back to article HMS Windows XP: Britain's newest warship running Swiss Cheese OS

The Royal Navy’s brand new £3.5bn aircraft carrier HMS Queen Elizabeth is currently* running Windows XP in her flying control room, according to reports. Defence correspondents from The Times and The Guardian, when being given a tour of the carrier’s aft island – the rear of the two towers protruding above the ship’s main deck …

Silver badge

"we are less susceptible to cyber than most.”

Most what? Warships? Banks? Pensioners?

39
1
Silver badge
Black Helicopters

RE: Most what?

How about non USN Aircraft Carriers for starters? There aren't that many.

Black Choppers coz that is about all that can fly from this thing. F-35's are so much pie in the sky.

28
2
Silver badge

"Most what? Warships? Banks? Pensioners?"

As far as I can arrange it pensioners round here are running Linux.

60
4

Less vulnerable than most other systems. Somehow I don't think warships are connected to the Internet, so sneaker net is the only way viruses can be spread. But since everybody is trained not to plug anything in from home, even that risk is very low. Generally speaking (no pun intended), on defense equipment the CD-ROM drives and USB ports are disconnected to prevent potential infection. Finally, it's possible they're running Windows XPe, which will have fewer vulnerabilities since a lot of the services in XP don't ever load.

I just bought brand new pieces of test equipment that use Windows XP. I assume it's the embedded version. And they even have Ethernet ports on them. In the past we have used embedded XP devices on our network all the time and have never been infected.

20
3

It's not cheese, it's fudge!

6
0
Silver badge

"we have absolute confidence in the security we have in place to keep the Royal Navy’s largest and most powerful ship safe and secure.”

MoD, Today

"we have absolute confidence in the security we have in place to keep the UK’s largest and most powerful shits safe and secure.”

House of Commons yesterday - before KGB / GRU / FSB Russian cyber attack.

6
0
Silver badge

Don't need an Internet connection

Somehow I don't think warships are connected to the Internet

The SS Yorktown in 1998 was not connected to the Internet, but a rogue packet in the ship's intranet took the MS Windows XP machines down and it needed to be towed back to port.

Maybe the Royal Navy wants to shows that it is also capable of gross cock up ?

14
3

There is more than one network on a warship. Some of them will be connected to the internet when the ship is docked. Sooner or later someone will replace a switch and the super secret parts of the network will also be connected to the internet and no-one will notice for a while.

20
2

Re: Don't need an Internet connection

Umm no. XP was released in 2001.

4
0
Silver badge

The photo showed XP Professional, not XP Embedded.

4
1
RW

As is this pensioner.

5
1
Silver badge

All this has happened before

As long as these Windows XP devices go nowhere near a network or any removable media we'll be absolutely fine.

I was once told the Panavia Tornado used audio cassettes for their stored programs, which may have been useful for spares when practicing for WWIII, but also brought to mind that final scene from Escape from New York. I'm sure that was a perfect complement to their "Blue Circle" radars.

6
0

Re: Don't need an Internet connection

Also, it was in '97 not 98.

"On 21 September 1997, a division by zero error on board the USS Yorktown (CG-48) Remote Data Base Manager brought down all the machines on the network, causing the ship's propulsion system to fail.[5][6]"

https://en.wikipedia.org/wiki/USS_Yorktown_(CG-48)

7
0

This post has been deleted by its author

Anonymous Coward

Blue Circle

Blue Circle cement, I remember that! If I recall the Fox Hunter radar wasn't ready in time and they had to add extra weight into the nose of the Tornado to compensate.

2
0
Anonymous Coward

not internet connected

They won't be permanently connected. But it's highly probable they will have Welfare services for the crew, so non operational type services, which the crew will use for contact with home via the communications satellites. It's almost certain they will be able to send and receive email. Send the right attachment and if the crew open it, then that could cause infection, unless they block attachments.

2
0
Anonymous Coward

Re: All this has happened before

I watched a video last week about the Tornado, looking at it, I would say it must have been made during the early 1980s. They talked about mission data being downloaded by tape, and for the brief moment they showed the cassette tape being inserted, it did look like a standard C90 ! But then there wasn't much else available in those days, you couldn't use the large multi-track tapes that were the mainstay of mainframes, far too big to put that into a small fighter. Magnetic bubble memory didn't come along until I think a few years later when the aircraft was in operational service, so probably not worth the cost of upgrading all the aircraft.

