Do nuclear shitholes produce new PALs? And why is the US implementation still classified? With modern tech you could bang out a first-draft prelease, toss it on github, and formally verify it in a month.
Permissive Action Link
Do nuclear shitholes produce new PALs? And why is the US implementation still classified? With modern tech you could bang out a first-draft prelease, toss it on github, and formally verify it in a month.
>makes unsafe nuke
>"local radicals" steal it and glass your shithole capital of Tehran
Don't spoil the fun
Bruh the US supposedly had spent 100 million nuka cola caps by 2007 to "prepare pakistan to safeguard its nukes" in alternative ways because USG decided it wouldn't be legal to share PAL with them.
Imagine being given 100 million dollars of secret graft playtime funding to replace the functionality of a bike lock on mudslime nukes
Security by obscurity anon, to have a standing chance against one of these you need to fulfill one of the following:
>have a code from the NCA/whoever
>have someone who can somehow bypass it for maintenance purposes or whatever (unlikely)
>have an insider who can smuggle out enough info for you to figure out how to break it before going in
>reverse engineer it without ever having seen it in person/seen any documents, get really lucky, and have it work first try
>be extremely careful, extremely lucky, and have a significant amount of time alone with the warhead
Remember anon, part of the security model is that if you make any attempt to breach a base holding nukes you get the entirety of the USAF's security forces rammed up your ass, plus whoever else decides they want some action. Why would they give you the fricking blueprints for these things? They want you to have to make an effort to figure out how it works before you go in, since that raises the barrier to entry. Giving any random shithole a PAL defeats that point. Remember, even if you can't get the nuke to detonate the PAL still serves to keep the weapon tamper-proof according to some sources. IE if you try to get the nuclear material out it blows up.
Meh, it's not obscure to the threat actors who would go after nukes. You can probably buy all kinds of info on them from the russians and frogs, too.
This only makes sense if the only threat you are concerned about is theft of your own nukes. If others have nukes that might be stolen you want them to have good locks too.
The purpose of PAL systems is in addition to preventing a 3rd actor from stealing and using the bomb, to prevent unauthorized friendly use of nuclear weapons. In the US atleast the president is the sole nuclear authority, and this means in practice that nuclear subordinates are physically unable to use their weapons without PAL activation from near-presidential authorities, joint chiefs of staff or whatever.
It was a real concern back in the '50s or '60s that e.g., an airbase at the risk of being overrun would have a local commander order nuclear weapons use
Didn't an investigator find record evidence that the USA secretly gave PAL technology to the Soviet Union shortly after the Cuban missile crisis. Soviet leadership held deep set fears a rogue element in their military could try to use a nuclear weapon on the battlefield without permission by the Politburo. The Americans knew this and basically said "here, have this. We recommend these. Here's how they work and documentation. Impliment them if you want."
This is an American kill switch, no sane nuclear country would adopt this.
open sores cultists are a fricking plight upon the earth
Look up what "formal verification" means and then look up why the US shared PAL in the first place. Then acknowledge, explicitly, by written reply that you are a homosexual.
sorry buddy you didn't make a pull request with the correct ticket # attached so go frick yourself
I don't pull, I push. Open wide.
US shared PAL designs because the threat of lack of negative control over nuclear weapons by the soviets was much greater than the threat of them bypassing PALs in US weapons or learning any new weapon design information, at the time there was roughly a tech parity. Nobody else got the designs since then. No matter how much validation and testing you do to your systems, physical security is nothing like IT as it always relies on a degree of obscurity and time delays before the attackers break through the security boundaries, that's why it's impossible to publish anything like that freely or even share it with countries that aren't the best at guarding secrets
correct, know-it-all code monkeys as well
>US shared PAL designs because the threat of lack of negative control over nuclear weapons by the soviets was much greater than the threat of them bypassing PALs in US weapons or learning any new weapon design information
Obviously. But this is a structural problem with shitholes and nukes, not one that was only relevant at a particular time in history (end of cold war).
>Nobody else got the designs since then.
Seems like we don't know this for a fact. In particular, I haven't seen any good public info on whether things changed with china after the clinton administration, and whether israel has ever been approached at all.
