Hacker News new | comments | ask | show | jobs | submit login
Alert About Missile Bound for Hawaii Was Sent in Error, Officials Say (nytimes.com)
301 points by brandonhall on Jan 13, 2018 | hide | past | web | favorite | 386 comments

Just watched an interview on CNN with the Governor of Hawaii and their director of emergency management. Pretty impressed that the director didn't throw anybody under the bus. He basically said "An employee pushed the wrong button. It's my responsibility, so this is my fault. We're going to make procedure and technical changes to make sure this doesn't happen again."

A lot of people are calling for the person who did this to be instantly fired, but I've always been of the opinion that the guy that pushed that button would be an outstanding hire - because he'll never, ever do something like that again and he's learned an important lesson.

BINGO. If someone makes a mistake like this, unless it was deliberate or negligent (e.g. he/she didn't follow established procedures), you don't fire them! You fix the technical or procedural failures that allowed them to make the mistake in the first place. Heck, you should probably THANK them for making the system better by uncovering a bug!

When I was still mostly a Noogler, I took a large portion of Google completely down worldwide for 6 minutes. Guess what? We did a postmortem, fixed the procedural and technical problems that allowed it to happen, and I'm still here!

This was (probably still is) the best approach at AWS in the early days (source: I worked there from 2008 to 2014). Never blame the person, find out why he/she did the mistake and make sure it doesn't happen again.

An interesting variation to this thought is:

When is appropriate to fire someone for making a mistake?

Some ideas:

- gross negligence / malice

- ethics

- publicity damage / internet pitchforks

Additionally, it doesn't seem like the forgive mistakes approach meshes well with the startup advice of "it's never too early to fire."

Incompetence should probably be number one.

There is a big difference between someone making a mistake due to unclear or incomplete process and someone doing that mistake because they are not competent to perform that task.

This then raises the issue that hiring and leaving incompetent people in place is itself proof of an organisational incompetence...

Love to hear the story how you took down Google for six minutes? Was this a long time ago?

This was in 2012. Let's just say that a router config only getting partially applied (because of a software bug) can cause a LOT of traffic to suddenly go places it's not supposed to go.

Oh wow, I was a noogler there 4ish years ago, and they still tell that story as an example of "its okay to break things, we care about fixing them after so they dont break in the future"

There's a couple of good stories about massive outages and good incident response. Mine is just one of them (and at some level, I was very lucky).

There's also the one where all the frontend servers worldwide went into a crash loop from a bad configuration push. The SRE doing the push noticed some "weirdness" and rolled back even before the full scope of the issue was known. That one's in the SRE book.

Site Reliability Engineering.[0] Google's SRE book is a pretty interesting read.

0. https://landing.google.com/sre/interview/ben-treynor.html


SRE is Site Reliability Engineer; GFE is the "Google Front End"

Was a noogler about a year ago. Story still told.

It appears we have a living legend here!

They made him a slave of the packets though.

I think my favorite quote about my outage was "boy, it's a good thing you didn't decide to go take a crap right about then..."

db31.lpp01 lol

When they decommed it, I asked if I could have db31 to go Office Space on. They said no :-(

Makes me think of the stories of the early days of school computing, and how the admin would give the kids that hacked said computers part time jobs as they had demonstrated themselves both interested and talented.

They say worker hit real button rather than test button. Some folks don’t believe this b/c test button is hit on 1st of month. It is not the 1st of month so why was any button hit, especially one that is so major, how could be accident?

Oof! I'm not envious of the way you must have felt when you realized what had happened. We've all (probably) had the same sort of feeling on a much, much smaller scale and I've never been one to enjoy that heart-sinking-into-my-shoes feeling!

It reminds me of this story from Thomas Watson of IBM:

A young executive had made some bad decisions that cost the company several million dollars. He was summoned to Watson’s office, fully expecting to be dismissed. As he entered the office, the young executive said, "I suppose after that set of mistakes you will want to fire me." Watson was said to have replied, "Not at all, young man, we have just spent a couple of million dollars educating you."

I'd spoken with Rob Hall of the Watson project during my freshman year of college at a technical talk having seen it Jeopardy! but not knowing much about the technical aspects of what goes into generating an answer based on natural language processing. He took the time to explain to me and a small group of students who stayed for about an hour afterwards about how to go about attacking problems that require both expertise and parallelization on a scale such that confidence levels could be established for each logical answer generated from a tree of possibilities. A great man and team who know the value of educating potential future employees and sharing the knowledge that went into solving a hard problem. I'd typed this up before realizing you were talking about the former CEO rather than the project so I'd thought to post it anyway.

More than reminds, it was a direct paraphrase!

I'm always a bit shocked at the number of people here calling for someone's head in this sort of situation. I imagine the same people would downvote to oblivion anyone who came on here and wrote something like: "The only way we're going to get better software is by firing people who write bugs and make sure they never work in the industry again."

I'd say we just don't have enough information. It's possible someone deserves to be fired for this - e.g. if the alarm was intentional or negligent. It's also possible it was a misclick, confusing UI, etc, in which the person or people who should be fired are those who designed the system such that a simple mistake could set it off. There is a third possibility too - that some unpredictable alignment of factors means that ultimately nobody is too badly at fault, in which case the system should just be adapted and improved.

I generally agree with the sentiments of this thread - you shouldn't fire people for the kinds of mistakes that all humans frequently make. However, I also think that this was a severe and costly incident - a large number of people thought for a while they were in significant danger, and investigating who is responsible, and making corrections with regards to their employment, may be reasonable depending on the exact circumstances.

But there are certain jobs where the job is to get it right 100% of the time. This sort of mistake is extremely damaging in the unlikely scenarios that there would be an actual alert. A significant proportion of the population will ignore it next time because of this. You can’t take the “shits happen”, “break often and break fast”, “it doesn’t matter because we learn from our mistakes” attitude with everything. And in general with anything that has to do with nuclear energy & weapons. Or take a swat team to take another recent example of a really bad mistake.


> But there are certain jobs where the job is to get it right 100% of the time.

No there aren't. There are certain activities that must be always correct, you implement those by making a reliable system out of unreliable jobs, not by making the people 100% reliable.

So, the people who are in charge of designing such a system need to do a good job. What if that too inevitably fails? You can either improve the system/process by learning from mistakes or blindly firing the culprits and replacing them with somebody who might well make the same mistake again

That's fair and I'm not suggesting that every screw up should just be shrugged off with an "to err is human" and it must be a systems problem. But for a one-off error, the person responsible probably already feels terrible and if they didn't grossly violate established protocols or did something as a joke or whatever, the result should be more along the lines of "Don't do this again!" and making it harder for it to happen.

To add to this, I've read more then a few stories already of people mass texting and calling their loved ones because they thought they might never see them again. This is a tragic human toll that needs to be acknowledged and appreciated for what it really is. It wasn't just a smoke alarm going of accidentally.

Then there's the person I know in Hawaii who posted on Facebook that people were getting alerts and went on with her spin class :-) I don't dispute it was a serious error. On the other hand, I'm not sure the consequences of the mistake should factor too much into whether they need to sacrifice someone because of optics. It does of course but that doesn't mean it should.

The consequences of the error matter to the extent that the consequences of the error are predictably extreme.

I'll give an example. I work in an office building with many floors that have exact same layout. One day I was on a floor that wasn't mine, and went to where my desk should be, and tried to sit down. I was shocked, for a moment, to discover my coworkers had all been replaced by strangers. In this case, I made an absentminded mistake of not paying enough attention to my current location - but the consequences were trivial, so the mistake itself is no big deal. Now, on the other hand, suppose while driving down the road, I absentmindedly ignore a red light, plow through an intersection, and kill a family of five. This is also an absent minded mistake, but the predictable consequences of being absent minded while driving are a lot more extreme than being absent minded while walking about an office building.

