
The US nuclear forces’ messaging system finally got rid of its floppy disks - sohkamyung
https://www.c4isrnet.com/air/2019/10/17/the-us-nuclear-forces-dr-strangelove-era-messaging-system-finally-got-rid-of-its-floppy-disks/
======
bArray
I know of several military systems that still use floppy disks, that comforts
me for a few reason:

* Their maintenance is well understood - every fault that is likely to happen has happened and has been recovered/repaired from. It's very unlikely there will be new surprised down the road.

* Their degradation is well understood - it's been around long enough that parts have failed and have been repaired.

* Isn't easily communicated with through modern tech - no USB ports, no network access - people aren't picking up floppy disks in the car park and plugging them in.

* Robustness to electromagnetic interference - the bits are so big that a few electrons being knocked out of the way won't cause an issue.

* Software well understood and tested over time - the only way to _really_ trust software is by having it work without failure.

* Simple implementation - because there's no computational space or power, it only does the minimal it needs to. It's not rendering a GUI, it's not running some complicated neural network.

Old hardware isn't sexy, but it does work. I still use an oscilloscope with a
phosphor display and a programmable power supply with instructions on a floppy
disk. Floppy disks occasionally fail, but there's no substitute for making
good backups over several mediums/locations.

~~~
PietdeVries
And the downside: you will only have a few technicians that really understand
how things work, hiring new ones is next to impossible as teenagers have never
seen neither the hardware nor the software that is running on it. It scales
terrible to new locations. I recall a few years ago NASA was looking for
286-processors for the Space Shuttle. I cannot imagine your spacecraft is
getting safer because of outdated hardware.( _)

Then again, armies are known to prepare for the previous war. In WW-1 they
used trenches and then came the machine-gun and the gas. In WW-2 all soldiers
were prepared against gas, the French dug the Maginot line and the Germans
just skipped around. Now we have amazing tanks but the next war is online...

(_) I have to correct myself: NASA was looking for 8086 chips in 2001 - not
286 chips a few years ago. [https://www.geek.com/chips/nasa-
needs-8086-chips-549867/](https://www.geek.com/chips/nasa-
needs-8086-chips-549867/)

~~~
jki275
We teach them every detail of everything they need to know in their technical
school when they come into the military.

Old equipment is actually interesting to work on -- difficult, but
interesting. It's also very valuable for understanding modern hardware at a
deep level that isn't often taught anymore.

How many people do you know who have actually replaced and aligned the heads
on a UYH-3 or run end to end tests on serial data channels that traverse
thousands of feet and multiple switchboards from a UYK-43?

~~~
kelnos
> _How many people do you know who have actually replaced and aligned the
> heads on a UYH-3 or run end to end tests on serial data channels that
> traverse thousands of feet and multiple switchboards from a UYK-43?_

I think that's interesting and valuable on its own from an
academic/research/nostalgia perspective, but not when we're talking about
maintaining systems critical to the functioning of a nuclear weapons arsenal.

~~~
jki275
Perhaps you're responding to a different discussion?

Read my comment in context and it will become quite clear.

------
RcouF1uZ4gsC
> While SACC’s hardware is decades old, its software is constantly refreshed
> by young Air Force programmers who learn software development skills at
> Offutt’s Rapid Agile Development Lab.

I am not so sure I want “Rapid Agile” development for something that literally
controls nuclear missiles.

~~~
k_sze
`git commit -m “added factoryboy to generate random target coordinates to test
the launch sequence.”`

`git commit -m “Fuck fuck fuck, forgot to replace the launch API endpoint with
a mock one.”`

Scrum master: “Let’s implement the stuff with the highest customer value
first.”

Developer A: “I guess that means being able to launch the nukes.”

Developer B: “Yeah. Auth can come later.”

Developer C: “Nobody answered us about how they want the abort sequence to
work. I guess we’ll defer it to the next sprint.”

