Lessons will be learned...
How come the person who sent the alert could get away with refusing to be interviewed?
The individual who sent an emergency text to everyone in Hawaii warning them of an imminent missile attack did not hit the wrong button as first claimed – and was actually convinced a real attack was happening. That's according to a report published Tuesday by America's comms watchdog, the Federal Communications Commission ( …
>>> How come the person who sent the alert could get away with refusing to be interviewed?
Probably a combination of jurisdiction (the Feds have a hard time compelling State govt. apparatus) and civil service rules. Without probable cause to suspect a crime, the Feds can't get a warrant and have to rely on co-operation.
>On the flip side - this is pretty much what drills are designed to iron out
Right. Which makes the idea that
"The decision to run a no-notice live drill on a shift change is also met with raised eyebrows. "
seem a bit daft. They had problems with their system that this drill uncovered - some of them sound like problems they might have predicted but still it's better to know about them than not.
They had problems with their system that this drill uncovered - some of them sound like problems they might have predicted but still it's better to know about them than not.
Agreed. While this isn't the right way to run a drill, it did reveal problems, and according to the reports I've seen there were no related deaths or injuries (which there well could have been, in a panic). As a screw-up, it definitely falls short of classics in the field, such as the Great Disappointment.
Given a choice between recent embarrassing US government escapades, I'd take the Hawaii Missile Scare over Trump's State of the Union blathering. (Though to be fair the SotU speech is rarely substantive or interesting, regardless of who's in the Oval.)
seem a bit daft. They had problems with their system that this drill uncovered - some of them sound like problems they might have predicted but still it's better to know about them than not.
That is my thought on it. This is why we test; not to fill out a checklist that says "we tried this, it worked", but to find where things break. If you haven't broken something by the end, you haven't really tested anything.
wtf was that link to? and I quote,
"I mean, really: How weird is it that this happened twice within two days? Very. You think this was an accident? You think a fuck-up this epic wasn’t focus tested ahead of time by the lizard cabal that lives at the center of the Earth? Get fucking real."
I mean seriously, center is spelt centre for fuck sake.
Back to the story I'm guessing the local supermarkets will be having their "New Baby Event" sales in October this year.
In the rest of the world, centre is used as center. To further confuse you, many folks take the two spellings as separate meanings. Center is treated as the word for a place or institution and centre is considered as the word for the middle point of something.
...boots, bonnets, bog rolls, flats.
...and the lizard people at the center of the Earth? Most Reg readers are familiar with the concept and are simply waiting to see who rules us in the end; The lizard people or the robot overlords.
My money's on robotic lizard people.
More like helps preserve your teeth by preventing you from slamming face first into the seat in front of you. And better transferring any forces from a crash through the seat, minimizing injury. There is plenty of research on the brace position, and most of it is public. There is no reason to be spouting crap like that. The "the brace position is designed to kill you so the airlines don't have to pay for disabilities" bullshit conspiracy is believed by enough people already. Let's not add to it.
We had one of those too. Confusingly, it was also used for flood warnings after 1953 (not that our area ever flooded, although the river did get a bit close to the top a few times). They'd test the siren twice a year but most people never saw the notice in the local paper, so it just got ignored. They finally took it down in the late 80s, after the threat of nuclear war was judged to be minimal. Naturally the river burst its banks the year after.
One's a cut of beef, the other is a violent whirling wind accompanied by a cloud that is shaped like a funnel which moves overland in a destructive, narrow path.
Peh-cahns are for eating, pee-cans are for truckers.
And amonds are amonds ... To harvest them, you shake the L out of the trees.
In the UK it's suddenly become OK to pronounce the "l" in almond, with a short a as in the abbreviated name "Al". [Mr. Al Mond]. To my ear it sounds horrible and artificial. Perversely "Ralph" is often now pronounced "Rafe". Celebs who have been known as "Ralph Somebody" all their lives are now mysteriously transformed into Rafes.And while I'm on a mini-rant a macaroon type cake has now become a "macaron" They've been macaroons for the whole of my life, perfectly acceptably so. Suddenly they've been made into mac-a-bloody-rons FFS.