To apply the logic of my example to the case at hand - imagine that in one scenario an employee is, during a boring moment, cleaning his keyboard with his chat application open. This results in that employee sending a nonsense message to a coworker. Silly mistake, and no big deal. Now, suppose that same employee has the "Missile Alert" app open and decides to clean their keyboard. This is a similar mistake, but with potentially bigger consequences. I think it's fair to treat these two actions differently.

I did specifically say "because of optics." Certainly, I don't think there shouldn't be different expectations for acceptable errors under different circumstances.

Of course, the circumstances affect what the reasonable standard of care is. Oopsies by ship captains, surgeons, and even drivers are held to a different standard than me making a typo on some random thing I'm writing or a simple program.

In your example, running a red light is commonly taken as one of those things you just don't screw up on (and that can't be eliminated through automation at this time).

I would argue that someone probably deserves to be fired for this. It's obviously not the guy that pushed the button nor the guy that wrote the software. However, there was, probably, a guy that several years ago didn't do his job well - his job was to make sure that this kind of errors cannot happen, unless there is an intentional malicious action of course.

We see it all the time in IT - people totally misjudge the 'risk'. 1% risk of breakdown quite often seems acceptable to decision makers until it actually happens. Then all hell breaks loose.

There is hardly just one person responsible for doing this. There was at least one developer who implemented this solution, at least “designer” that can up with a solution for the initial problem, a dozen managers who oversaw that whole project, up to the minister who must have been aware of this problem. Let alone everybody who ever worked with this system and never reported that “bug”. So if you want to fire someone, start at the top for not overseeing this correctly or hiring the wrong person for the job and then work your way to the bottom.

I believe it is much better to fix it (require a second authentication before sending those massages) and search for similar problems within the whole department to make sure something like this never happens again. Make sure everybody, including new hires, are aware of this incident, what the consequences were and that everybody is encouraged to report similar bugs and nobody has to be afraid to be fired when they make a mistake. Otherwise you just create an environment where everybody blames anybody but themselves and the “smallest” guy gets fired for mistakes other’s. This way, things get never fixed probably because everyone ist just afraid of the consequences.

i’m not so sure there would have been any kind of designer. from my dealings with govt projects, especially internal ones, they rarely do any UX of any kind. the interface is ad-hoc from the devs, and you can’t expect a dev to design a fool proof interface.

if you direct the blame 1 level further, then it was whoever was responsive for budget/hiring/spec that didn’t ensure that there was a UX designer on the project, but at the same time you can kinda understand why not: the value of UX is frequently not understood, especially when people think “it’s just internal; why make it easy to use if only we see it?”. the answer of course is that you pay for internal systems every day in employee time.

anyway, the point i guess is you can probably trace the “blame” back far enough that it’s too far removed to say it’s anyone’s fault per se, but it proves the point that you need design across the board, and that’s frequently not well understood

A few years ago we had an outage that cost us quite a bit of money [1]. The root cause was the deletion of a test record from the database we query (and run by the Oligarchist Phone Company) but the deletion had a domino effect on our service because of the way the error was treated by our side (the test record was never supposed to be deleted because it's used to ensure the database we query is up and running [2][3]).

From what I understand, we were told the record would never get removed, and we relied upon that. Could our error handling been better? Yes. Could the customer's procedures been better to prevent the record from being deleted? Yes. It was a mistake on both parties.

Who should have gotten fired?

[1] Very scary SLAs with the Oligarchist Phone Company.

[2] It's actually a DNS query. NAPTR records to be precise. Search on that if you are interested.

[3] It was also important because that was the only record we could query and not get charged for it. Everything in the telephony world cross-company (and even cross-department) gets charged. Somebody makes money; somebody pays money.

What does firing that person achieve?

Then we would ALL be unemployed, at least those of us who write software.

A chemistry lab instructor I had in university had the same sentiments.

Her story was regarding an employee adding water to acid instead of the reverse, thereby creating an acidic cloud initiating an evacuation of the building [we're talking high volumes of acid and water here; think pumping in the water using a garden hose].

"You'll never have me doing this again," the person managed through tears.

"No, I'll have you do this from now on as my go-to person," was the response, "because I know you'll never do this again."

This was our "Add Acid" lesson.

Just to play devil's advocate, in some cases the point of firing an employee in a situation like this isn't about that one employee but more pour encourager les autres. So the remaining employees will see that management takes the issue seriously and they need to be diligent about following procedures.

In this particular case no real harm was done and firing would probably be excessive.

Which is ironic, since pour encourager les autres in this context comes straight from the pen of a great satirist making fun of a dumb, blunt, broken institutional culture -- specifically Voltaire, mocking the British in Candide for responding to the loss of a naval battle not by training their admirals better but by executing one of them "to encourage the others."


That was Admiral Byng, and the move worked, it made two generations of navy leadership reckless in the face of danger.

Yes I'm well aware of the irony and not advocating this as a general management practice. Just pointing out that it's a complicated decision and there are rare cases where firing is the least bad decision for the organization as a whole.

>pour encourager les autres

If someone really, as you suggest, recklessly disregarded some procedures because they just couldn't be bothered. Say there's a checklist and they just winged it instead. But maybe there isn't a checklist and they made a mistake.

In general though, firing people to send a message or to throw a sacrifice to the crowd isn't particularly admirable practice.

Some procedures are impossible for human beings to follow with high nines levels of accuracy. (Look at attention blindness, for example.) All that is done with harsh punishment in such cases is damage to morale. Or worse, it causes people to think they have "fixed" the problem when they have in fact done no such thing. The solution is to _change the process_ so that it can achieve the desired level of accuracy.

So the remaining employees will see that management takes the issue seriously

Why not fire the manager of the person who made the blunder? That would work better on every level.

If that's what always happens, it would be pretty easy to get rid of your manager.

Yep, it should be as easy for you to get rid of your manager as it is for your manager to get rid of you.

I think it would do a lot more good for the other employees to see that their superiors will have their backs even when things are going very badly.

> no real harm was done

I wish to believe, but probably there was real harm, probably someone will come up with some million figures.

Statistically, probably someone died during those minutes of terror and someone will try to attribute to this incident.

What is interesting that employee probably meant no harm, but compare this to that SWAT murder a month earlier. The prankster meant no harm either, but he's going to spend years in jail. Both for sending a wrong alert.

>What is interesting that employee probably meant no harm, but compare this to that SWAT murder a month earlier.

Swatting is intentional, triggering the alert wasn't (at least, so it seems). It's not like the operator pressed the button knowing that it would trigger an alert and expected it not to be taken seriously; he didn't mean to trigger the alert at all.

What I am pointing at is the paradox of intention.

Ongoing car slams into you and kills your whole family while you were driving drunk; you go to jail for manslaughter and get sued by other driver for all you've got.

> The prankster meant no harm either,

Are you kidding? The people who were involved in this didn’t do it to introduce the swattee to new friends. They did it to terrorize someone who made them mad.

He didn’t mean the outcome (murder), terrorize is probably better word than a prank tho.

What I meant is that “oh I didn’t mean it” going to be interpretted differently.

Edit: if you downvote me thinking that I somehow support prank swatters - you are wrong. Otherwise you fail to see the paradox of intended vs unintended outcomes: https://en.wikipedia.org/wiki/Mens_rea (as I understand it's interpreted very different in the US).

I expect that the downvotes are because you are arguing that “he didn’t mean murder” is equivalent to “he didn’t mean harm”.

> What is interesting that employee probably meant no harm, but compare this to that SWAT murder a month earlier. The prankster meant no harm either

The prankster intentionally sent a false alert and intended, at a minimum, to cause emergency response resources reserved for use in circumstances that pose a grave danger to be misallocated and to cause terror in the intended target; that involves both a diffuse but significant public harm and a narrowly focussed private harm.

It is not at all a case where no harm was intended.