~~~
arethuza
Just set the password to 00000000 for now and we can change it later....

[https://en.wikipedia.org/wiki/Permissive_Action_Link#Develop...](https://en.wikipedia.org/wiki/Permissive_Action_Link#Development_and_dissemination)

~~~
edm0nd
The Kanye West method

------
apostacy
So when we upgrade the hardware, how much of it will be sourced from China?

Is it even possible to fully secure the supply chain?

Introducing any outside code or hardware is a liability. Unless there is a
really urgent problem, I think they should just freeze their entire computer
platform, that way they can eliminate any chance of any new threats.

I can not possibly imagine any cost justification for doing so. I have no
problem with taxpayer money being spent to keep ancient computers running
forever. Keeping our nuclear missiles secure is priceless.

What new features do they even need that they don't have now?

The thought of some ux monkey using npm anywhere near our ICBMs makes my
physically ill.

~~~
otaviokz
"The thought of some ux monkey using npm anywhere near our ICBMs makes my
physically ill."

Almost spilled my coffee reading this one.

~~~
SEJeff
Sorry Sir, we can't launch because that jerk removed left-pad from the npm
registry!

------
drmpeg
In the 80's, I was the project engineer for the Air Force DSP satellite ground
communications network upgrade. This system used a 20 MB Bernoulli Box to
store the early warning messages. It was replaced in 2005.

This was the system used to pass early warning to the Patriot anti-missile
(Scud) batteries during the first Gulf War.

Internetworking the Air Force system to an Army system was considered
revolutionary in 1991. Today, it would be equivalent to "stone knives and
bearskins".

~~~
metaphor
If your team had Link 16 integration requirements, I extend my deepest
sympathies.

~~~
drmpeg
Nothing that complex. The link between Buckley and the Patriots was over
AUTODIN.

------
Thorentis
_While SACC’s hardware is decades old, its software is constantly refreshed by
young Air Force programmers_

Well that sounds like a disaster waiting to happen.

~~~
gamblor956
Unlike Silicon Valley, the armed forces spent a lot of time training their
programmers.

After a tour any one of them could be a VP of Engineering at a FAANG or
Unicorn, and they generally choose to remain in the public sector because
money isn't the most important thing in their lives.

------
User23
Long term reliability metrics can only be gathered for technologies that have
already been deployed in the long term. That’s why many mission critical
applications like this one use “obsolete” technologies.

~~~
anonymfus
Well may be it would be a good reason, but do we have an evidence that it was
intentional?

------
edejong
> You can't hack something that doesn't have an IP address.

That's a very risky assumption to make. There are many attack vectors besides
TCP/IP: social engineering, side-channel attacks, EM pulse, backdoors in
ICs...

~~~
rightbyte
Remote sabotage from anywhere and spies roaming the cooridors are quite
different things.

~~~
edejong
Well, that's the funny thing.

The claim is: "No IP address == unhackable."

So, for a second stop assuming we are in a nuclear bunker. There are many
unconnected systems that are still hackable. For example, the Stuxnet worm was
able to infiltrate an unconnected SCADA system using USB exploits. Many
systems radiate data in EM and ultrasonic (side-channel). And obviously, there
are known and unknown backdoors in PCBs, ECs, and ICs. All of these do not
require an IP address.

I would even argue that having an IP address can improve security by
increasing monitoring, improving continuous security updates and decreasing a
false sense of security. This was the original goal of DARPA all along.

------
cameronbrown
To be perfectly honest, I'd rather they used floppy disks than the latest
trendy JavaScript frameworks.

------
excalibur
> “highly-secure solid state digital storage solution”

So not just any thumb drive, an _expensive_ thumb drive.

------
Scoundreller
I understand the 747 still gets nav updates via monthly diskettes.

Most have replaced the unit with a floppy simulator that takes an SD card (or
USB key?).

The load takes just as long. But it doesn’t fail (forcing you to get an
undamaged disk and start over).

I wonder if that’s why they say they got rid of the floppy disk. Maybe they
maintained the underlying tech.