There's a series of sirens in the Middle Neck of Virginia, around the Surry nuclear power station. They have to test those once a month. Thing is, the test siren (a couple long blares) has a totally different pattern from an actual energency siren (which has short blares).
I found this rather puzzling "... the Emergency Management Agency (EMA) starts calling TV and radio stations to get the message out but its phone lines become clogged as the public try to find out what is going on."
So that means EMA depends on the public networks for emergency communications with the media?!? That seems to be asking for trouble. I appreciate it might not be as easy to set up fixed circuits to a few key media as it would have been in the days of analogue telephony. But surely they could provide some alternative channel - carrier pigeon, if need be (https://www.gchq.gov.uk/features/pigeon-takes-secret-message-grave).
"Semaphore code using brightly coloured grass skirts signalling arm and body movements."
Lost in the horizon due to the distances between islands, unless you're of the Flat Earth cult who honestly believe that's the opposing beach you see across the miles of ocean between islands.
As for radio, one good typhoon or volcanic eruption will knock out all the power to the radio transmitters (including the backups).
The sirens go off here, Oahu, for approaching hurricanes and possible tsunamis. Often there is a sub 1ft wave or a not too destructive storm. Every couple of months our phones blare with flash flood alerts which affect parts of the island. Monthly the sirens go off in tests now including the attack warning. On occasion a local siren or two go off for no reason.
Our state is often very inefficient. We feel the need to reinvent everything before deploying it even when others have a successful model.
I was not surprised we would have an error so only thought there was an off chance of casualties other than heart attacks and deaths caused by panic.
When I used run drills on sensitive equipment, we would have a drill team member stationed by each control station where actual damage could be done. The chain of actions and responses would run its course until the very end when the drill team member would cover the switch or valve with their hand and inform the operator that the switch was now "simulated pressed", etc. If they want, they can hire me to go out to Hawaii and do the same for them. My rates are very reasonable.
As a result, the day shift supervisor "was not in the proper location to supervise the day shift warning officers when the ballistic missile defense drill was initiated" – which is probably code for he was sat on the toilet.
In the circumstances, not entirely surprising. Jolly lucky to have got there in time while there was a cubicle vacant, IMHO.
Must have run like hell before the fallout, if you see what I mean.
I would think it far better to risk false alerts than to have a real one and not have an alert going out. In the spirit of that thought, I would think a system that makes it easy to send a real alert - which is also going to make sending false alerts easy - would be preferable over too many safeguards against false alerts.
Yes, there are lessons to be learned here, but it sounds almost as though the measures they're taking are going to add up to a minute or two to the process of alerting people in the event of a real attack, which is one of those situations where you absolutely do not have seconds to waste. Might they be taking things too far in the other direction?
>I would think it far better to risk false alerts
Problem 1 is you look like incompetent boobs and risk the classic "Cry Wolf" syndrome.
Problem 2 is if people actually take you seriously there are real world consequences.
RWCs is the reason Houston was NOT evacuated during Hurricane Harvey this past summer. They had a pretty good idea some place near Houston would get gobsmacked...but not exactly sure where.
Hurricane Harvey claimed about 80 lives in the Houston area.
Hurricane Rita had claimed 113 lives -- 107 of which were attributed directly to the chaos caused by the evacuation orders issued for that storm.
FWIW, Massachusetts has a world-class civil defense organization.
Separate systems for Test & Prod, takes two on-duty operators to initiate the process, and then one of the top 3 executives of the agency has to approve it, presumably with the job requirement one of the three is always available in a relatively developed part of the state so they can be reached easily.
(And hopefully they have the "break glass in case of emergency and rip open this envelope" with the backup authorization codes for when Bob & Joe are on vacation and Fred just died of a heart attack)
Point being it would take deliberate collusion and just not a normal confused cock-up to send a false alert.