Also, it’s rarely one persons fault, and the next human is likely going to fail in similar (or worse, different!) ways to the previous human. Process controls variables like this, there is obviously an issue that we can learn from here and adjust to improve.

Reminds me of the legend of the newly hired sales guy that managed to screw up and lose a multi million dollar deal that was supposed to be a slam dunk.

After the sale feel through the VP of sales scheduled an appointment with the sales guy. The sales guy began cleaning up his desk and boxing his things anticipating what the outcome of the meeting would be.

Upon meeting the VP the sales person profusely apologized and accepted responsibility and said he understood why he was being let go. The VP interrupted him and paused for a moment before telling him "I did not invite you here to fire you. I wanted to see how you were doing and ensure that you learned a valuable lesson. The last thing I thought about doing was letting you go after spending millions of dollars on your education and training."

It depends. Much has to do with the way management handles this. If they work with fear, it might happen again. But of course this one man or woman is not responsible for this.

The procedure needs to be reviewed of course. Why is such an important event the responsibility of one person? At least two persons should have to press two buttons and it should be made such that one person cannot press them both.

People saying nothing happened - I don't agree. This could cause serious problems for individuals, heart attacks, accidents. This is not without risk.

Also, if he was able to do something in error, that means the system is designed wrong. It's a process problem. You cannot fire this one guy and expect this to not happen again.

> Also, if he was able to do something in error, that means the system is designed wrong. It's a process problem.

This doesn't work in all contexts, and I suspect it fails for a large majority of contexts. If the system always prevents you from doing the wrong thing, it will also often prevent you from doing the right thing.

For example, I submit that the philosophy "ability to make a mistake means that the system is designed wrong" completely falls down in the case of going to a new restaurant for lunch and finding out you hate the food there.

I wish this claim, which is very common in discussions like these, came with some analysis of why this odd philosophy which is a terrible idea in so many contexts is instead a good idea in the context at issue.

If the Ui was so deliberate easy to send an alert and it was allowed to be implemented, mistakes will happen, he shouldn’t be fired for that

That's one way to look at it.

The other perspective is that most people would not need to learn that lesson in the first place. This employee is unlikely to make this type of mistake again, but broadly speaking, is he less likely to make mistakes than someone who wouldn't have made this mistake in the first place? Doubtful.

If he's learned.

Therein is a key responsibility of the manager: if they've learned, you're 100% right. If they haven't, don't care, don't get it or whatever, then you also need to take responsibility & replace that person.

Or perhaps he is careless and should be not be trusted with such a critical duty.

That may be for some cases, but there should be an extreme amount of due care on the part of employees who can hit a button and cause parents to put their children in storm drains. The particular person who did this may not be fired, but their responsibilities will somehow change.

I see my comment was downvoted. Yet, today's news, just a day later, shows that the comment was absolutely correct. The person has been reassigned.

Misguided. Circumstances are that he either is or is not qualified for a single point of failure job like that. If not it’s management failure. If the human is “qualified” for a single point of failure responsibility like that, he’s now fired.

I suspect that if your criteria is “you can never make a mistake” that no one is qualified for a single point of failure responsibility.

Clearly some mistakes are bigger than others. Simply counting mistakes is overly simplistic. I’m not suggesting that this single mistake is necessarily big enough to deserve an immediate firing, but there certainly are mistakes that do.

Also, at a more fundamental level...

when you're dealing with processes as critical as this one...

there should be no single point of failure.

Even our President has a backup, a failsafe, and a safeguard for the purposes we're discussing here. And that backup has a backup, a failsafe, and a safeguard. Etc etc etc.

Not really true. Thanks to advances in technology POTUS had 10 minutes to launch by the 1970s before Washington was toast.

It was an open secret that nuclear retaliation could be instigated without White House or even Pentagon approval if the Soviets tried to decapitate Nato.

"Of course, the whole point of a Doomsday Machine is lost if you KEEP IT A SECRET!"

A rational player would only put effort into a retaliatory strike capability to the extent that actually having a retaliatory strike capability strengthened the enemy's perception that they would be obliterated if they struck first.

So, gross management failure. Or, more likely, a hack. Although I don’t see how they would lie that one person really has such power, knowing the truth would likely leak.

This isn’t a newbie getting set up on his dev db who was given too much access to production. They’re pointing the finger so that mechanism that facilitates single point of failure should be independently audited

The problem is not the employee who pushed the button. It's whomever designed a system with no checks and balances against a single human operator's error, given the severity of the outcome.

No way we should accept errors like this as some sort of blameless par for course in software engineering. Especially as SV grows more and more into life-critical systems like autonomous vehicles. If there was deep incompetence in architecting a system like this then yes, potentially the employees responsible for that architecture could be disciplined. If the responsible employees were too junior to design appropriate safeguards correctly, then the finger points at the managers who set up the team that way.

It sounds like the parties to blame here lie somewhere in the management chain between the poor unfortunate button-pusher and the director of all emergency management for Hawaii.

This is known as the "Asoh Defense". Capt. Kohei Asoh accidentally flew a DC-8 airliner into the water while on approach to SFO. No major injuries and the aircraft was repaired. The incident was noted for Capt. Asoh frankly accepting responsibility.

[0] https://en.wikipedia.org/wiki/Japan_Airlines_Flight_2#The_"A...

While Governor Ige did accept full responsibility for the incident, he did not directly execute the technical steps that caused the alert to be sent to HI residents.

This is different than Capt. Asoh's defense because Asoh was directly responsible for

> attempt[ing] an automatic-coupled Instrument Landing System (ILS) approach, something neither [he nor Capt. Hazen] had done before on a recorded DC-8 flight.

In any case, your reference to the defense is fantastic. In the profane spirit of what Asoh told the National Transportation Safety Board investigators--"As you Americans say, I fucked up."--I think it's not too off the mark to observe "What an Asoh". [0]

[0] I tried resisting this but it's just sitting there, y'know. Also, I'm sure my American eyes are mispronouncing Captain Asoh's name. For what it's worth, we should all be so forthright to own up to the mistakes we've made.

> Asoh mistakenly landed the plane near Coyote Point in the shallow waters of San Francisco Bay, two and a half miles short of the runway.

I was shocked at the 2.5mi deviation until I realized that this is about 51 seconds of flight at his airspeed of 177mi/hr.

Still, that's a pretty astonishing distance from the runway.

Kudos. That is how you manage. However my concern is that it took over 30 minutes to send another message stating it was false. Seems like they should have been able to spot their mistake almost instantly.

As I commented below, if this happened when the stock market was open, this could have had a huge impact financially. Over 30 minutes with no updates is an eternity for news to hit Wall Street and algo trades start kicking in.

It could be that there were no "oopsie" messages coded into the system and they didn't have an easy way to send a newly written message out. If it's designed to be used with canned messages, it might take some time to work out how to put a new one in...

Or you just don't rush and ensure your mitigation doesn't make things even worse

So, people on the mainland are reacting differently than people in Hawaii. But this is not unexpected. When you live in such an isolated and vulnerable place, you are prepared for events which take a turn for the worst. I sort of figured people on the mainland would be clutching pearls and calling for the firing of the employee. But we have "false alarms" in Hawaii occasionally (e.g. with tsunami warnings which fizzle out). Most people on the island take the more reasonable position that we seem to have our ducks in a row for alerting, and I'll take an occasional misfired false positive over a false negative. It won't lessen my community's readiness if the real thing happens. Call it a really true-to-life drill. If you don't live in Hawaii and are having this kind of weird panicked reaction to a mistake, perhaps give yourself a minute to really take stock about your perspective on life. It was a mistake, and maybe even helped us become better prepared.

> If you don't live in Hawaii and are having this kind of weird panicked reaction to a mistake

There is a lot of fearmongering just lately around the idea that there's going to be a nuclear war with North Korea because the president likes to talk shit on Twitter. I've had so much practice, with my explanation of all the reasons that won't happen, that by now I could do it as an elevator pitch if I needed to. That's why so many people are having this "weird panicked reaction" - panicked, yes, but not weird, when so much effort has been spent to insist that an arrantly implausible counterfactual is not just possible but likely.

