
US Army scraps $1B Iron Dome project after Israel refuses to provide source code - dmitryminkovsky
https://www.timesofisrael.com/us-army-scraps-1b-iron-dome-project-after-israel-refuses-to-provide-key-codes/
======
daenz
This again highlights the fact that source code is a vulnerability. Here it is
suggesting that known and unknown flaws in the Iron Dome code can render the
defense potentially useless.

Our military is correct in not purchasing something that they cannot fully
vet. The shocking part to me is that Israel truly thought they could make the
deal work without providing something that could be vetted.

~~~
shripadk
> Our military is correct in not purchasing something that they cannot fully
> vet. The shocking part to me is that Israel truly thought they could make
> the deal work without providing something that could be vetted.

But US doesn't provide source code too. Many defense deals with India could
not proceed because of US denying transfer of technology [1]. Especially with
F-16s. Which is why India decided to buy Rafale. I am sure this is how every
country would like to operate anyways.

[1]: [https://www.defensenews.com/air/2016/09/08/us-air-force-
tech...](https://www.defensenews.com/air/2016/09/08/us-air-force-tech-
transfer-issues-key-to-f-16-production-line-move-to-india/)

[2]: [https://theprint.in/opinion/f-16-never-stood-a-chance-to-
be-...](https://theprint.in/opinion/f-16-never-stood-a-chance-to-be-in-iaf-
fleet-lockheed-martin-messed-it-up-so-much/269699/)

~~~
nujabe
>The shocking part to me is that Israel truly thought they could make the deal
work without providing something that could be vetted.

Not shocking at all imo. The Israelis have shown an extraordinary amount of
chutzpah over the decades in their dealings with the US. They are of the
belief the US is the real benefactor in this "special relationship".

>But US doesn't provide source code too

The US is effectively paying for the development of Iron Dome [1]. Requesting
source code is completely warranted, in fact I would go further and demand the
source code if Israel wants the US to continue funding the program

[1] [https://www.timesofisrael.com/obama-approves-225-million-
in-...](https://www.timesofisrael.com/obama-approves-225-million-in-iron-dome-
funding/)

~~~
captainredbeard
I find it very strange that Israel flew the first (known) F35 combat mission.
Why do we give them such priority technology access compared to, say, the UK
or other close, Five Eyes allies?

~~~
godzillabrennus
Democratic governments in the Middle East aren’t exactly everywhere.

Israel has a special relationship with the developed world.

~~~
captainredbeard
Why should US lives and dollars go to the Middle East? I couldn’t care less
what happens there.

~~~
jfengel
Given the way US economic life blood flows from there, lots of people do care.
We've been trying to reduce our dependence on that, but a lot of the world
economy still lives and dies on oil prices.

------
kleton
Maybe the US should withhold the 3.8e9 per annum military aid from Israel
until they provide source code for a system they funded. You know, quid pro
quo.

~~~
smileybarry
US aid must be spent on US companies. It all goes back into the US economy.

~~~
wtfishackernews
Directly from tax payers to the military industrial complex.

~~~
smileybarry
It doesn't have to be the military industry, and I know first-hand it's used
for other companies as well. For example, buying computers.

------
umichguy
Take the case of F-35, the only country which has source codes apart from the
U.S. is the UK. A very special exemption. They are also the only Tier 2
partner.

Everybody else has basically a black box of code given to them in terms of
code for the aircraft.

~~~
imtringued
The exported F-35 should be treated as leased aircraft. Owned by the bank but
you're paying for it.

~~~
TeMPOraL
Welcome to Weapon Platforms as a Service. We can provide you with the newest
toys at a bargain price, but you can't modify anything, and we reserve the
right to remotely brick the hardware whenever we like. Because what else
you're going to do? Spend many years and billions of dollars on building your
own? While your neighbor just leased 20 fighters from us?

/s.

~~~
alfiedotwtf
> Because what else you're going to do?

I’m pretty sure if a country were to do this now, they would also have plans
to sabotage the effort

------
kwhitefoot
> A central problem was Israel’s refusal to provide the US military with Iron
> Dome’s source code, hampering the Americans’ ability to integrate the system
> into their air defenses.

This is a great example of the pot calling the kettle black.

The US routinely denies access to the source code of military hardware that is
sells to its allies.

~~~
trevyn
What? Nobody is calling anybody anything. It’s an article reporting the
results of a negotiation.

------
notlukesky
So the US helped fund this in 2011. And now they won’t buy more because Israel
refuses to supply the source code. As far as I know the US does not supply the
source code of the Patriot batteries to foreign customers as well. So this
should be no surprise even if it was partially funded by the Obama
administration. Or maybe they are just bad at making deals.

~~~
alexandercrohde
Right.

I can't blame Israel, given America's track-record of weaponizing all
vulnerabilities.

I also can't blame America.

Without secure computing nobody can know whom to trust.

~~~
rapsey
> I can't blame Israel, given America's track-record of weaponizing all
> vulnerabilities

Israel is right behind them in this regard.

~~~
2OEH8eoCRo0
Shhhhhh ;]

------
johnminter
Should that not have been explicit in the purchase agreement?

------
chrisseaton
'Codes' here being 'source code'.

I wonder why some industries (HPC, defence) talk about code as being a
discrete countable noun, where almost all other industries talk about code as
being an uncountable mass noun.

Example: GitHub and Amazon have code, whereas Cray and Raytheon have codes.

