That’s “Yet Another Really Bad Idea”. Arguably the worst one yet.
If you agreed with me that the electronic license plate was a bad idea, wait’ll you get a load of this one.
According to a story in The Atlantic last December, the Air Force is planning to make “a missile for the modern age”. In other words, a missile with a network connection.
The Air Force Scientific Advisory Board will be conducting a study this year on how to make it happen. Not if they should make it happen, but how.
If you don’t see why this is a bad idea, take a look at Eric Schlosser’s recent piece in The New Yorker.
My trepidations have nothing to do with who’s in charge of the military or who’s running the Department of Energy. They’re all about the path technology has taken in recent years. The first step has been to provide the network capability. Then comes the ability for “learning”. Security, if it comes at all, is a distant last.
Do we really want our missiles to talk to each other and the early warning systems and make their own decisions about whether the US is under attack? Look how well that sort of capability has worked out for “smart” thermostats that learn when you change the settings and begin to anticipate your needs. Or smoke detectors. Remember the Nest smoke detectors that all started screaming when one of the set had a false alarm–and none of the could be be shut off?
Even if the missiles remain “dumb” and the network connectivity is only used to transmit maintenance and self-test data, how long is it going to be before someone decides that security testing is unnecessary because the devices will only be connected to a private military network, or an even more restricted local-to-the-base network?
Even if we ignore the possibility of an unauthorized connection to the Internet being set up in the name of “convenience”, let’s not forget about all of the research that’s been done by the NSA and other “interested parties” on remotely accessing computers that aren’t networked at all. There’s not such thing as an unreachable computer these days if someone is willing to devote time and money to reaching it.
So someone reaches the missile through that network connection. What can they do? It’s only for maintenance, right? Are you confident that there’s no connection between the monitoring and maintenance hardware and the command and control system? I’m not. What’s the point of monitoring the missile remotely if you can’t test the functionality of the launch system?
I can’t argue against the need to update the technology behind the nuclear arsenal. There’s a limit to how much you can do to interface modern systems with 1970s technology. BART is having increasing difficulty expanding opening new stations and increasing capacity because they can’t hook up modern trains to the ancient computer systems, and I’m sure the Air Force has similar concerns about the Minuteman system.
But updating the off-missile systems does not require updating the missiles themselves. Keep them offline and make damn sure that humans stay in control of the decision loop.