(On that note, I expect the next wave of articles and op-eds to revolve around Hawaii's recent "close call", and why it means everyone should be much more scared than everyone is already. Who cares about externalities like the health of the republic when there's attention to be monetized?)

I wonder what those procedural changes could be

Could they do it so say, two people have to input a code or something from different machines, or something more physical like turning two keys, hitting a button etc

A big fat "Are you really sure?" confirmation box would seem to be the absolute minimum requirement here...

A previous employer had an “are you sure?” dialogue on Outlook’s reply-all button, you can script it up in VBA.

Didn’t stop people from doing it.

If it that dialog fired every time I clicked reply-all, I would start ignoring that dialog, especially if it was annoying.

We're talking about a missile incoming. I think they move fairly rapidly; the response system ought to be rapid as well.

People are used to say Yes in a standard confirmation dialog. It would be helpful to implement something more complicated like pressing two buttons, typing "yes" to a clear question or solving a simple puzzle (ideally visualizing the outcome while solving it).

A common pattern, e.g. used by github when deleting repos, is to type something (e.g. the name of said github repo); not necessarily a puzzle, just spelling out the thing you want done.

typing “send sms alert” vs testing “do not send sms alert”. that way you’d have muscle memory for the latter, but you’d know what to do if you really wanted to do it

Putting the button behind glass.

At a military communications center I once worked at we had the EPO button positioned near the door so you knew where it was, and you could hit it on the way out as you evacuated. One day someone had a toolbag in their hand as they were leaving and it swung and hit that big red button ... and it did what it was supposed to do - cutting all the power to the room. Which ended up being a big hassle - they had to reload crypto keys and so on.

That very afternoon a plastic guard was installed over the button so you had to lift it first.

One of my jobs in a big computer room had the same big red buttons by the door for the fire suppression system. By the time I'd gotten there in the 90s, they already had plastic covers on them, and had since a similar incident early 80s.

Hey, they figured it out with fire extinguishers!

That's how it should be. As I maintain - mistakes are places where the systems and automation are too weak for our fat fingers, and mistakes of my team are my mistakes.

Is it going to have any consequences for the governor? Otherwise taking responsibility is just cheap points.

>We're going to make procedure and technical changes to make sure this doesn't happen again.

Must be reading some DevOps blogs about blameless post-mortems.

Now people are impressed with what should be all along.

I think a small group of people feel "mission accomplished".


There is nowhere else to go with the sanctions against North Korea. What the situation needs is de-escalation.

CNN are not very objective on government issues... hopefully this was a video interview and not a "quote" ... (because videos are a bit harder to fake).

This kind of accident has happened many times in the history of the Emergency Alert System (EAS)[1] and the earlier Emergency Broadcast System (EBS). The false alarm of 1971[2] actually revealed a major flaw in the EBS. During the incident, a legitimate national alert initiation message was erroneously broadcast instead of the scheduled test message. Many stations did not propagate the message as required because of confusion caused by receiving it within the time window of a scheduled test. Interestingly, this revealed a major flaw in the system in the event of a real emergency: that an adversary could time its attack with a test broadcast of the EBS, rendering the system generally ineffective.

[1] https://en.wikipedia.org/wiki/Emergency_Alert_System#Inciden...

[2] https://en.wikipedia.org/wiki/Emergency_Broadcast_System#Fal...

If I were going to erode public trust in emergency broadcast systems in order to increase the amount of damage I would do by launching an actual missile, this is how I would do it. A series of false alarms.

A similar, if obviously much smaller and less disastrous example, happens at my apartment about 4 times a week: the fire alarms for entire floors of my apartment building are easily triggered by people smoking in the breeze ways or burning their dinner. The result is that I routinely ignore fire alarms because the likelihood of a real fire is has been demonstrated to be exceedingly small.

A ballistic missile heading for Hawaii would be nuclear, the amount of additional loss of life that would incur from “damaging the public’s trust” in the early warning system would be pretty much negligible if the missile hits any major population center. This is basically not an issue for nuclear missiles for something more like to the situation in southern Israel with conventional unguided munitions blindly shot at their general direction it might work but if a nuke could get you it would do it regardless if you duck and cover or not.

> but if a nuke could get you it would do it regardless if you duck and cover or not.

This is just not true. The area in which the nuke will get everyone regardless is less than a tenth of the area where taking precautions would save you.

This is a bit of a pet peeve of mine. People widely laugh at "duck and cover" as if it was some huge joke. Even at the height of the cold war when the nuke stocks were at their largest, only a small portion of the population would be screwed regardless of what they did. While the majority of the population would be at a distance from the closest explosion where ducking and covering would save them.

> People widely laugh at "duck and cover" as if it was some huge joke. ... While the majority of the population would be at a distance from the closest explosion where ducking and covering would save them.

Having grown up during the cold war, I'd say that people thought "duck and cover" was ridiculous not because of some misunderstanding about its usefulness in protecting one from blast, though that misunderstanding might have existed. The reason everyone thought it was ridiculous was that everyone realized that surviving and having to deal with a completely smashed infrastructure and radioactive fallout was an extremely terrible, shitty outcome that you were not going to save yourself from by hiding under a desk or something.

Another thing that constantly astonishes me is how the immediate direct damage caused by any kind of intentional explosion is consistently overestimated by public at large. I largely blame action movies where C4 block of the size typically used for initiating industrial explosives in bore holes is often shown as leveling complete buildings.

Or war movies, where a round from a tank gun or small artillery piece completely wrecks a house. I have a handful of decommissioned 76mm tank destroyer rounds, probsbly from an M18 Hellcat - comparable to most WW2 tank guns. It's about the size of a one-liter soda bottle, and a significant portion of that is aerodynamic casing, propellant, and fuse.

It's interesting, too, to read historical accounts of sieges in the Napoleonic and earlier eras; it would take days or weeks of pounding by breaching batteries of heavy cannon to reduce masonry walls to effect a breach and allow an assault over the pile of broken rubble remaining, in a bloody, hand-to-hand melee. And often there would be so much time between firings that the defenders could rebuild new defenses in depth behind the breach. Unless a powder magazine was struck, massive damage was relatively rare.

People forget that in Hiroshima and Nagasaki, where no one ducked and covered, there were long-term survivors 200-300m from ground zero simply by virtue of where they were located when the bomb went off. A protective posture is at least somewhat effective much closer to ground zero than I think people realize, especially if you have a bit of warning.

Even for a megaton hydrogen bomb, there is some radius in which you would be safer in your basement. It's just a big radius.

Also, the area within by that large radius is going to be much bigger than from non-nuclear threats, so the number of people who could have reduced injuries via preparation might be much greater.

These systems are being revisited for the first time in a generation. Honest mistake is far more likely.

Looking at the screenshot of the alert [0], it appears to be using the alert system adopted in 2006 in response to the Warning, Alert, and Response Network (WARN) Act[1]. How is this system for a missile attack different, and in what way is it being revisited for the first time in a generation? Text messages are just now 1 generation old (SMS first implemented 1992[2]; generation is about 25.5 years[3].)And of course the alert system itself is only 11 years old.





Well they tested the nuclear/missle attack warning sirens in Hawain cities for the first time in a very long time last month. Just because the sirens were installed during the cold war doesnt make the new attention and urgency being given to them is any less new. Same with the underlying infrastructure behind cell phone alerts being old while the systems on top are being newly revised and tested.

Clearly there is a whole bunch of new attention being paid towards this.

And rightfully so given the provocations from NK and the general decline in maintenance/quality of the US nuclear and ICBM weapon systems.

I'm surprised the sirens aren't tested more frequently.