I wonder what 'one code' looks like to them? Is it on function? One line?

~~~
currymj
It seems to be a shibboleth specific to numerical computing people -- ODE
solvers, linear algebra algorithms, or Fortran weather simulators tend to be
described as "codes". Numerical applications are the biggest part of HPC and
there's probably more of it in defense as well.

I've never heard it used but it seems "one code" would be one implementation
of a specific algorithm from the literature -- probably one or a few
functions.

~~~
im3w1l
I interpret it the opposite way. It signals that they aren't part of the
mainstream conversation. That they don't know what is going on outside their
doors. And that they are probably not aware of the last 30 years best
practices.

~~~
Mvandenbergh
It sure is a shame that people working on magnetohydrodynamic simulations
aren't part of the same conversation as the people writing advertising code in
javascript. Imagine all the best practice in scrum and agile that they've
missed out on.

~~~
glouwbug
Well, those guys are building something vastly more complex than advertising
software, possibly without agile and scrum, and they deliver high stake
working software.

Likewise, I've seen agile purists deliver totally broken login screens.

The difference, in my opinion, lies in the software's end goal; software you
write for a NASA space flight might kill the astronaut you've met at NASA.
Software you write for a login screen won't, as it's not as high stake. You're
probably going to put on your head phones, pick a YouTube playlist, scroll
through JIRA, and meme around on slack.

We've evolved thousands of years fighting real physical threats, and we have
implemented processes to deal with these physical threats in order to survive.
A JIRA ticket for a broken login screen just does not trigger the same brain
pattern response as your astronaut friend burning to death during orbital re-
entry.

~~~
nmca
jumpira.io : a new Jira integration that provides jump scares and horrific
imagery to motivate your subordinates into writing better login pages!

------
dmurray
What's Israel's reasoning here? They have an enormous amount of goodwill in
the US are completely dependent on them for national security, so normally
everyone would be thrilled to make this deal work.

Are they worried that by giving the source code to the US it would eventually
be leaked to Israel's enemies, perhaps under a Sanders administration?

~~~
RhodesianHunter
> perhaps under a Sanders administration

I'm curious why you felt it necessary to add this bit, given the innumerable
OPSEC blunders of the current administration.

~~~
dmurray
Nothing to do with opsec competence, I was thinking a Sanders administration
would be less favourable for Israel than most.

------
tpmx
Third party observer: I think the US Army is totally correct in this
judgement. Why would you want to buy this if you don't get the source code? I
mean, that's really the key thing here.

I think the US would do better developing this kind of system from scratch
than buying a weapons systems without source code.

Perhaps this is part of negotation game from the Israelis?

(Give them a few more F35s...)

~~~
ficklepickle
Take it further: Why spend billions in the first place on tools that aren't
compatible with their system?

Surely you don't have to buy two to find out they don't include the source
code.

------
thefounder
I wonder if US gave the source code for its Patriot system to anyone

~~~
unnouinceput
I doubt, and rightfully so anyway. It's a full system, you need to operate it,
not to dissect and build upon. Same like your car on-board computer, you don't
have access to its source code, you only need how to steer the car on your way
to work and back.

------
nickik
The amount of support of Israel in the US is nothing but stunning. The
political and events that have lead to this situation are just incredible.

------
alfiedotwtf
Australia learned this the hard way by buying fighter jets that didn’t work in
the Southern Hemisphere. America wouldn’t Give us the source code, so our
version of the NSA (DSD at the time) had to reverse engineer the jets to make
them work.

... always check the fine print

------
ponsin
How common is it for the army to receive the source code of their devices?
From what I recall Microsoft had to have the Windows and office source code
analyzed by the army.

BTW, the title should be changed to source code rather than key codes as the
article later clarifies

~~~
klyrs
I've had some interactions with intelligence/defense. What I've seen indicates
that they're very interested in the code that runs on their systems. Audits
take months to years.

------
poppabox
This is a great opportunity to promote my FOSS project ChromiDome.

~~~
djohnston
Open source missile defence software would be pretty cool

~~~
ganzuul
Free, open source weapon systems in general would be fascinating to see.
Especially if it consistently beats closed alternatives.

I wonder if it could reduce costly military blunders like marching your troops
into artillery fire?

------
threatofrain
Wouldn’t this arrangement not be very useful because it’s very hard to adopt a
codebase as opposed to developing your own in-house expertise?

------
say_it_as_it_is
This story seems like a propaganda piece trying to justify changes in military
contracts. The major issue with the argument is that vendors don't share
source that they are licensing to their customer (the government). The
software made for government isn't open source. The product just happens to be
a missile defense battery.

------
tomohawk
It's hard to tell from the article what's really going on here. It's
interesting that the Marines were able to make use of it after what sounds
like a time boxed effort, but the Army was claiming it was impossible.

------
stainforth
What language do you guys think it's in? Maybe a functional one?

------
DSingularity
I bet AIPAC will hand out a few bribes to congress and then we will see a law
compelling the DOD to purchase these weapons systems from Israel.

------
kizer
I mean they could always go the stuxnet route so to speak and nab it that way.
Anyhow GNU people, looks like a nice opportunity for a LibreDome?

------
fmakunbound
They’re embarrassed.

They probably had some great general models where the dome would work anywhere
and shoot down any kind of missile but time and money ran out, the code is a
sprawling mess, it only works when the batteries are spaced in a very specific
geographic configuration - probably Israel-shaped and can only shoot down the
specific missiles their local enemies had a year ago.