"Point being it would take deliberate collusion and just not a normal confused cock-up to send a false alert."
Not necessarily. Never underestimate Murphy. We don't know if there is a "break glass" scenario for the unlikely-but-not-impossible scenario that all three executives (and anyone else with the possible authority) can be dead, unconscious, or otherwise incapable of performing the duty at the same time. The Hawaii scenario along with many other faultless engineering disasters show it is possible to "thread the needle" and bypass every single failsafe and still fail spectacularly.
Various militaries use the "This is NOT a drill" when the real crap hits the rotating air movement device. They recognize the problem and it's a real one. Complacency sets in with "alerts" even fake ones. Better to just use a test message like "this is a test of the emergency system..." and not much more. Save the flashing lights, ah-oga horns, etc. for the real thing.
I'll use the old saying from the military and it pretty much fits a lot of these types of things: "Even with all the training, after the first 30 seconds in contact with the enemy, all bets are off." Practice and training only gets you so far. So yes, a real emergency will test and prove everything.
So the drill message said both "exercise, exercise, exercise" and "this is not a drill"?
Just in case of someone fucking up in a whole different way, I'm not surprised the ysent it out. What if the same message was played out in a real scenario and no one got the alert, then there really would be trouble.
The drill message shouldn't have stated it isn't a drill, doing so may have panicked the operator who took least damaging option.
The whole point of the phrase "this is not a drill" is that it should *only ever* be used in a live situation - for example, when a nuclear attack just happens to occur around the time of a scheduled test, and there otherwise might be confusion as to whether the event is the test or not. IMO the operator behaved perfectly correctly to rely on this information.
If you are going to parrot this phrase in both live and test scenarios, then it has no value and should be dropped entirely.
Honest question. Why is there an aversion these days to unannounced tests, given the reason for preparedness drills in the first place is to ensure procedures are followed in as close to emergency (read: unannounced) situations as possible? Yes, it's nerve-racking, but acting as a disaster sentinel will inevitably be nerve-racking because disaster can come at any time...without notice.
@Charles 9 - I guess it depends on the situation - people are much more mentally resilient to "There's smoke coming from one of the toasters in the staff restaurant, please leave the building in an orderly manner - actually not really, it was just a test", than: "There's an incoming ICBM. These are the last few minutes of your life. You will never see your wife or your young children again, your last thoughts will be imagining your terrified children at school crying for you and you can do nothing, nothing to ease their fear. Ha! Psych! Not really!"
I recently saw a bit of video from the '70s or '80s showing an RAF early warning centre going through a training simulation of an attack being launched against the UK and it sent shivers down my spine.
Watch threads then come back and reread what you wrote
here is a snip https://www.youtube.com/watch?v=MrHoMSRZOS4
when the wind blows one to view
And the US version of threads
a snip https://www.youtube.com/watch?v=7VG2aJyIFrA
Rather like those irritating people who say things like, "she literally exploded" or "he was literally incandescent".
At first I was just annoyed, until I realised that those people probably believe that "literally" means "figuratively" - and they never learned the word "figuratively".
Apparently people have forgotten about the (apparently false rumors around the) first airing of 'The War of the Worlds' back in 1938. https://en.wikipedia.org/wiki/The_War_of_the_Worlds_(radio_drama)
If you miss the "exercise, exercise, exercise" bit at the start, hear "this is not a drill" and start your reaction procedures, you're not going to hear the "exercise, exercise, exercise" at the end of the recording.
Following an incident when our rescue exercise resulted in a coastguard helicopter (when a member of the public overheard) we had a policy of shouting "pizza" rather than "help" during the drill
So far no passing do-gooder has decided to dial for an emergency takeout
"So far no passing do-gooder has decided to dial for an emergency takeout"
But someone might still dial for the Coast Guard anyway on the assumption the victim is not in the right frame of mind and is therefore calling out, "Pizza!" when he really means to call for "Help!" meaning it's not just an emergency, it's a life-and-death emergency if his mind is that far gone.
Frankly, there mere presence of a man struggling in the water, voice or not, is going to be enough to trigger a 911 call unless it's made quite clear to all present ahead of time that a drill is taking place. It's like working in a store and a man stumbles in all cut up and bleeding. Barring advance notice, the first thought here is to call 911. And of course, someone will just stage a REAL emergency at the same time as the drill in order to spread chaos.
....for a large, international corporation (the facility I work at is the size of a small city, with 5500 employees, and they have similarly large facilities in Canada, Australia, and Europe), I can certainly understand how something like this goes down. At the company I work for now, the alerting system can sometimes be ambiguous. It has four basic levels of panic: Green (meaning resolved/benign), Yellow (meaning change in status- check me out), Orange (meaning someone should really look into this), and Red (meaning get your ass over here post haste!).
Many of the Yellow alerts are actually important: very, very important: it might mean that the temperature is low enough that something like a water pump won't work because it's iced up (this is northern Minnesota where -20F is routine Dec-Feb, sometimes weeks at a time). Conversely, a Red alert might be something as benign as a GFCI breaker tripping, one which powers/effects nothing. For someone who is only instructed that yellow can wait, but red means ASAP, that often means that a GFCI outlet gets reset in 20 minutes, but a frozen fire-water pump has to wait three days until a crew with blow-torches and heaters can thaw it out, sometimes having to wait another week until the burnt-out motor can be replaced.
Many SCADA systems are designed similarly (in my experience) and I would assume that the sort of system used by the HIEMA would also be similar to that of our vendor, who specializes in emergency alert/management systems (and who also claims to offer services to state, national, and international organizations).
Many of the alarms I have to resolve manually involve what would be, to the typical person, very ambiguous status updates, often updated frequently, from systems that have/are:
1) poorly configured (the client has no real notion of what's important or not, especially if they have been operating 100+ years), yet they demand that this and that are real emergencies, even if they're not. Everything is important, throw it at the wall and see what sticks.
2) overly sensitive (loosing communications with remote sensors for 3 seconds might trigger a Red alert; if this happens frequently, the PIC becomes numb to red alerts and simply resolves them all, even if the alert is "MELT DOWN IMMANENT: EVACUATE 100-MILES NOW", where as neophytes are sending in 10 reports a minute regarding a radio link that went down for 30 seconds)
3) no protocol for verification: there is no person in the department involved available to verify that there might be an explosion, fire, zombie invasion, etc. The rational for this often involves obscure union lore and tradition where 90 years of collective bargaining amounts to: "it's not my job; unless there's overtime At double scale." That, or as this report implies, they were experiencing a life changing bowel movement when the pretend apocalypse was occurring.
This is NOT to say that such scenarios should not be planned for. Lord knows I've been involved with enough to know that not every event you think is a drill is not in fact a serious event, but that these things need some level of actual coordination among the PICs. Right Hand, meet Left Hand. For two supervisors to perform this sort of drill (one of which is apparently ignorant of the fact that this is a drill), then passing the blame to the person who pushed the button is inexcusable. If anyone should be reassigned/punished, it should be the first shift (midnight) supervisor. Send s/he back to the dispatch chair for a spell to relearn what it means to be grunt, and why clear, unambiguous commands are important in any large security scenario. The person who actually pushed the button should be cautioned- verify with your supervisor even if s/he's dropping a deuce.
Even where I work, this proposed excuse is one that is viable, and indeed something similar has happened before. But it happened long ago, and remedies and protocols have been put in place since then so that there is a minimum of 10 minutes of overlap time occurs between shifts where proper passdown can happen among everyone; Various team leads both verbally and via email inform each other of impending drills, continuing incident's, and the like. Scenarios like drills and tests are forwarded to shared email accounts (locally hosted dedicated IBM Notes, no less, isolated from our slow/intermittent Outlook 365 cloud system- this is northern Minnesota where even enterprise broadband can be spotty) where all authorized parties see the same messages. This creates an unambiguous chain that can be followed to see where communications broke down. You do not, in this day and age, in public or private sector security/intelligence simply rely on "oh, I thought I told so-and-so...", to cover your behind. Document, verify, and if all else fails, follow your standing orders and watch as sh!t miraculously defies gravity and rolls uphill.
<quoteblock>The drill was started at 8.05am with the call pretending to be from US Pacific Command. The alert was sent just two minutes later, at 8.07am. </quoteblock>
if it takes 2 minutes to send the warning after receiving it, theres probably little point sending anything as the missile would be over peoples heads by the time they received the warning and tried to react to it.
Does anyone know how long the warning was intended to provide people?
IIRC in the uk it was a 3 minute warning of imminent nuclear missile ballistic attack. Many would be dead before they got the message if nit took 2 minutes to send the message from first report.
I'm really surprised they don't have a message already primed and ready to go and a BIG RED ROUND BUTTON behind a perspex box that sends it. The test message button could be a BIG BLUE or GREEN SQUARE behind a perspex box with appropriate warnings that its the test button on the opposite side of the room that sends it.
"if it takes 2 minutes to send the warning after receiving it, theres probably little point sending anything as the missile would be over peoples heads by the time they received the warning and tried to react to it."
Nonsense. An ICBM launch should be detected and identified within 5 minutes of launch, leaving roughly 15 to 30 minutes, depending on specific circumstances, to react.
Depressed trajectory close in SLBMs give much less time, but they are a special case, and would probably be held back for second strike use, given much higher survival chances.
"The individual who sent an emergency text to everyone in Hawaii warning them of an imminent missile attack did not hit the wrong button as first claimed – and was actually convinced a real attack was happening".
Of course they fired him anyway. Politicians.
Not a bad article, though it may not really be answering any questions or even suggesting anything constructive and new: every professional designing software for life-critical use has known for-simply-ever that you expect, await and cater for the inevitable chain of screwups, misunderstandings, misapprehensions and carelessness that is the wont of busy and even clever people. The airline industry is probably the best modern example of how you learn from mistakes at the human-software interface. One thing that is clear from the article is that the system UI design was amateurishly and completely unfit for purpose.
But I do wonder whether the Reg's characteristically juvenile hyperbole helps:
" ... resulting in over a million people believing that they would shortly be hit by a nuke. ... The vast majority of Hawaiians are still unaware that it is a false alarm and are in panic mode."
Is any of that actually true, at all? Or would it be more accurate to say:
"The vast majoirty of Hawaiians were mildly perturbed to be told that the Norks were testing yet another missile, which, if the dummy warhead did make it across the Pacific, and if it didn't splash in the sea someplace—since no one really believes Fat Haircut Boy would be stupid enough to launch unprovoked nukes at US soil—might by accident, at the very worst, deposit half a tonne of warm tungsten fragments in a Cheesecake Factory car park."
So: did the breathless exaggeration make the story better?
Corporation have so bombarded users with EULA's that I would wager that 99.9% of all people that have used a PC-based computer running a Windows OS have been conditioned to just click any and all "OK" messages whenever they see one without ever reading the details.
That's probably what happened here. You can't really blame the guy..
(I resisted using the much-too-obvious nuke icon)
"However, it is also possible that this version of events is also untrue, and the warning officer simply screwed up first by choosing the wrong option, and then refused to pause when given the warning prompt. He or she could simply be protecting their job and reputation."
According to the BBC report, the warning officer has been a "source of concern" to colleagues for years, and has confused drills with real alerts multiple times in the past. He's also been fired. It's possible everyone else is conspiring to use him as a scapegoat, but it's fairly unlikely that he's trying to protect his own job or reputation, given that he no longer possesses either. Given that two of the people in charge have also resigned, such a conspiracy also seems unlikely; it really was just a massive screw-up all round.
Biting the hand that feeds IT © 1998–2019