So quite probably FSK modulation in the audio band on to an audio cassette tape. Nowt wrong with that.

1
0
Black Helicopters

@Bob Camp

"Somehow I don't think warships are connected to the Internet, so sneaker net is the only way viruses can be spread. But since everybody is trained not to plug anything in from home, even that risk is very low. Generally speaking (no pun intended), on defense equipment the CD-ROM drives and USB ports are disconnected to prevent potential infection."

In this day and age, complex IT based systems are not just useful, but necessary for the operation of modern equipment. When you get to the point of human interface, it's often cost effective to use systems that they are familiar with, which is something that both MS and Apple have attempted to exploit since the dawn of desktop computing (to varying degrees of success). It's also often good to have (hopefully encrypted) satcomms so that staff who require information access can use live, interconnected systems for document management, configuration control, etc. etc.

The HMS QE isn't the first military transport that I've heard of that uses a Microsoft desktop product in this way (nor even the first that may or may not still be using XP). I'd be careful about assuming that the risk is low of casual insertion of USB devices though. Quite a few operational systems require more than casual data transfers of system health monitoring data, and there's always the frequent dog watch shifts at 3am where everything is quiet, the boss is asleep, and a maintenance crew member happens to have the latest <insert TV episode or blockbuster movie of choice> in a thumbdrive in their pocket.

2
0

Re: RE: Most what?

Steve Davies 3: F-35's are so much pie in the sky.

I like it! From now on the F35 will be known as The Flying Pie. ^_^

0
0
Silver badge

Re: All this has happened before

far too big to put that into a small fighter

I would agree that there might not be much space available, but have you ever been up close to a Tornado? Small is not a word that would spring to mind, though they are slightly smaller than an F15 but bigger than an F16 most of these war machines are more of 50 feet long and 20 feet to the top of the fin. About half the size of an A320

2
0
Silver badge

Re: All this has happened before

Not only does the Tornado use standard cassettes for loading navigation data, but the same tape player can also deal with audio cassettes as well, which apparently comes in handy on long flights when the crew want a bit of background music.

(Here's the nav info being recorded onto cassette, and later being loaded into the aircraft)

2
0
Anonymous Coward

Re: All this has happened before

Upvoted for the classic Escape from New York reference.

0
0
Silver badge

"The MoD insisted that it has lots of folk worrying about cyber security so there's no need to worry."

Well yes, it has LOTS of people worrying. It just does not have anyone left (well, anyone who was an IR35 contractor) who can actually FIX the problem.

1
0
RPF

Re: All this has happened before

It was a standard tape and it was used to load mission (navigation) data. In flight, it could be used to play music through the intercom. However, given the musical tastes of Navigators, it rarely was for long!

Blue Circle radar was applicable only to the F2/F3 Air-Defence version; the ground-attack/strike version radar was much simpler and worked well from day one.

0
0
Mushroom

Old Fashioned

Is it me or does this ship look out-dated already? I suppose if they ordered it 20 years ago or whatever...

7
1
Silver badge

Re: Old Fashioned

Is it me or does this ship look out-dated already?

Well, yes. That big flat top and huge slab sides are soooo 1942.

Interesting to observe that our last carrier capable of launching supersonic jets was ordered in 1942, and laid down in 1943.

25
1
Gold badge

Re: Old Fashioned

Fizzle,

All military kit is old fashioned. As the chappie said, you order this stuff 10-20 years before you get it. Often from a spec that was mostly written before that. Every time you try to change that spec during the build process, the price goes up and the delivery time gets further away. So you tend to plan regular upgrades instead, and deal with the problem while the unit is in service.

So for example, Lewis Page of this parish spent many a happy article complaining about the Eurofighter Typhoon. But the design work for that started sometime in the 70s - where they were trying to guess what aircraft the Soviet Union would be operating by the 1990s, and then build something to be capable of dealing with them. The design work got serious in the 80s, and it was ordered by the mid-80s, just in time for the Cold War to be about to end. At which point who needed a pure air superiority fighter?

