
A computer scientist looks at ICBM security - wglb
http://www.crypto.com/blog/titans
======
wglb
I grew up in an area populated by Minutemen Missle silos. While in High
School, the Airforce took several of us on a tour of one of the control
centers. It was rather sobering to see the sites scattered around the
farmland.

And there was a little recruitment for the Academy going on at the same time
as well.

They are all decommissioned now, of course.

~~~
arethuza
There are still 450 Minuteman III missiles deployed!

~~~
wglb
Right--the sites I visited are older generations.

------
messel
Fascinating read, thanks For the share. Pretty sobering to realize how thin
our survivability is today with the threat of nuclear destruction quieted but
not forgotten.

------
dandrews
The article also contains a link to a detailed discussion of PALs -
"Permissive Action Links" - that control arming and detonation, and guard
against tampering. See: <http://www.cs.columbia.edu/~smb/nsam-160/pal.html>

------
raheemm
I am perplexed why this kind of information is not classified.

~~~
dasht
re: "I am perplexed why this kind of information is not classified."

I speculate that it is mis-information: half-truths.

What is described is an incredibly involved maze launch procedures and
potential elaborate security violations leading to launch. It looks like a big
maze of "attack here!" signs. So, if you are assigned to work in one of those
bunkers, but deep down you are actually kind of unhinged... the design
encourages you to show your hand early by aiming for a false vulnerability,
with lots of ways to catch you waiting in the background.

I would bet that there are trivial bypasses to all of the security, but that
the nature (even existence) of those bypasses are a secret some guys are going
to take to their graves. That is, I would bet the most trusted "missileers"
could single-handedly launch one of those puppies by first disabling or
agreeing with the other guy in the room then opening up an access panel and,
more or less, crossing two wires. It would be less safe to build it any other
way than "launch at will, though you might have to kill another guy first
although he stands a 50/50 chance of killing you first". Why make a more
complicated game of it than that? The only things to really guard against are
take-overs of a silo (capturers should have no clue what wires to cross) and
not-yet-fully-trusted missileers. Meanwhile, the failure modes of control and
command have to fail gracefully and, in this case, that means putting the
bombs fully under the control of a few trusted guys who are relied upon to
exercise good judgment.

I'd bet those things could be launched in less than a minute, more or less by
flipping a disguised switch. After all, that's what the Soviets did:

[http://www.wired.com/politics/security/magazine/17-10/mf_dea...](http://www.wired.com/politics/security/magazine/17-10/mf_deadhand?currentPage=all)

~~~
lutorm
Thanks for that link, that was a very interesting read.