>No matter how much validation and testing you do to your systems, physical security is nothing like IT as it always relies on a degree of obscurity and time delays before the attackers break through the security boundaries
Physical security and information security are intertwined things. It's not useful to contrast them here, because arguments like
>"you can find a side-channel attack in a cryptosystem"
>"you can hit the guy with a wrench til he talks"
>"curve x is vulnerable so don't use it for important application y"
>"any safe can be cracked if you have welding tools and time"
are all about the time it takes to defeat the system. The eventual defeat is a given.
>always relies on a degree of obscurity
Security through obscurity is regarded as a fallacy for good reason. It's a transformed false dilemma between defense in depth and independent auditing. You can have both. There is no dilemma.
>impossible to publish anything like that freely
But they already do. We're talking about it right now. Compared to the likes of stuxnet and xkeyscore – cyber tools that were actually kept secret, for a time – PAL architecture might as well be public domain.
That you, mikeeusa?
Interesting. https://files.catbox.moe/cs4bwp.pdf
That doesn't sound like a 100% statement that they use public key cryptography but it does sound like they use something of that nature. Interdasting anon, good work.
>why is the US implementation still classified?
Probably because it's less than ideal and making it public would force them to spend money on a better version.
In light of
, I wonder even more than I did when I made the thread, how they're going to be able to handle the transition to post-quantum crypto standards without either open sourcing or knowingly leaving every non-US PAL vulnerable to any threat actor sophisticated enough to exploit pre-quantum crypto.
Arms control is basically dead and cooperation amongst us-china-russia can't be expected. Opening up the US specs and trying to strongarm the other official nuclear weapons states into adopting them might be the only realistic move.
>amongst us
>amoxi
nooks
USAF safety doc for strategic bombers has been updated this January. https://static.e-publishing.af.mil/production/1/af_se/publication/afi91-111/afi91-111.pdf
1988. Rethinking the Nuclear Weapons Dilemma in Europe. https://files.catbox.moe/jnt6cl.pdf
Even when regulations were observed, the two-key system did not guarantee that nuclear weapons would remain under American control. For example, following a 1961 fact-finding trip to US missile bases in Europe by members of the Joint Atomic Energy Committee, the executive director of the committee said, "We were scared stiff by what we saw ... we wondered what would happen if, for some reason - two NATO states falling out, perhaps - the Turk [i.e. a non-U.S. missile control officer] decided to overpower our man [the US officer] and take away his key? Why, the Turk would have himself a modern weapon, that's what."[3 ]
>The Soviet Union's attempt to install intermediate- and medium-range ballistic missiles in Cuba in October 1962 resulted in the most serious post-Second World War crisis in Soviet–American relations. Curiously, despite the seriousness of the crisis, the Soviet Union failed to order a full alert of its missile forces.[10] The Kennedy Administration felt that one reason for the Soviets' failure to order a full alert was due to Soviet decision makers' lack of confidence in their command and control procedures. Consequently, President Kennedy and Secretary of Defence McNamara 'decided to make the Russians aware of our permissive-action link system',[11] and on 19 December 1962, at an international arms control symposium at the University of Michigan, one of McNamara's assistants, John McNaughton, delivered a speech in which he described, in general terms, the American PAL system. According to reports, US scientists, with the blessings of the Kennedy Administration explained US PALs to Soviet scientists who attended the 1963 Pugwash meeting in Dubrovnik, Yugoslavia.[12]
This is kind of fascinating for how plainly ass-backwards it is according to modern geopolitical norms and in light of many decades of nuclear sabre-rattling from the vatties. In the modern era, enabling greater safety margins would just be seen as free license to double-down on brinkmanship, and therefore to be avoided if at all possible.
>The United States has considered providing information about PALs to both its friends and foes on at least two other occasions. In its final report completed in 1965, the Committee on Nuclear Proliferation, chaired by Roswell Gilpatric, concluded: 'We should consider appropriate assistance to the United Kingdom, France and the Soviet Union in connection with the development of [deleted] and safety devices for their respective weapons.'[13]
An interesting [redacted].