOINGTOTELLYOUAGAIN!!!
Hey what about that daisy cutter bomb to put out a fire. I thought it sucks the oxygen out of the area. But then again, I am sure the blast would cause another fire too.
So bomb puts out fire 1 and then starts fire 2. Correct me if I am wrong. I am writing all this without taking a moment to verify any of it.
Well, if this works
Spoiler:
Then any fighter should just be able to buzz the fire to extinguish it, right?
Klawz-Ramming is a subset of citrus fruit?
Gwar- "And everyone wants a bigger Spleen!"
Mercurial wrote:
I admire your aplomb and instate you as Baron of the Seas and Lord Marshall of Privateers.
Orkeosaurus wrote:Star Trek also said we'd have X-Wings by now. We all see how that prediction turned out.
Orkeosaurus, on homophobia, the nature of homosexuality, and the greatness of George Takei.
English doesn't borrow from other languages. It follows them down dark alleyways and mugs them for loose grammar.
I do really hope that that connection has some of the best security in the world. The thought of someone being able to get access to an entire carrier group after hacking into a single plane is downright terrifying.
Waiting for my shill money from Spiral Arm Studios
Why is it even news that they managed to establish a wireless link between an airplane and a ship? My Mom can do that between her phone and her car's sound system.
Self-proclaimed evil Cat-person. Dues Ex Felines
Cato Sicarius, after force feeding Captain Ventris a copy of the Codex Astartes for having the audacity to play Deathwatch, chokes to death on his own D-baggery after finding Calgar assembling his new Eldar army.
Why is it even news that they landed someone on the Moon? Mankind's been flying places for over 40 years!
There's a tad bigger difference in distance between an aircraft moving at high velocities and an aircraft carrier than between your mum's phone and her car's sound system, and the phone is presumably also stationary in relation to the sound system.
For thirteen years I had a dog with fur the darkest black. For thirteen years he was my friend, oh how I want him back.
AlmightyWalrus wrote: Why is it even news that they landed someone on the Moon? Mankind's been flying places for over 40 years!
There's a tad bigger difference in distance between an aircraft moving at high velocities and an aircraft carrier than between your mum's phone and her car's sound system, and the phone is presumably also stationary in relation to the sound system.
And is also sending a lot less information. And isn't encrypting that information.
The Laws of Thermodynamics:
1) You cannot win. 2) You cannot break even. 3) You cannot stop playing the game.
Colonel Flagg wrote:You think you're real smart. But you're not smart; you're dumb. Very dumb. But you've met your match in me.