But cancelling it meant burning all the money already spent, and sacking all the people involved, plus possibly knackering the companies. So it was considered cheaper to keep going, then modify it to be more multi-role when they'd finished it. Also the price shot up, asl the various nations buying it chose to have fewer aircraft, thus spreading production and R&D costs over fewer units.

Was this mess anyone's fault? Well not really. They had to order way into the future when they thought the Cold War was a serious problem. The only alternative was to buy from someone else - which obviously has less risk. But that means your stuff won't be state-of-the-art by the time you get it, and that you lose the skill and ability to produce your own, should someone ever refuse to sell to you.

These carriers are such large and complex systems, that there'll probably be some bit of kit changed, updated or in testing every couple of months.

30
0
Silver badge
Mushroom

Re: Old Fashioned

> All military kit is old fashioned.

Somehow I assume Fizzle is well aware of this 8^)

2
0
Pirate

Re: Old Fashioned

"... does this ship look out-dated already? ..."

I suspect that the rearmost island may have been inspired by Professor Farnworth's "Planet Express" delivery ship.

4
0

Here we go again, I really don't care if they run Windows XP as long as it works - tbh I think they now leave apparent "XP desktop" screens visible to journos on purpose

18
6
Anonymous Coward

What's the likelihood that most of that code is running as the default Administrator? How long would it take a hostile operative to gain control of all the key computer systems?

Hopefully they've modelled these scenarios, but given they've gone with XP...

5
9
Silver badge
Alert

@Ben1892

It could have been worse: it could have been Vista

Icon: all hands to the pumps - you may need it

13
0
Silver badge

"How long would it take a hostile operative to gain control of all the key computer systems?"

If you've got a hostile operative onboard on in-service navy ship then the whole ship is compromised and effectively dead in the water. The chances of this happening - one hopes due to security at the dock and personnel vetting - are insignificant. A far more likely attack vector is The Idiot. The Idiot will pull out a vital cable accidentaly, plug in his usb stick containing a load of ripped mp3s from a pirate site, give the wrong information at just the wrong time etc...

This IMO is rather more likely.

18
1

Hey!

@boltar

"A far more likely attack vector is The Idiot."

No fair! I was nowhere near that cable when it, um, fell off in my hand! And it wasn't a USB key! It was, um, er, a licorice all-sort! So it was all that Bertie's fault really... (blush)

23
0
Anonymous Coward

"If you've got a hostile operative onboard on in-service navy ship then the whole ship is compromised and effectively dead in the water. The chances of this happening - one hopes due to security at the dock and personnel vetting - are insignificant."

I'm sure the chances of Edward Snowden happening were considered insignficant as well.

11
0
Silver badge

@Ben1892

I commented here when the photo of that XP screen was published back then: that the XP screen is a well-known cover-up for TAILS linux. I ask again, what are they doing with TAILS?

4
0
Bronze badge
Facepalm

In the year 2020

Read the article again: the software will be upgraded by the time the ship becomes operational. I suppose her majesty will be running Vista by then. How operationl will those JSF fighters be in 2020?

1
1
Silver badge

Re: In the year 2020

Given that these things purchased by the government, especially defense related contracts, go over budget and over time, how sanguine are you on 2020? We've our own bodged jobs over here (USS Gerald R. Ford, F-35)..

0
0

If I was in charge of cyber security, I would run mostly Linux but ensure that it looked like XP, especially when journos are visiting....

3
0
Silver badge

Re: @Ben1892

@tony2heads

It could have been even worse: it could have been Windows 10...

The laugh about the OS is that ALL current OS's will be out-of-date decades before the ship is decommissioned. So on that basis what is an appropriate OS for something like HMS QE or a nuclear power station?

4
0
Facepalm

Re: @Ben1892

> So on that basis what is an appropriate OS for something like HMS QE or a nuclear power station?

one that you can upgrade from earlier than 8 years after its mainline support ends, worst case, before its extended support ends

if they couldn't predict that the OS won't be supported ("predict" as in read the effing manual) by that time, what other kind of things they are "absolutely confident" about?

0
2
Silver badge

Re: @Ben1892

I had a tour around a nuclear power station some years ago, and was able to gaze into the control room from the gallery. Nuclear power stations run on bespoke code written some time in the 1960's and not modernised much since. They just stuck a new console with a modern monitor in a retro style case at the end of the desk for the modern trendy stuff.

An approach which should have been followed with the QE class carriers, given that they have a design life of 50 years and might last longer than that if the government in around 2060 decides to do a relatively cheap life extension program to allow them to spend more on vote buying schemes instead of a relatively expensive replacement program.

By the time they certify all of the programs for WinX then that'll probably be out of support irrespective of the "WinX will be supported forever" thing from Microsoft. Unless you think that WinX is still going to be in support in 50 years aka 2067. Put into perspective, VAX-11/VMS was released 40 years ago, five years before a little company called Microsoft was formed.

0
0
Silver badge

Re: @Ben1892

Makes one wonder how useful it is to use commodity items - whether operating systems, computers or fork handles - for a military contract. Specifying something more exactly tends to result in the $200 hammer that NASA or the US army is blamed for. But using off the shelf items means updating software, procedures and connected systems when they're changed by the supplier.

tbh, not an easy choice. Paying through the nose to support an outdated OS isn't that stupid in all circumstances. Better to use in-house maintained software, but politicians are keen on stopping that.

3
0
Anonymous Coward

Re: @Ben1892

"Specifying something more exactly tends to result in the $200 hammer that NASA or the US army is blamed for."

As I understand it, the $200 hammer is more an accounting trick for when the military acquires hodgepodge. As one of them put it, the $200 hammer sounds bad until you also learn the $200 jet engine acquired in the same lot.

1
0
Silver badge

Re: @Ben1892

Makes one wonder how useful it is to use commodity items - whether operating systems, computers or fork handles - for a military contract.

That was how it was before the rise of commodity PC's and governments intent on cost cutting.

0
0
Silver badge

Re: @Ben1892

one that you can upgrade from earlier than 8 years after its mainline support ends, worst case, before its extended support ends

Now we are getting somewhere! I suggest there is a very good reason why there are currently systems running Windows for Warships (based on XP) on QE!

Aircraft carriers are big ticket items and don't get commissioned very often. I suspect given the level of co-operation between the UK and US, the QE's systems are based on systems from a previous aircraft carrier (Ford class for which construction started in 2005?).

It would make sense to re-use/build upon existing software, however as noted elsewhere MS really want XP to die, so this platform doesn't have a 50 year future. Also Windows 10 is far too recent for any meaningful (military) applications development to have occurred on it.

So I suggest what has happened is that development to date has largely been focused on XP ie. what is deployed on other carriers, QE provides an opportunity to migrate such software to a new platform. However, to ensure consistency etc. it would be advisable to run both the old and new systems in parallel and compare output - something that can fairly readily be undertaken in the coming years as QE undergoes trials.

So to the causal observer (ie. any one without the relevant security and project clearance) they could see some systems runnng XP and some running something else - without such obvious branding and jump to the wrong conclusion.

Hence I'm more interested on what is seen on QE when she finally enters service in 2020.

Which raises another question, given the lifecycle of Windows 10, it is unlikely to be a Windows 10 derivative, given version 1703 (Creators Update) goes EoL in 2025.

0
0
Anonymous Coward

Clickbait article or real concern?

Is there an exploitable vulnerability to report here? I seem to remember that warships are staffed with armed personnel, and not generally seen dangling Cat-5 cables, offering free wifi access or having a public internet cafe. I may be wrong here, feel free to correct me.

So, yes, it's an old OS - but does it really matter?

17
10
Anonymous Coward

Re: Clickbait article or real concern?

It matters if you can't play Black Ops 2 or Battlefield 4 on it.

11
0
Silver badge

Re: Clickbait article or real concern?

"It matters if you can't play Black Ops 2 or Battlefield 4 on it."

MineSweeper skills could come in handy.

8
0
Anonymous Coward

Re: Clickbait article or real concern?

So long as there's no connection to public networks, no usable USB ports or optical drives, and that the network cabling and core services are physically secure and accessed solely by trusted personnel with active monitoring of users then there's no real problem.

Plus, you don't need a computer network to arm and launch aircraft. Well, that's the idea. We managed without for many decades...

1
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017