"we are less susceptible to cyber than most.”
Most what? Warships? Banks? Pensioners?
The Royal Navy’s brand new £3.5bn aircraft carrier HMS Queen Elizabeth is currently* running Windows XP in her flying control room, according to reports. Defence correspondents from The Times and The Guardian, when being given a tour of the carrier’s aft island – the rear of the two towers protruding above the ship’s main deck …
Less vulnerable than most other systems. Somehow I don't think warships are connected to the Internet, so sneaker net is the only way viruses can be spread. But since everybody is trained not to plug anything in from home, even that risk is very low. Generally speaking (no pun intended), on defense equipment the CD-ROM drives and USB ports are disconnected to prevent potential infection. Finally, it's possible they're running Windows XPe, which will have fewer vulnerabilities since a lot of the services in XP don't ever load.
I just bought brand new pieces of test equipment that use Windows XP. I assume it's the embedded version. And they even have Ethernet ports on them. In the past we have used embedded XP devices on our network all the time and have never been infected.
Somehow I don't think warships are connected to the Internet
The SS Yorktown in 1998 was not connected to the Internet, but a rogue packet in the ship's intranet took the MS Windows XP machines down and it needed to be towed back to port.
Maybe the Royal Navy wants to shows that it is also capable of gross cock up ?
Also, it was in '97 not 98.
"On 21 September 1997, a division by zero error on board the USS Yorktown (CG-48) Remote Data Base Manager brought down all the machines on the network, causing the ship's propulsion system to fail.[5][6]"
https://en.wikipedia.org/wiki/USS_Yorktown_(CG-48)
This post has been deleted by its author
They won't be permanently connected. But it's highly probable they will have Welfare services for the crew, so non operational type services, which the crew will use for contact with home via the communications satellites. It's almost certain they will be able to send and receive email. Send the right attachment and if the crew open it, then that could cause infection, unless they block attachments.
@Bob Camp
"Somehow I don't think warships are connected to the Internet, so sneaker net is the only way viruses can be spread. But since everybody is trained not to plug anything in from home, even that risk is very low. Generally speaking (no pun intended), on defense equipment the CD-ROM drives and USB ports are disconnected to prevent potential infection."
In this day and age, complex IT based systems are not just useful, but necessary for the operation of modern equipment. When you get to the point of human interface, it's often cost effective to use systems that they are familiar with, which is something that both MS and Apple have attempted to exploit since the dawn of desktop computing (to varying degrees of success). It's also often good to have (hopefully encrypted) satcomms so that staff who require information access can use live, interconnected systems for document management, configuration control, etc. etc.
The HMS QE isn't the first military transport that I've heard of that uses a Microsoft desktop product in this way (nor even the first that may or may not still be using XP). I'd be careful about assuming that the risk is low of casual insertion of USB devices though. Quite a few operational systems require more than casual data transfers of system health monitoring data, and there's always the frequent dog watch shifts at 3am where everything is quiet, the boss is asleep, and a maintenance crew member happens to have the latest <insert TV episode or blockbuster movie of choice> in a thumbdrive in their pocket.
"we have absolute confidence in the security we have in place to keep the Royal Navy’s largest and most powerful ship safe and secure.”
MoD, Today
"we have absolute confidence in the security we have in place to keep the UK’s largest and most powerful shits safe and secure.”
House of Commons yesterday - before KGB / GRU / FSB Russian cyber attack.
As long as these Windows XP devices go nowhere near a network or any removable media we'll be absolutely fine.
I was once told the Panavia Tornado used audio cassettes for their stored programs, which may have been useful for spares when practicing for WWIII, but also brought to mind that final scene from Escape from New York. I'm sure that was a perfect complement to their "Blue Circle" radars.
I watched a video last week about the Tornado, looking at it, I would say it must have been made during the early 1980s. They talked about mission data being downloaded by tape, and for the brief moment they showed the cassette tape being inserted, it did look like a standard C90 ! But then there wasn't much else available in those days, you couldn't use the large multi-track tapes that were the mainstay of mainframes, far too big to put that into a small fighter. Magnetic bubble memory didn't come along until I think a few years later when the aircraft was in operational service, so probably not worth the cost of upgrading all the aircraft.
So quite probably FSK modulation in the audio band on to an audio cassette tape. Nowt wrong with that.
far too big to put that into a small fighter
I would agree that there might not be much space available, but have you ever been up close to a Tornado? Small is not a word that would spring to mind, though they are slightly smaller than an F15 but bigger than an F16 most of these war machines are more of 50 feet long and 20 feet to the top of the fin. About half the size of an A320
It was a standard tape and it was used to load mission (navigation) data. In flight, it could be used to play music through the intercom. However, given the musical tastes of Navigators, it rarely was for long!
Blue Circle radar was applicable only to the F2/F3 Air-Defence version; the ground-attack/strike version radar was much simpler and worked well from day one.
Not only does the Tornado use standard cassettes for loading navigation data, but the same tape player can also deal with audio cassettes as well, which apparently comes in handy on long flights when the crew want a bit of background music.
(Here's the nav info being recorded onto cassette, and later being loaded into the aircraft)
Fizzle,
All military kit is old fashioned. As the chappie said, you order this stuff 10-20 years before you get it. Often from a spec that was mostly written before that. Every time you try to change that spec during the build process, the price goes up and the delivery time gets further away. So you tend to plan regular upgrades instead, and deal with the problem while the unit is in service.