In Denmark we have a national system of sirens. They are tested once a year at a specific date and time. In the cold war era they used to test them every Wednesday at noon, but it has been scaled down since then :-)

The US has no national siren system; there are just state and local ones. I've heard siren tests every once in a while living in San Francisco, but there's zero public education about their meaning or appropriate responses.

(This false alarm was a push alert sent to cell phones. What about people who don't have a cell phone on them when the alert comes? ... good luck)

It played over TV broadcasts as well, I think. Probably went to radio, but I haven't seen anything written about that.

It was also on radio and TV.

In Tokyo they test the public emergency speaker system every day.

At 5pm they play a 30-second traditional Japanese lullaby. If you ask people, they say it means it's time for children to go home - though as far as I can tell it has nothing to do with actual school schedules. I'm not sure everyone realizes it's actually a warning system.

They get tested monthly here in Minnesota (at 1300 on the first Wednesday of the month).

They are primarily for tornadoes rather than nuclear weapons though.

I don't think user intopieces was taking a stance on whether it was intentional or an accident. Crying wolf is crying wolf either way.

Israeli here. We get false rocket alerts every once in a while. Usually it's a bug or a badly calibrated radar picking up something else, sometimes a human error.

I think a series of false alarms would have the effect you describe. However, based on some of the reactions I'm seeing online, I wonder if a one-off false alarm will cause a lot of people to figure out what they should be doing if the alarm were to go off again for real.

If you want to go down this particular rabbit hole, then let me say that I think it's more likely this was "us" than "them". Now the whole country is talking and thinking about the effects of a real ballistic missile launch. We got a glimpse at the chaos and mass panic that would ensue.

Tomorrow there will be more people in favor of putting a swift and aggressive end to NK's nuclear ambitions than there were yesterday.

An interesting Reddit comment described a chaotic traffic situation for 20 minutes (people running lights, wrong-side-of-the-road driving, extreme speed, etc.). Human nature in these moments is very “Tragedy of the Commons” apparently.

It's good to see people react. There are lots of stories of people dying in disasters because they didn't take it seriously. E.g. sirens blaring for a tornado alert, and people are just continue mowing their lawns. Or people continue eating their meal when the building is on fire, who ended up dying.

Tornado alley lifer here... they're a different story. They process slowly (10mph-30mph), the vast majority of them in the USA will move SW to NE, they usually have a very narrow damage track (100yards), and are usually very visible on weather radar as bright wind sheer.

My point being, if you can see a tornado coming, you'll have ample time to take shelter in a basement [or if you're in an unpopulated area, you can get out of the way]. Why people get killed by tornados "still" is usually insufficient shelter (homes without basements or safe rooms), quick touchdowns, them occurring at odd hours when people are sleeping, or the occasional goliath tornado with a massive damage track that's moving quickly, in the wrong direction.

I've heard dozens of tornado sirens and watched people ignore them in the 10+ years I've lived in Minnesota.

I've also experienced being caught in the middle of a tornado outbreak (30 in 90 minutes, a couple were over mile wide) while driving across southern Minnesota. We sheltered at a Walmart and were quite alarmed that no locals seemed to take it seriously, even when the roof partially lifted off and cars started getting tossed around in the parking lot.

IIRC the State recently switched to more localized warnings (not county wide) due to people ignoring the sirens.

I'm also pretty sure that "you can see tornadoes coming" is poor advice, especially since they often come at night or with significant rainfall.

And lots of those stories are from Hawaii! Many many people have died their due to tsunamis, etc. They take their warnings seriously (in the past they didnt have them for things like tsunamis)


Would also like to read this.


Thinking prepping is silly is not synonymous with believing "when gloves of society are off, we all gonna be happy singing kumbaya and respecting rules."

I think prepping is ridiculous, but it's precisely because I know the nature of humanity. (Among a bunch of other reasons.)

It's also ridiculous to think this particular incident has anything to do with, well, anything...

>I think prepping is ridiculous, but it's precisely because I know the nature of humanity. (Among a bunch of other reasons.)

Could you share this insight? The US gov't recommends that you do some amount of emergency preparedness ("prepping"): https://www.ready.gov/build-a-kit

Having 72 hours of shelter/water/food, a first aid kit, and some other bits and pieces is not how prepping is colloquially used.

Given a disaster with a 1% yearly chance, and a lifespan of 80 years, lifetime odds of encountering that disaster are close to 50%. Given a disaster with a 0% or a 0.000001% chance, lifetime odds are still pretty close to zero. Disaster preparedness worries about the 1%, prepping worries about what many people including me would consider the 0.000001%, which is why having a pack of water bottles and a first aid kit in a cupboard seems like common sense, but prepping for the fall of civilisation seems ridiculous.

You really think the probability of such a disaster is 0.000001% per year? The cold war wasn't that long ago and came very close to the brink a number of times. If we were just lucky, and there is an expected rate of 1 nuclear war every 73 years, that already gets us over your 1% threshold. And nuclear war is far from the only risk. Nuclear weapons are already 70 year old tech, we are always progressing towards scarier technologies. I think your estimate is off by a factor of a million.

After the Spanish flu, multiple near-missed accidental nuclear launches as well as political crises during the Cold War, September 11, SARS scare, Ebola scare, weather events like Katrina or the Ottawa ice storm, as well as your bog-standard surprise wars from history, it seems obvious to me that the chance of a mass-destruction event requiring over 3 days of supplies far exceeds 0.000001% chance per year.

I agree that the odds of "society" dissolving are very small. However, the penalty for encountering a blizzard without preparation -- maybe not having enough food to eat full meals for, say, a week -- is FAR lower than then penalty for encountering armageddon without preparation. I'm not saying you're wrong, but if the fall of civilization is 1,000 times less likely, and the consequences are 1,000 times worse, the calculus gets a little more complex.

"Prepping" (colloquial) and "being prepared for a (common/realistic/reasonable) emergency" are two very, very different things.

One is entirely realistic and logical and one in crazy pants.

Yes, one should be reasonable, but that's not how "prepping" is use colloquially, and words have meaning.

Right! I think extreme prepping (the mild sort where you just prepare for a normal disaster is merely prudent) is dumb precisely because I know that people won’t be all friendly and nice after a collapse. Your stash just makes you a target for the meanest guys still around.

Perhaps they don't think the gloves of society will come off - that is, that no catastrophic event will occur which will affect their life/area, so that life will continue as normal for the foreseeable future. In that case, no preparations would be necessary.

if you want to come up on top after civilizational collapse you'd better join a gang or have a cabin in an extremely remote and secluded location, otherwise sorry but your stash will be seized by aforementioned gangs regardless of your prepping and shooting skills

"What you need to understand about the apocalypse is that you aren't Mad Max. You're part of the skull pyramid in the background."

(I can't seem to find the original source--some internet forum.)

Why would I join a gang?? I have enough brothers in arms to create my own.

gangs have an hierarchy, experience with violence and disregard of ethics. if you and your "brothers in arms" are veterans you have pretty good odds otherwise not so much.

It's actually an interesting point. How many of these preppers have received military training, and when shit hits the fan, do they have plans to organize, communicate with each other, and defend themselves?

Here in Idaho at least, a lot & yes. No scary militia type stuff, just folks getting together and sharing knowledge. Still a lot of wild wide open spaces in this country. If you're into winter sports come visit McCall, beautiful mountain lake town, excellent restaurants, and always fresh powder to shred on Brundage Mtn. Just as great to visit in the Summer, way more crowded but it's a good size lake, plenty of room for everybody

I think you missed the whole point of this threat, that there are no ethics when there is no policing or government oversight.

Are you saying the only reason you're not already looting others' homes is because the government tells you not to?

If so, you're the problem, not everybody else.

No. But I am saying without government policing ENOUGH people go for looting other homes and eventually turn to their animal instincts. And my whole thread was about how majority of population chose not to believe that. They believe that nice neighbor living next door will rather starve to death or eat its own feet, rather than turn into cannibal and butcher someone else.

