One of the arguments the US military frequently makes for its huge investments in cutting-edge technology is that enormous levels of spending are needed to ensure America doesn’t lose ground in the perpetual technology arms race with other countries. From missile defense shields to the F-35, the US military spends huge amounts of money on expensive military hardware. As a recent report from the General Accountability Office (GAO) makes clear, however, much of the high-tech military equipment in the field today is backed up by some extremely antiquated hardware.
The report notes that the Strategic Automated Command and Control System, (SACCS) is responsible for coordinating “the operational functions of the United States’ nuclear forces, such as intercontinental ballistic missiles, nuclear bombers, and tanker support craft.” According to the report “It runs on an IBM Series/1 Computer — a 1970s computing system — and uses 8-inch floppy disks.”
That sounds pretty terrible, and it’s certainly the claim repeated in headlines across the Internet today. And there’s definitely truth to it — reports from back in 2014 highlighted that the Air Force was still using 8-inch floppies and 70s-era technology to run its nuclear silos. There are, however, some inconsistencies in the GAO report and some advantages to using such ancient technology.
First, let’s talk about the report itself. While we’re not contesting the quality or nature of the work done by the GAO, there are some questionable statements in the documents that aren’t well-explained. The table below is a list of the oldest systems still in deployment within the US government. Compare the descriptions of the systems we’ve boxed in red with the agency-reported ages.
We feel safe in guaranteeing that no computers built 52-46 years ago are running Windows Server 2008, executing Java code, or using Microsoft .NET. What’s being somewhat ignored in the press is that this is a list of the oldest systems still running, not the average age of computer hardware used in the government.
“Fair enough,” you might say, “But 50+ years is still really frickin’ old. Why would anyone still want to use equipment that ancient?”
It turns out, there are some significant advantages to having computers nearly old enough to qualify for social security. Take those 1970s IBM Series/1 with the 8-inch floppy disks. Let’s say you wanted to penetrate one of those computers. How would you do it? There’s no modern network to hack and no USB drives to serve as an infection vector. You can’t load a boot sector virus or firmware trojan: These systems lack hard drives, and they probably don’t have updatable firmware. You won’t be transferring data via the computer speaker or microphone, the Series/1 computer IBM built back in 1976 has neither. There’s no GPU to exploit either — systems back in this era rarely had framebuffers, much less graphics cards capable of any kind of independent execution.
The downside to this kind of security, as the GAO points out, is that the cost of maintaining these legacy systems gets higher every year, and the mismatch between their capabilities and what might be required in case of an attack grows larger. Moving to modern computing hardware has significant advantages, including better UI options, faster system updates, and the ability to process orders of magnitude more information per second. But this additional performance has to be balanced against other increased risks and the need to ensure that system migration can be performed flawlessly. Supposedly the Air Force will migrate to new systems by the end of 2017, and retire its old 1970s hardware for good.
Of course, that’s just one system, and the government apparently has far more than one obsolete rig that needs to be replaced. But relying on 1970s-era equipment isn’t quite as crazy as it might seem at first glance.