So for example, Lewis Page of this parish spent many a happy article complaining about the Eurofighter Typhoon. But the design work for that started sometime in the 70s - where they were trying to guess what aircraft the Soviet Union would be operating by the 1990s, and then build something to be capable of dealing with them. The design work got serious in the 80s, and it was ordered by the mid-80s, just in time for the Cold War to be about to end. At which point who needed a pure air superiority fighter?
But cancelling it meant burning all the money already spent, and sacking all the people involved, plus possibly knackering the companies. So it was considered cheaper to keep going, then modify it to be more multi-role when they'd finished it. Also the price shot up, asl the various nations buying it chose to have fewer aircraft, thus spreading production and R&D costs over fewer units.
Was this mess anyone's fault? Well not really. They had to order way into the future when they thought the Cold War was a serious problem. The only alternative was to buy from someone else - which obviously has less risk. But that means your stuff won't be state-of-the-art by the time you get it, and that you lose the skill and ability to produce your own, should someone ever refuse to sell to you.
These carriers are such large and complex systems, that there'll probably be some bit of kit changed, updated or in testing every couple of months.
"How long would it take a hostile operative to gain control of all the key computer systems?"
If you've got a hostile operative onboard on in-service navy ship then the whole ship is compromised and effectively dead in the water. The chances of this happening - one hopes due to security at the dock and personnel vetting - are insignificant. A far more likely attack vector is The Idiot. The Idiot will pull out a vital cable accidentaly, plug in his usb stick containing a load of ripped mp3s from a pirate site, give the wrong information at just the wrong time etc...
This IMO is rather more likely.
"If you've got a hostile operative onboard on in-service navy ship then the whole ship is compromised and effectively dead in the water. The chances of this happening - one hopes due to security at the dock and personnel vetting - are insignificant."
I'm sure the chances of Edward Snowden happening were considered insignficant as well.
@tony2heads
It could have been even worse: it could have been Windows 10...
The laugh about the OS is that ALL current OS's will be out-of-date decades before the ship is decommissioned. So on that basis what is an appropriate OS for something like HMS QE or a nuclear power station?
> So on that basis what is an appropriate OS for something like HMS QE or a nuclear power station?
one that you can upgrade from earlier than 8 years after its mainline support ends, worst case, before its extended support ends
if they couldn't predict that the OS won't be supported ("predict" as in read the effing manual) by that time, what other kind of things they are "absolutely confident" about?
I had a tour around a nuclear power station some years ago, and was able to gaze into the control room from the gallery. Nuclear power stations run on bespoke code written some time in the 1960's and not modernised much since. They just stuck a new console with a modern monitor in a retro style case at the end of the desk for the modern trendy stuff.
An approach which should have been followed with the QE class carriers, given that they have a design life of 50 years and might last longer than that if the government in around 2060 decides to do a relatively cheap life extension program to allow them to spend more on vote buying schemes instead of a relatively expensive replacement program.
By the time they certify all of the programs for WinX then that'll probably be out of support irrespective of the "WinX will be supported forever" thing from Microsoft. Unless you think that WinX is still going to be in support in 50 years aka 2067. Put into perspective, VAX-11/VMS was released 40 years ago, five years before a little company called Microsoft was formed.
Makes one wonder how useful it is to use commodity items - whether operating systems, computers or fork handles - for a military contract. Specifying something more exactly tends to result in the $200 hammer that NASA or the US army is blamed for. But using off the shelf items means updating software, procedures and connected systems when they're changed by the supplier.
tbh, not an easy choice. Paying through the nose to support an outdated OS isn't that stupid in all circumstances. Better to use in-house maintained software, but politicians are keen on stopping that.
"Specifying something more exactly tends to result in the $200 hammer that NASA or the US army is blamed for."
As I understand it, the $200 hammer is more an accounting trick for when the military acquires hodgepodge. As one of them put it, the $200 hammer sounds bad until you also learn the $200 jet engine acquired in the same lot.
one that you can upgrade from earlier than 8 years after its mainline support ends, worst case, before its extended support ends
Now we are getting somewhere! I suggest there is a very good reason why there are currently systems running Windows for Warships (based on XP) on QE!
Aircraft carriers are big ticket items and don't get commissioned very often. I suspect given the level of co-operation between the UK and US, the QE's systems are based on systems from a previous aircraft carrier (Ford class for which construction started in 2005?).
It would make sense to re-use/build upon existing software, however as noted elsewhere MS really want XP to die, so this platform doesn't have a 50 year future. Also Windows 10 is far too recent for any meaningful (military) applications development to have occurred on it.
So I suggest what has happened is that development to date has largely been focused on XP ie. what is deployed on other carriers, QE provides an opportunity to migrate such software to a new platform. However, to ensure consistency etc. it would be advisable to run both the old and new systems in parallel and compare output - something that can fairly readily be undertaken in the coming years as QE undergoes trials.
So to the causal observer (ie. any one without the relevant security and project clearance) they could see some systems runnng XP and some running something else - without such obvious branding and jump to the wrong conclusion.
Hence I'm more interested on what is seen on QE when she finally enters service in 2020.
Which raises another question, given the lifecycle of Windows 10, it is unlikely to be a Windows 10 derivative, given version 1703 (Creators Update) goes EoL in 2025.
Is there an exploitable vulnerability to report here? I seem to remember that warships are staffed with armed personnel, and not generally seen dangling Cat-5 cables, offering free wifi access or having a public internet cafe. I may be wrong here, feel free to correct me.
So, yes, it's an old OS - but does it really matter?
So long as there's no connection to public networks, no usable USB ports or optical drives, and that the network cabling and core services are physically secure and accessed solely by trusted personnel with active monitoring of users then there's no real problem.
Plus, you don't need a computer network to arm and launch aircraft. Well, that's the idea. We managed without for many decades...