Why do you think your preparation will be enough? If things do go that bad then it'll be very few people that will survive because of just how much of our mechanised infrastructure is needed to feed us.

Now your friends know where to go to steal ammo and other supplies when the revolution comes.

This sounds sarcastic but I don't mean it that way. True prepping is leaving (and maintaining!!) caches for adequate time in various locations (you don't know where you'll be when things go sideways, nor what routes will be available).

How long are you preparing for? Days? Months? Years?

> mercilessly fires handgun into a nuclear mushroom

The fact that they are laughing at you does not mean that you are not actually living in lala land. The whole 'prepper/suvivalism' movement took a big hit after Sandy Hook. To date survivalists have caused more deaths than their preparations have saved.

“LaLa Land” = Los Angeles

Source, please? I was unaware of this sentiment.

What a source!

If you reason that survivalists have caused some many death because Lanza was survivalist, then lets continue with your thought process:

- Lanza was white - hence to date white people have caused more deaths than their preparations have saved. - Lanza was male - hence to date men have caused more deaths than their preparations have saved. - Lanza was a minor - hence to date minors have caused more deaths than their preparations have saved.

Did I miss something?

Yes, you've missed something.

If the lady had not been a prepper then she would not have brought a whole bunch of guns into a house with a kid that was clearly having problems. And instead of preparing for the problems that she never had she might have spent more time on the problems that she - and he - clearly did have.

Being white, male or a minor has nothing to do with it.

So to clarify, does this describe the gist of your original sentiment? "She was a prepper. She prepped for nuclear war. Her son had problems. She did not prep her son for day-to-day life problems, and her son used her weapons to kill people. Therefore, being a prepper has killed people."

Honestly trying to understand your POV.

What maddnes?

I woke up to this this morning on the island of Oahu. People running around on the street freaking out and police / fire engine sirens going off.

Everyone cheered when the “False alarm” SMS came through across the phones.

Secure your networks people - this electronic psyops stuff is real.

Why are people running around in the streets freaking out when they are told to seek cover because there is an incoming missile?

Probably because they don't know where to take cover.

Depending on how much time I have, if I had to take cover, I'd either load up supplies in the car and head to the 3rd underground floor of my office parking garage (but away from the vent stacks in 2 corners of the garage), or if I have less time, I'll jump the fence at the apartment complex next door and hide out in their one floor underground garage.

I live in a wood-framed house, so it's going to provide less protection than an underground garage, though still better than running around the streets.

Business insider says 37 minutes from North Korea to Honolulu. I imagine it’s only a few seconds difference between the various Hawaiian islands. However, you don’t really know how quickly the alert goes out. Do you estimate you’ll have more than 10 minutes notice?

Nobody teaches anyone about cover during a nuclear strike anymore. In fact, the concept is frequently mocked as cynical Cold War era propaganda.

CDC was going to. But they decided to postpone it. http://nymag.com/daily/intelligencer/2018/01/cdc-delays-nucl...

The duck and cover thing I thik it was more to escape from things like glass and debris throw away by a explosion. Of course, if you were close of the explosion wold make litle sense,but the after shock can hurt lots of people.

The mocking isn't unjustifiable though. I mean the turtle/duck and cover is quite pointless, at least in the case of a nuclear strike (unless you're maybe on the far edge of it, in which case a ditch might save you..and that's big might).

In the documentary "Iraq: The Untold Story", the creator shows civilian air raid shelters in Baghdad. They were four stories down, with the upper floors all reinforced concrete. Yet there were powerless against US bunker busting bombs, and the hundreds of civilians in the shelters that were hit all died.

Cover is extremely important if you're outside the immediate fireball zone (where you're just going to be vaporized). You shouldn't infer from the fact that bunker busting bombs successfully bust bunkers that attempting to survive a nuclear explosion at some distance from you is pointless.

Play around with NUKEMAP:


If you are hit directly, you're fucked no matter what. But the fireball has relatively small radius compared to the other zones.

Ducking underneath something solid is to protect you if the building collapses, which is likely to occur in the large air-blast radius. This is much like ducking under a desk in an earthquake.

Cover will save you if you're within the larger thermal radiation radius. Even clothing can be enough to protect you from burns, so any cover you can get is good.

The mocking is utterly unjustifiable. Duck and cover would have saved millions of lives if MAD had come to its conclusion. The inability of a building to resist bunker busting bombs is completely unrelated.

Have you ever looked at pictures of the aftermath of Hiroshima? People who weren't behind cover survived the immediate blast but got horrifying burns.

What happened to the people who were behind cover?

If I remember correctly, others was a man in a basement only a few hundred feet from ground zero who survived relatively unscathed.

Don't underestimate the protection cover can offer!.

Roughly half of the population of Hiroshima survived.

Yeah, because putting your head down against an interior wall or under a desk is going to make any difference.

It could. If you’re in the inferno, no. If you’re outside the thermal flux, protected from ionising radiation by simple structure (i.e. away from windows) and within the pressure flux, duck and cover works. If you’re in cases one and two, you die, quickly or painfully. Since you don’t know ex ante where the bomb will burst, duck and cover makes sense.

It's going to make a huge difference is the blast is far enough away for you to not be in the "obliterate everything" zone, but still close enough to be dangerous.

Is this the same area where you will die of radiation over the weeks following the attack?

No, you can survive for decades or ever even within a fairly close area.

There’s not much of a consensus on “cover”, hence people seek insight on the concept from law enforcement officials.

Is it cover when you’re inside but 30 floors up in a high rise?

That is actually reasonably well-established - check out this:


Not common knowledge, though, in part because nuclear hazards have been painted in an exaggerated light by Hollywood (basically, no point in trying to survive, because everybody is going to die and what's going to be left is a 1,000-year lethal nuclear wasteland), and in part because we stopped worrying after the end of the Cold War.

Despite the goofy title, this is a remarkably good book from the 1960s, citing some actual science, that helps grasp the actual dangers and the survivability of nuclear attacks or accidents:


PS. For folks interested in less apocalyptic emergency preparedness tasks, I maintain a handy guide:


Off topic, but the same guy (Michal Zalewski) has an absolutely amazing guide to his CNC work.


For something a bit less depressing.

Note the "I maintain a handy guide" in the comment you replied to.

Ah, my bad. I figured the /prep/ guide and the /gcnc/ guide were distinct, but I see how you could take it a different way.

The same guy being f- above

I live in a 5 story apartment with two basement floors, exactly as shown in the image. The bottom floor actually has a bomb shelter, in the area rated "200".

I've often wondered, what does "protection" mean if the building has collapsed around us, so we're now 20 feet below ground, with a pile of rubble on top, and no way to get out?

I don't think you should direct your ire towards Hollywood, at least not in any significant way. I don't think it was until "The Day After" (1983) that any movie showed anything like a realistic depiction of the aftermath of a nuclear war, and even that was deliberately downplayed.

It surely wasn't a Hollywood depiction which caused Dorothy Day and others in 1955 to protest the "Operation Alert" drill, saying:

> We will not obey this order to pretend, to evacuate, to hide. In view of the certain knowledge the administration of this country has that there is no defense in atomic warfare, we know this drill to be a military act in a cold war to instill fear, to prepare the collective mind for war. We refuse to cooperate.

This "The Heritage Foundation" report from 1984 titled "The New Case for Civil Defense" also doesn't mention anything about Hollywood depictions. https://www.heritage.org/defense/report/the-new-case-civil-d...

Finally, the NWSS book you cited says "American official policy, or at any rate the implementation of that policy, is based on the assumption that civil defense is useless." Again, I don't think that policy was influenced by Hollywood.

(BTW, it's funny that Teller says "With the use of American automobiles an evacuation could be faster and more effective than is possible in Russia." - I guess he never saw a city trying to evacuate from a hurricane. Or the plans to evaluate NYC should there be a major disaster at Indian Point.)