~~~
eternalny1
Can confirm, that's how it works (for the 747).

------
mdorazio
I was kind of hoping they were replacing the floppy disks with CDs or
something else equally old school and hard to hack.

~~~
willis936
Old school tech is ridiculously easy to hack. New tech is much more hardened.
The only advantage old tech has is that it doesn’t have peripherals that
connect to the internet. At the end of the day the most secure computer is a
new one, that isn’t on the internet, and is physically secure.

~~~
aussieguy1234
Unless its been tampered with in the factory or in transit for delivery, the
NSA has been known to modify hardware in transit for spying purposes.

~~~
willis936
So its either have an old system that is trivially compromised or have a new
system that has the potential of having an unknown backdoor.

------
HNLurker3
We need to fire whoever decided to make this decision, and then fire whoever
decided to hire that person, and then reevaluate the entire existence of the
agency that managed this entire process. Nuclear weapons are not a joke. These
are the kinds of things that actually threaten our immediate existence. This
whole thing makes me seriously sad, anxious, and scared. I don't know what
else to say.

From what I understand, military personnel generally "operate" equipment and
technologies that are built and designed by private industry. I can only
imagine the idiotic buzz-word sales pitch that some whiz-kid fast-talking
slime-ball in a suit from a fancy looking tech company made to some meat-head,
decorated military general with no understanding of what a digital threat
model is and barley knows how to check his email on a windows 7 machine on IE,
all for quick federal contract. I hate it.

------
AnnoyingSwede
Just getting my amiga/commodore 64 500 3.5/5.25 setups back up and running,
75% of data is demagnetized away. Looking around sourcing any of these formats
is more or less impossible today. HOW did they ever managed to keep 8 inch
disks in a read and writable stage, without exhausting possible read/re-
writes?

Secondly, how does one replace a 8 inch drive (most likely MFM interfaces)
with a solid state disk?

~~~
taborj
You know how you can buy an SD2IEC device[0] for your C64?

Probably something like that.

[0]
[https://www.c64-wiki.com/wiki/SD2IEC](https://www.c64-wiki.com/wiki/SD2IEC)

------
andy_ppp
I can’t wait for them to get Internet access!

------
ycombonator
Reliability over sexiness. There is reason space craft launched when most of
the people here on this board weren't even born still work.
[https://voyager.jpl.nasa.gov/mission/status/#where_are_they_...](https://voyager.jpl.nasa.gov/mission/status/#where_are_they_now)

------
greggman2
I don't know what the right solution is but I recently watched this
documentary about a serious accident at a missile silo in Arkansas

[https://www.pbs.org/video/american-experience-command-and-
co...](https://www.pbs.org/video/american-experience-command-and-control-
first-chapter/)

------
seamyb88
Doesn't matter which tech they use, when the most ignorant in society are in
charge.

------
benj111
" Air Force software development hubs like Boston-based Kessel Run or Los
Angeles-based Kobayashi Maru"

Is this article a troll, or is the Air Force just trying to be 'cool'.

~~~
goatinaboat
_is the Air Force just trying to be 'cool'._

Why wouldn’t the Air Force be full of geeks?

~~~
C1sc0cat
I Know some one in our DnD group who when working for the MOD in the UK, got
into trouble for naming a set of servers after the kings of Rohan.

------
aj7
But no more. At long last, that system, the Strategic Automated Command and
Control System or SACCS, has dumped the floppy disk, moving to a “highly-
secure solid state digital storage solution”

Did SuperMicro make the board?

~~~
mises
That story made a big splash but was never proven. Bloomberg claimed sources
it conveniently couldn't reveal. I'm just as suspicious of China as the next
guy, and they've probably got something in the supply chain, but probably not
that. Besides, a ME or BMC 0day does the job just as well with very little
risk.