Instead, NWSS and The Heritage Foundation (and an essay I read by Freeman Dyson) all say the US policy of MAD was a much bigger influence.

(I'm not going to get into a discussion of the validity of MAD. I only want to point out that I disagree with the idea that Hollywood depiction had much of a role.)

I'm not trying to establish the origin of this narrative; but most people on HN were almost certainly exposed it through pop cultural portrayals of the nuclear apocalypse.

In some cases, these were inaccurate simply because it resulted in a better movie or a novel; but in many other cases, they were probably informed by anti-war or anti-proliferation sentiments. I don't think this deserves any special ire, TBH; it's just our reality. I loved Dr. Strangelove, but it sure affected public perception in a particular way.

Just like, I imagine, most HN readers were exposed to what happened with Apollo XIII or at Dunkirk through the eponymous movies.

But I think there should be a stronger criterion than that before saying that the lack of common knowledge of the effectiveness of DIY civil defense shelters is in part due to how nuclear hazards have been portrayed by Hollywood.

It could be because they aren't effective against the type of nuclear exchange expected during the Cold War.

Most US policy makers, including Eisenhower, were convinced that there was no good civil defense against an all-out nuclear war. This lead to MAD, and the policy of MAD demands that a country not be able to protect its citizens. This was the US policy for most of the Cold War. Which means those Hollywood films reflect US policy.

A problem is, MAD requires an effective nuclear response force, with the expectation that most citizens will die. How do you convince the citizens to fund MAD? One way is to convince them that shelters are effective, even if the high-level planners know that it isn't. This was possible early on because of the secrecy about the nuclear bomb project.

The problem is, civil defense, unlike just about all other aspects of the Cold War, requires convincing the public of its effectiveness. And the government attempts were not convincing. This helped promote anti-proliferation efforts.

Which is why I don't accept your implication that because something is "informed by ... anti-proliferation sentiments" it means that we should ignore it. Those sentiments may have a reasonable basis.

Others believed in NUTS, with the possibility of a limited nuclear exchange, which is survivable for a large country like the US. NUTS played a bigger role during the Kennedy and Reagan administrations, which is why there was more government promotion of civil defense shelters then.

I'm almost certain that Teller would be in the NUTS camp. He certainly had Reagan's ear when he oversold SDI. Even if not, there were plenty of people who were, and those are the sorts of people who would (perhaps optimistically, perhaps reasonably) push that people have a nuclear bomb shelter. Teller's support of civil defense shelters was informed by his full-nuclear-response sentiments, which also "affected public perception in a particular way."

That said, the Cold War context, the idea of having a nationwide civil defense was that, after the few weeks are over and the all-clear signal given, we would help clean up and be able to return to a life that was little different than what we had before.

The reality is that, sure, perhaps a shelter could help millions more people survive the war, but come out to what sort of reality?

And it's not just Hollywood. Even before Dr. Strangelove, there were some widely read fiction books on the topic. The ones I've know are "On the Beach" (1957), "Alas, Babylon" (1959), and "Fail-Safe" (1962). (And a shout-out to "Malevil" (1972), which was the first 'modern' (post-Verne) French science fiction story I read.)

Again, the question isn't if they affected public perception "in a particular way", but rather if they lead to a more complete understanding of the topic.

And I don't think Hollywood's portrayal was much different than what was already well-known at the high policy levels, which is why I don't think it's right to single them out.

> http://www.madisoncountyema.com/nwss.pdf

That is classic cold war stuff. Before you even get to the foreward by Edward Teller you get a preface stressing (among other things) that low doses of radiation are "healthful."

It's just an attempt to defuse the sort of kneejerk reaction which thinks that all radiation is harmful.

If you say so.

small doses of radioactivity are hormetic, healthful because they stimulate the immune system. This was proven in laboratories as far back as the 1920's. With the advent of the A-bomb almost all the hormetic research stopped. And only in the last decade has it resumed on a serious scale.

I wonder who they experimented on and whether that stuff is written up somewhere. Ionizing radiation is okay in my book, how about yours? is not exactly a common theme in modern medicine.

Thank you for this. Any idea if the videos are easily viewable?

Because they believe they and their entire families are about to be turned to dust. I don't know if I would act rationally in that situation.

Because "seek cover" is known to be code for "you are about to die"?

Apparently it was some sort of test gone wrong not a malicious intrusion into an insecure network.

So basically someone left the test tape in the drive again?


In Ala Moana lots of people were looking out their windows but most people seemed to think it was just a mistake, and were waiting for more confirmation, from what I saw.

That's pretty much how people reacted w/ the SpaceX rocket here in LA. Lots of videos of "What is that?" Jokes about NK, etc. People are more skeptical than we give them credit for.

It's probably why in school we went through fire drills, tornado drills, etc. So you at least had some idea what to do and what it would be like.

What part of the island were you on? Out in Hawaii Kai no sirens sounded so it was a collective “meh, probably a mistake.”

Waikiki - it was super confused here.

That makes a lot of sense. What a shitty way to start a day.

I was Facetiming with my gf when our session was "paused". She sent me a pic of notification on her phone. [0]

Even more disturbing was the instructions of the initial warning which was to "hide in a safe place".


[0] https://imgur.com/a/0QkgY

A lot of comments making fun of the "duck and cover" advice, but consider this: Many people suffered serious injury from the Chelyabinsk meteor when they went to a window to see the spectacle, not realizing the shock wave would follow a few seconds later and shatter the windows into their faces.

If they had gotten away from the windows and ducked and covered, they would have been fine.

So it took 38 minutes to send out a new message informing this was a false alert. How is that possible if this was simply a human error during a "shift change"?

You'd think the people who "pressed the wrong button" would be able to press the same button again?

> You'd think the people who "pressed the wrong button" would be able to press the same button again?

Absolutely not. Once you say “fire” you need official confirmation to say “no fire”.

That means certification from the military. The official needed being in a meeting or tending to something of greater importance could easily introduce delays.

In any case, I presume the system’s designers didn’t build in an “oops, fat finger” notification. Getting that ready could have easily taken 30 minutes. This happened on a week-end. The coders could have very well been at home.

> The official needed being in a meeting or tending to something of greater importance

I'm struggling to think what meeting or item would have an importance higher than "incoming ballistic nuclear missiles".

> I'm struggling to think what meeting or item would have an importance higher than "incoming ballistic nuclear missiles"

That’s not what happened. No military system detected a threat. “Incoming ballistic projectile” would be a high priority. “Civilian request for official confirmation everything is fine” is not.

I would assume the system supports arbitrary messages. During a real emergency, I doubt they would want to need to get coders in order to send an unexpected message.

If you're engaged in a drill that's a completely predictable failure mode which you should have a standby plan for.

This happened on a week-end. The coders could have very well been at home.

Again, why would you perform a drill involving mass emergency mobilization and not manage that risk? What if this had happened during a morning commute or in some part of the country where people are more easily panicked?

With great power comes great responsibility, remember?

> why would you perform a drill

Was this a drill? I understood it to be an unplanned mistake.

The White House put out a statement calling it a drill, but that hasn't been confirmed anywhere else, so.

This was not a planned drill. It was a mistake by an operator during shift change.

I find that explanation hard to take at face value. There's a button specifically labeled 'ballistic missile emergency'? Is there a different button for every possible emergency, like a tsunami button, a hijacked plane button, an earthquake button, a volcano button?


Also, the news story we're commenting on describes it as a drill that is conducted every shift change, so yes I think it's a drill because that's how they describe it.

Officials said the alert was the result of human error and not the work of hackers or a foreign government. The mistake occurred during a shift-change drill that takes place three times a day at the emergency command post, according to Richard Rapoza, a spokesman for the agency.

Yes, it is a pre-written message that can be selected from a drop-down list. He was off by one, the "no drill" message was adjacent to the "test" message.


USPACOM had to check and give Hawaii an all clear.

> Absolutely not. Once you say “fire” you need official confirmation to say “no fire”.

Whether they had or needed "official confirmation" the Hawaii EMA still tweeted "NO missile threat to Hawaii" ~13 min after the false alert https://twitter.com/Hawaii_EMA/status/952243912415985664

Would be nice if they could stick to the same medium and ensure timely delivery for this type of correction.

>In any case, I presume the system’s designers didn’t build in an “oops, fat finger” notification.

Yeah, but imagine getting a legit alert, and then someone fat-fingering the "fat finger" notification. Or someone installing malware that sends that notification for all military related threats.

The long delay is what lightly tickles my suspicion that maybe this wasn't a mistake. It's a little too much of a coincidence that this particular alert happens in Hawaii at a time of escalating tensions with North Korea.

I mean it's probably just a simple mistake, but it's also the kind of thing you would do if you wanted to stoke fears about a nuclear strike.

Or if you wanted something new on the front page of papers for some reason.

A screw up seems more likely though.

Or if you didn’t want to disclose missile defense capabilities.

This system is run by the state of Hawaii. They're not exactly pro-confrontation (Tulsi Gabbard aside, but she's not in the state government).

How many people do you need to persuade to a particular point of view to actually put something like this into effect? If it were staged it would be interest of the state to hush it up rather than admit to a power struggle in the control room.

The State of Hawaii is spending time and money suing the feds over several things right now. The politicians in charge would probably love to blame this on someone else. The control room is probably staffed by underpaid state employees who aren't paid enough to take part in a government coverup for no good reason.

Actually, underpaid workers are ripe for recruitment by “evildoers”. Not that I think that is what happened, just sharing how the spy trade really works.

Most likely, but it seems like a single disgruntled individual who disapproved of the state's policy could effect such an outcome. We've seen numerous examples of security-related fuckups over the years that were swept under the rug despite the economic incentives to blow the whistle, so I'm no inclined to completely dismiss the possibility.

So a test drill went wrong.

It makes sense to have drills right now, India (tests with war against China and Pakistan), China (Telling their soldiers to be prepared to die for China), Russia(tests against Nato), and North Korea (getting ready for war with the US) are all having military tests for basically what will quickly become another world war.

We are really at a big crossroads as a large amount of people are rejecting globalization in many different countries. And with such major powers willing to fight hard for resources like Ukraine, South China Sea, Oil Eu pipelines, and not even mentioning the increasing gulf between various countries on core ideologies and creeds.

We really are at a new and dangerous crossroads.

I'd argue it makes sense to have test drills simply because the system exists: much like backups need testing, so do emergency systems. I'm not sure that the current state of the world should influence whether or not the systems are tested.

tests and training shold be done ever as possible. But in times like now, that war seens more iminent than ever it would make sense intensifing this tests.

It wasn't a test drill, it was a system test. Like a heartbeat test. The test message is automatically processed by the downstreams as a test.

Was this a test drill? I haven’t seen anything stating that.

The article seems to have been updated recently to include more information about this "drill":

- Officials said the alert was the result of human error and not the work of hackers or a foreign government. The mistake occurred during a shift-change drill that takes place three times a day at the emergency command post, according to Richard Rapoza, a spokesman for the agency.

- In Washington, Lindsay Walters, a deputy press secretary, said that President Trump had been informed of the events. “The president has been briefed on the state of Hawaii’s emergency management exercise,” she said. “This was purely a state exercise.”

"Amid public outcry over the incident, the Hawaiian government also released a timeline of what transpired after the false alarm:

Approx. 8:05 a.m. – A routine internal test during a shift change was initiated. This was a test that involved the Emergency Alert System, the Wireless Emergency Alert, but no warning sirens.

8:07 a.m. – A warning test was triggered statewide by the State Warning Point, HI-EMA.

8:10 a.m. – State Adjutant Maj. Gen. Joe Logan, validated with the U.S. Pacific Command that there was no missile launch. Honolulu Police Department notified of the false alarm by HI-EMA.

8:13 a.m. – State Warning Point issues a cancellation of the Civil Danger Warning Message. This would have prevented the initial alert from being rebroadcast to phones that may not have received it yet. For instance, if a phone was not on at 8:07 a.m., if someone was out of range and has since came into cell coverage (Hikers, Mariners, etc.) and/or people getting off a plane.

8:20 a.m. – HI-EMA issues public notification of cancellation via their Facebook and Twitter accounts.

8:24 a.m. – Governor Ige retweets HI-EMA’s cancellation notice.

8:30 a.m. – Governor posts cancellation notification to his Facebook page.

8:45 a.m. – After getting authorization from FEMA Integral Public Alert and Warning System, HIEMA issued a “Civil Emergency Message” remotely. The following action was executed by the Emergency Alert System (EAS): 1. EAS message over Local TV/Radio Audio Broadcast & Television Crawler Banner. “False Alarm. There is no missile threat to Hawaii.” “False Alarm. There is no missile threat or danger to the State of Hawaii. Repeat. There is no missile threat or danger to the State of Hawaii. False Alarm.” 2. Wireless Emergency Alert (WEA) “False Alarm. There is no missile threat or danger to the State of Hawaii.”

9:30 a.m. – Governor makes initial media notification.

9:34 a.m. – Governor’s message posted to his Facebook and Twitter accounts."


I'm surprised the discussion here hasn't veered toward what actually happened. Technical glitch/human error? Hacked emergency alert system? Missile actually was on the way, but being a cheap North Korean one, it fell into the ocean on the way?

There are lots of potential explanations...whatever happened, there is stuff to work on in the aftermath of this. Barring the idea that it was an actual missile that failed to hit its target, if these alert systems are vulnerable, that's a bad thing. This could have caused serious chaos in a large city like New York. Techniques like this could be used to cause gridlock before a terrorist attack, suppress voter turnout on election days, etc.

The emergency notice was triggered after an “employee pushed the wrong button” during a shift change at the state’s emergency management agency, Governor David Ige said at a press conference in Honolulu.

Source: http://fortune.com/2018/01/13/hawaii-false-missile-alert/

I'm aware that he said that, and that may be the actual explanation (let's hope so), but even then there is work to be done - maybe adding authentication or confirmation to it etc. That said, this is a situation where if it were more serious (someone hacked in, for example), they'd almost certainly lie about it.

Smart guy...

Human error or crying wolf aside, it's an interesting exercise from which residents can learn what is truly lacking in the case of such an emergency.

Hopefully instead of seeking to cast blame or personnel firings, etc., folks will learn what it is they lack in emergency response.

I am sure that I will also get buried here, but if someone intentionally pressed that 'button' then I believe they are the actual emergency response leader and should be put in charge of the effort statewide.

A drill is supposed to tell you how close or far away you are from being prepared. A surprise drill is going to be much more effective. The threat is so great, if there haven't been serious drills in a long time then they were overdue.

Well, it will be interesting if any researchers look into people's actual behavior within the first few minutes of the notification before the 'false alarm, never mind' message went out to see how effective this was as an emergency alert, even if unplanned.

Not a terrible thing to have happened, tbh

Now we get to see & analyze the "real life" reaction to this dress rehearsal. I'm sure everyone knew without this that a real alert would be full of SNAFUs, but you don't usually get a chance to see what they would really be if everyone actually believed the alert was real.

Hopefully (and I think they will ) they'll be smart enough to use this rare opportunity.

I received a second alert just over an hour ago. https://i.imgur.com/Rc8cfO7.jpg

Nobody else besides me has received a second alert, that I know of, I've posted it like 30 times on twitter under #Hawaii and #MissileAlert etc

Context: I tweeted to someone who was upset about it all, "All your alert are belong to us", then immediately received the second false alarm: https://www.youtube.com/watch?v=KXGnAMp9Nvk


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact