Hacking Weapons Systems

Lukasz Olejnik has a good essay on hacking weapons systems.

Basically, there is no reason to believe that software in weapons systems is any more vulnerability free than any other software. So now the question is whether the software can be accessed over the Internet. Increasingly, it is. This is likely to become a bigger problem in the near future. We need to think about future wars where the tech simply doesn’t work.

Posted on March 26, 2021 at 8:41 AM32 Comments


Clive Robinson March 26, 2021 11:18 AM

@ Bruce,

Basically, there is no reason to believe that software in weapons systems is any more vulnerability free than any other software.

Err it depends on what you are comparing. If “like for like” then yes you would expect them to be similar. Thus an Avionics system in both Civil and Military aircraft I would not expect to be that much disimilar.

But comparing a military aircraft avionics or misile guidence system with a one dollar download in the Apple Store or other “walled garden” I would expect the app to be very much diffetent.

I’ve written both Safety Critical and Fast Moving Consumer Goods software in my time both at the assembler level. Whilst I used very similar design methodology and in design testing, I know that conformance paperwork and post development pre production testing were way way more indepth on the Safety Critical stuff.

In part the reason they were treated the same in development was down to me, I’ve been in code shops where the development was abouts as sloppy as you could get, as the emphasis was “slapping the features in” rather than taking a little more time up front to save a lot of time down stream a ways.

@ ALL,

I’ve found that if you get the foundations and structure right then the rest kind of drops comfortably in place. However trying to rush the foundations and structure almost always leads to poor quality rework and worse…

Engineers generally know how to do things well, if they have the time to do so. Managment on the other hand have a different view point, that unfortunately they are alowed to get away with way more often than they should.

As was once noted and has been attributed to John Glen,

“I felt exactly how you would feel if you were getting ready to launch and knew you were sitting on top of 2 million parts… all built by the lowest bidder on a government contract.”

That’s not what you want those under flag to be worrying about, when facing off with another nations millitary.

As noted by George Patton,

“No dumb bastard ever won a war by going out and dying for his country. He won it by making some other dumb bastard die for his country.”

We don’t want to be turning our own into “dumb bastards” just because those in charge trot out brain dead mantra’s about doing more with less, thus giving others more profit than there should be because we are doing it on the cheap by not doing things either safely or properly.

Winter March 26, 2021 1:13 PM

“I’ve found that if you get the foundations and structure right then the rest kind of drops comfortably in place.”

Long time ago, I saw that a central course in (classic) AI was “Algorithms and data structures”. I was told that this was programming, plain and simple. You design the data structures and pick the algorithms and the rest is filling in the slots.

With communication, things get more interesting again 🙂

Clive Robinson March 26, 2021 3:38 PM

@ Winter,

With communication, things get more interesting again

I’ve found the three big issues people,have with communications is,

1, Serialization issues.
2, End to End state issues.
3, Time delay issues.

Whilst there are standards and tools (ASN.1) that give rise to libraries of serialisation code so that any data has the same meaning when received that it had when it was transmitted. Many programers can not easily get over the other issues.

In part because most programers never ever see the issues that arise in their ordinary work.

For the average programmer data travels left to rigth across the page and not back again. As for errors and exceptions they are often ignored, or “blue screen of deathed”, which you can not do with most comms.

But when they do try to handle errors and exceptions especially when long delayed from the originating issue their world view “Does not compute”. In part this is because writers of libraries have tried to hide lifes nastier little realities from them.

Try explaining why you might switch from Ack/Nack to sliding windows or Forward Error Correction (FEC) or some combination and you had better have had a good meal and a very hot mug of coffee because it might be some time before you get either again 😉

Then there are “error codes” even something as simple as a Hamming code can cause strained looks and trust me it generally goes down hill from there on in.

But even writing a very simple terminal program for close local access causes real issues as anyone who has tried writing one under a Posix compliant OS can tell you. Explaining the issues of blocking and the use of the select(2) and poll(2) system calls can be fun. But at the end of the 90’s over shadowed by other events C10k became an issue and there was no way on God’s little Green Apple, that select and poll would ever keep up. So… BSD came up with kqueue in 2000 and Linux later came up with epoll that was messy messy messy, thus a chunk of it got depreciated quite quickly.

Steve March 26, 2021 3:56 PM


We need to think about future wars where the tech simply doesn’t work.

As long as it doesn’t work on both sides and the missiles stay in their silos, I’m cool with that.

vas pup March 26, 2021 3:59 PM

@ Bruce said “We need to think about future wars where the tech simply doesn’t work.”

Sure, redundancy (i.e. more than one technology should be available to complete the same task)always important, but
recently I start more often thinking about recent situation in the world, and unfortunately, it reminds me being on the brink on the WWI when simple spark could bring us to the super disaster.

Looks like now we are like two guys standing up to the waist in gasoline and arguing who has more matches, as if there is chance to survive.

I’ll suggest moving to de-escalation in relationship within triangle US-Russia-China rather than confrontation and testing each other red lines. But who am I with my bleeping logical opinion?

Jim K March 26, 2021 6:41 PM

I ‘attended’ – i.e. watched via browser – a recent (Distro A) NDIA conference and one of the striking themes was their focus on hardening their software. The US military are well aware if this threat it seems.

SpaceLifeForm March 26, 2021 7:54 PM

@ Winter, Clive

Yes. But I am old school greybeard, so what do I know?

It may be that I do not know what I know.

But, I surprise myself and ‘stuff’ is recalled.

You design the data structures and pick the algorithms and the rest is filling in the slots.

jpA March 26, 2021 8:39 PM

I recall back over 40 years ago in a computer science lecture from Carver Mead at CalTech. He mentioned that one of the new fighter jets, the F-15 I think, was not controlled by mechanical linkages. A microprocessor sent the commands from the stick movement to the controls of the aircraft. He paused and then said “I wouldn’t want to be in that airplane.”

Wonder what he would think now.

Dave March 26, 2021 9:42 PM

Friend of mine works for a navy that uses US-made automated 5-inch gun turrets. He did a security assessment of them and found that their security was based entirely on the assumption that during combat the other side’s ships were too far away to tell the turret to activate, turn, and put a round into the deck of the ship it was on. He apparently explained the process in some detail to the bigwigs, and let them figure out that sometimes… actually a lot of the time, ships are in port, or within easy range of someone in a passing saiboat, or a Zodiac dinghy.

Shortly afterwards the Navy disabled most of the “intelligence” of the turret.

dropdown89 March 26, 2021 10:16 PM

Poker online bukan hanya untuk mereka yang bermain dalam taruhan besar, atau turnamen online mingguan dengan uang jutaan. Faktanya, ada website poker online untuk pemain yang tidak memiliki modal awal! Banyak pemain hebat mulai bermain di game gratis, atau memenangkan turnamen roll gratis untuk memulai karier poker online mereka.

pokerace 99
pokerclub 88

Clive Robinson March 27, 2021 3:59 AM

@ jpA,

He mentioned that one of the new fighter jets, the F-15 I think, was not controlled by mechanical linkages. A microprocessor sent the commands from the stick movement to the controls of the aircraft. He paused and then said “I wouldn’t want to be in that airplane.”

He might have known about or heard the story about how the test pilot wrote of the first flight prototype by crashing it without the wheels ever leaving the ground…

The story is he got into the aircraft after doing all the standard checks, then punched the button to retract the under carrage… And the computer complied with the request.

I’m told you can not do that with mechanical linkages, because whilst their is weight on the wheels there is a mechanical interlock to stop them under carraige colapsing due to mechanical fault.

Curious March 27, 2021 9:26 AM

I am reminded of an event where two British warships in the Falklands war were trying to maneuver at speed as Argentinian jets were attacking. One ship sailed across the other and an (iirc) missile weapon system locked up because of it. The weapon system then had to be reset, which took some time and they were unable to shoot down the jets. No hacking involved.

Davis Rudling March 27, 2021 11:34 AM

“We need to think about future wars where the tech simply doesn’t work.”

Bruce must be remembering Arthur C. Clarke’s 1951 short story “Superiority”.

For those not old enough to have read the original, an officer is explaining to an inquiry how they lost a war because their vastly superior weapons tech just didn’t quite work against the less sophisticated weapons of the enemy. Too old to feature hacking of course, but the lesson remains valid. High tech that doesn’t work is useless.

Clive Robinson March 27, 2021 3:40 PM

@ Davis Rudling,

… an officer is explaining to an inquiry how they lost a war because their vastly superior weapons tech just didn’t quite work against the less sophisticated weapons of the enemy.

We’ve seen it happen already and we call it “asymmetric warfare”.

One of the issues with even weapons tech is somebody has to pay for it. The US offsets the cost by selling it’s high tech weapons to anyone with enough US petro-dollars to buy them. Though of course any smart man would realise that buying off of a potential enemy is not a wise thing to do, as the higher the tech the easier it is to hide a “kill switch” or other little trick in it so that they do not work or do not work effectively.

But the costs get subsidized in other ways, one of which is that as tech is mostly agnostic to use, much weapons tech works as well if not better in civilian applications as it does in military.

But there is a catch, humans are by and large expensive to train and we have with very cheap computing crossed the Rubicon. You can by hunting scopes that turn you into a way better shot than a first class marksman, all you have to do is calibrate it to the gun and your shooting style then you just have to put the cross hairs on the target press a button and then realign the cross hairs and squease the trigger… “simples” as the anoying meercat advert says.

People forget or do not realise that the tech even though it has a user friendly interface that any Jo Blow can operate after half an hour or so learning is still a significant force multiplier and mostly way to eaay to re-weaponise.

That’s why a bunch of idiots had a few hours simulator training, and with box cutters force multiplied their way using aircraft as kinetic kill impact missiles killed so many and did so much damage on 9/11.

Not that weaponising everyday objects is new, people have been killed by being pushed down stairs, had their skulls smashed with spirts equipment like tennis rackets and baseball bats. Even old style telephone hand sets have smashed a few skulls in their time, as have two way radios (Blair Peach[1]).

Thus a society that relys on sophisticated yet easy to use force multiplying technology has created the weapons that will kill citizens.

It’s also why the “policing action” against technology is such a joke. Take knife crime, knives are an essential technology and they do not just make lives easier and more productive, they also save lives every day. So you stop people carrying knives, does that make the deaths aby the less? Don’t be silly, firstly the number of deaths rise slightly by those who would have previously been abke to cut their way out of danger with a knife (as I have done on a couple of occasions). But more imoortantly those intent on killing when denied one type of weapon will simply chose another, often rather more dangerous. So a knife becomes a gun in some hands or a knife becomes a pair of scissors, baseball bat, all the way through to vehicles like cars etc. Basically anything that force multiplies ib some way and that includes small doses of poison every day in a cup of coffee or meal.

A weapon is usually not a piece of technology it’s agnostic to use. It’s the “directing mind” that sees the potential for it to be used as a weapon then brings it to use as such.

I sit here in a fairly ordinary room in a domestic dwelling with the usual sort of stuff you would expect. However I look at it and think “how can that be a weapon” and in every case from the newspaper on the coffee table through the cardboard box I’ve unpacked a new household item from through all the furniture and entertainment electronics and simple decorations I know how to turn every item into multiple force multipliers that can be used for good or bad.

Take the 2ltr fizzy drinks bottle I have on the table, I know how to cut it into a very thin spiral of around nine feet in length. With only moderate effort that becomes very strong cordage, quite capable of holding near a quater of a ton (250kg). Most people can now follow the thought of what they can do with very strong cordage for good or evil intent. But that “intent” is a state of mind in the human, not the technology that made the cordage or to what use it can be put.

Thus we now know one thing at least “every thing can be a weapon to a thoughtful mind”. But we also know now that by making technology easy to use, it also makes it easier to use as a weapon. We also know that we can not make technology smarter than a thoughtfull mind…

Thus technology improvments just make it easier for humans to kill, all that is required is,

1, A thoughtful mind.
2, Intent to do evil.

Thus it does not matter how sophisticated the technology it is always going to lose to “A thoughtful mind with intent”.

Thus even a goat herder in a cave half way up a mountain in some near desolate worse than third world location can with a little knowledge, be a very formidable opponent to invading forces with the smartest of weapons weighing them down and slowing not just their progress but thinking.

Thus some think the solution is to “stop knowledge” well I don’t know who is smarter them or the goatherder? Personally given a dollar I’d place it on the goat.

George Orwell back in the closing years of WWII started in on what became the book 1984, in it he tries to convay what a society that had knowledge withheld from it was like and the consequences of that. Some in power think it’s a good thing, provided it’s for others not them or their loved ones. Well guess what, nature does not work that way, if one person has knowledge they use then others will see it in use and work out what the knowledge is. What we now call the Vatican tried for centuries to lock up knowledge in one way or another, and failed and lost both power and status. Why? Because “ideas come of time” and what one man can create so can another for basically the same reasons to solve more or less the same problem.

It’s why weapons are going to be part of mankinds future untill we cease to be mankind. Oh and the weapons will just get more powerfull with time. We know for instance that even our most powerful nuclear weapons are almost as nothing compared to what nature it’s self can throw at us.

But will mankind get any smarter? Probably not that much we don’t need to be, we are more than smart enough to kill ourselves in all sorts of interesting ways, why would we need to be any smarter?

[1] https://www.theguardian.com/uk/2010/apr/27/blair-peach-killed-police-met-report

MK March 27, 2021 5:31 PM

@ Clive Robinson
Weight-on-wheels interlock is electrical in most planes. It is certainly possible to raise the gear on the ground. Typocally happens during taxi when the gear switch is “up” and the plane taxies over a bump, unloading the switch. Perhaps they forgot the switch on the F-15.

Arclight March 28, 2021 4:12 PM

Hard electrical and mechanical interlocks used to be more of a thing on dangerous systems that were controlled by computers. Do they still put non-technology safeguards on weapons, like independent lockouts/arming systems powered by air or hydraulics?

Mr. Peed Off March 28, 2021 8:01 PM

Thus technology improvments just make it easier for humans to kill, all that is required is,

1, A thoughtful mind.
2, Intent to do evil.

Thus it does not matter how sophisticated the technology it is always going to lose to “A thoughtful mind with intent”.

Perhaps you are lacking in experience with thoughtless persons doing unintentional harm? Would you care for me to send a few your way? 🙂

Clive Robinson March 29, 2021 3:51 AM

@ Mr. Peed Off,

Perhaps you are lacking in experience with thoughtless persons doing unintentional harm?

“Unintentional harm” is not pre-meditated thus considerd “Act-of-God”[1] not “Act-of-war”.

Would you care for me to send a few your way?

Now that would be a pre-meditated action with the intent to cause harm, thus falls under the action of a “Directing mind” or,

“A thoughtful mind, with Intent to do evil.”

Look up,

“Actus reus non facit reum nisi mens sit rea”

It’s a standard test for criminal acts (Mens Rea).

But the argument becomes interesting when you consider the notion of an “attractive nuisance” combined with a poorly designed or over simplifying user interface(UI).

Arguably vehicles are an atractive nuisance of a major order. Like arguably the controls on most vehicles are not at all user friendly or intuative we even name some of them incorrectly. The net result is that experience tells us the outcome is more likely than not to be “harmfull” in the hands of those who lack both training in usage and insufficient life skills to understand the harms or consequences of actions.

So we have minimum age and licencing requirments. For people to be able to use them (not that it appears to make much difference with some people). The side effect of which is it makes the vehicles even more of an attractive nuisance.

So what to do? We could make the user interface on vehicles such that it did not require a human to be at the controls, as many unmaned “light railways” and the like have proved can work more reliably than “maned”.

However there is a problem of the “unexpected intrusion” light railways and the like run on “closed tracks” where in general people are “fenced out” in some way by physical impediment. Ships have the advantage that people do not walk on water thus they don’t need to be fenced out, but vessels can and do collide if a lookout is not correctly maintained, similarly with aircraft. Thus whilst the unmaned train does not have to be aware of it’s environment boats and planes do and humans are still used for that purpose.

But… the not talked about problem as we know is people get bored easily and some are selfish. Looking out of a train window at the tracks in front is dull no matter what the pay. Likewise so is looking out over a cars stearing wheel when stuck in traffic dull beyond tedium. We know that some people think they can “multitask” thus they read a newspaper, or do their make up, eat a snack, have a cup of coffee, chat or text on the phone and these days even watch streaming media all whilst behind the wheel…

And they get away with it most of the time, because unlike them other people are paying attention, thus the probability of their being in an accident is much reduced because of others desires not to be hurt by them. Which just encorages careless drivers to be even more careless…

In times past it was realised that some controls should not be able to be “locked down” or “held in position” by anything but the human in charge. One spin off of this is the “deadman’s handle” where the driver has to maintain a constant preasure on a control for the vehicle to keep operating. However we know from “accidents” that some drivers will hang their work bags or similar on them and actually get out of the driving position and actually leave the cabin.

The intent of these people is generally not to hurt, maim or kill others, just selfish behaviour, and often they put quite a bit of thought into how to go about being selfish.

The thing is that the simpler we make an interface to use, the simpler the actions required for them to be selfish.

So when the inevitable happens who is to blaim? The designer knowing that each simplification makes the probability of harm via a selfish drivers behaviour more probable or the selfish driver?

It’s one of the reasons designers want to take humans out of the loop entirely including the control loop.

But the fun then starts with the “legal brethren” be they legislators or judges, they more or less demand a “Directing mind” that can be blaimed and punished…

The result is that as some designers have realised “Makeing a UI ‘child’s play’ let’s idiots and worse play as well”. Some of those designers who are a little wiser have also realised that “unfortunate events” will happen, fences are obstructions not impenetrable barriers. They are also seeing a trend of lawyers and the like blaiming companies and litigating… Companies where managers then throw the designers under the bus, rather than face the consequences of managments own decisions.

It’s why some older and wiser engineers decide that the “sexy jobs” are very much the “risky jobs” and avoid such work. Simply because at the end of the day the best you can hope for longterm is a draw not a win because the game is rigged against you. The only other viable alternative is to run fast enough that your feet don’t touch the ground, butvthat as they say is a discussion for another day.

[1] I’m on record as saying there is no such thing as an accident, the laws of physics rule them out. What we actually have is a lack of information or the inability to process it then act on it in sufficient time. For instance take a meteorite, heading for earth, we know they are out there and we know that we are overdue being hit by a large one. Celestial mechanics has dictaited that in some cases more than tens of thousands of years ago. So if we have the ” information” on all major objects in space within a couple of light years we would have the knowledge of when and from where a meteorite would strike. But could we stop it from hitting? The simple answer is we do not know, but what we do know is the closer it gets the harder it will be to stop it… Thus there are limits on what we can do in preventing harm, and it’s nothing to do with Gods, just our own limitations and the limitations of our technology.

wiredog March 29, 2021 5:08 AM

At least for the systems I’ve worked on with the USAF the security is provided by two things:
1) The control systems aren’t networked externally to the aircraft/ship/vehicle. You can send signals to it all day long, but if it can’t receive them they won’t do anything. Except attract attention from the people with the homing missiles…

2) Armed men and women whose job it is to ensure that no one gets to the hardware without the proper authorizations.

Clive Robinson March 29, 2021 7:37 AM

@ wiredog,

The control systems aren’t networked externally to the aircraft/ship/vehicle.

They do noy need to be to br attacked. Also how do you know they are not “networked” in some way?

Thus how do you know,

… but if it can’t receive them they won’t do anything.

For the last four decades, I’ve worked on and off on finding various ways to “communicate” when “others think” a “network” or other communications path does not exist.

As I’ve pointed out in the past an “air gap” is not at all sufficient you need an “energy gap”.

The funny thing is, even though I’ve stated quite clearly how you can cross air gaps, the neigh says come along and say “hey no…” yet when a bunch of academics get around to playing sometimes years later they all nod sagely as though they had not been neigh sayers trotting along in their blinkers.

It’s why I say,

“If the laws of physics alow, then somebody will.”

The only question realy is the two main resources of “time and money” which boil down to when is the tech to do it going to be cheap enough…

Oh with regards,

Except attract attention from the people with the homing missiles…

Does not realy happen these days because technology works for both sides. As has been proved you send in a homing missile you had better be damn sure the other side has not out smarted you and you are giving them a major propaganda victory by blowing up a wedding or some such…

Those “signals” are just “meta-data” and when some high up like a General says in an open forum on camera “We kill people based on meta-data” you just know they’ve lost maybe not that battle but certainly the war, and very probably their morals, ethics and sanity to a stupidity of their own making.


But as I’ve found to get high tech to work, people take short cuts. These short cuts hang around sometimes for a quater century or more. So called “Smart Weapons” are full of such short cuts that are still sitting on the shelves in armories around the West like those of NATO and similar.

Meanwhile technology has moved on 17 generations and is a hundred thousand times more advanced or less cost than it was.

Back in the 1980’s I demonstrated how you could spoof GPS with little more than a drum of coax and a low cost amplifier. Back then thr amplifier was a little expensive, at around 500USD, now you can get one “thrown in for free” when buying an SDR or similar radio…

I could go on but then some one would probably come along and accuse me of giving away information to people who might have ill intent…

name.withheld.for.obvious.reasons March 29, 2021 6:12 PM

I can construct a completely organic weapon system capable of killing tanks that is “invisible” to any sensor or platform looking into the battelspace. Modern weapon systems have move so far ahead that the past technological weapons of war are effective and defeat very expensive and complex systems at the cost of a bit lumber and rope.

Garabaldi March 30, 2021 3:57 PM

Prototypes are often missing safety features, be they mechanical or software.

All the prototypes I’ve worked with came with a logbook and tags listing things I should not do. The more valuable (i.e. difficult to replace) ones came with a senior tech armed with a yard stick, whose job was to prevent engineers with tunnel vision from pointlessly wrecking the prototype.

vas pup March 30, 2021 4:02 PM

Related to tag ‘Military’

Women’s underwear to be provided to female recruits in Swiss army

“Switzerland is to allow female members of the army to wear women’s underwear for the first time in an effort to boost recruitment, local media report.

Under the current system, the standard uniform issued to military recruits includes only men’s underwear.

Army spokesman Kaj-Gunnar Sievert said that clothing and other items issued by the military were becoming outdated.

He told Swiss news website Watson that the new “functional underwear” for female recruits would consist of “short underwear” for the summer and “long underwear” for the winter.

Mr. Sievert said earlier this week that changes were being ===>considered in relation to other supplies, such as combat clothing, protective vests and backpacks.
!!!!”The focus will be on fit and functionality,” he said, adding that sizes were until now quite restricted.”

I just recall that German female police officers have their own type of protective vests matching their body structure difference from male officers(breasts).

vas pup March 30, 2021 4:32 PM

New hacking angle!

‘We have your porn collection’: The rise of extortionware

“Cyber-security companies are warning about the rise of so-called ‘extortionware’ where hackers embarrass victims into paying a ransom.

===>Experts say the trend towards ransoming sensitive private information could affect companies not just operationally but through !!!!!reputation damage.

It comes as hackers bragged after discovering an IT Director’s secret porn collection.

The targeted US firm has not publicly acknowledged that it was hacked.

In its darknet blog post about the hack last month, the cyber-criminal gang named the IT director whose
==>work computer allegedly contained the files.
[he is just ID10T – vp]

It also posted a screen grab of the computer’s file library which included more than a dozen folders catalogued under the names of porn stars and porn websites.

==>”This is the new norm. Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out. These incidents are no longer simply cyber-attacks about data, they are full-out extortion attempts.”

Another example of this was seen in December 2020, when the cosmetic surgery chain The Hospital Group was held to ransom with the threat of publication of ‘before and after’ images of patients.

Cyber-security consultant Lisa Ventura said:
==> “Employees should not be storing anything that could harm a firm reputationally on company servers. Training around this should be provided by organisations to all their staff.

“It’s a troubling shift in angle for the hackers because ransomware attacks are not only getting more frequent, they are also getting more sophisticated.

!!!”By identifying factors such as reputational damage, it offers far more leverage to extort money from victims.”

Clive Robinson March 30, 2021 9:54 PM

@ vas pup,

Under the current system, the standard uniform issued to military recruits includes only men’s underwear.

Well, that may not be as bad as it might sound…

Let me tell you a tale of strange goings on with regards to UK Army issued Pants to women and what they wore by choice…

Back in the 1980’s when I was still wearing the green, female recruits were issued “PT Pants Green” which was a kind of one size fits all garment, that as the old joke has it “fits where it touches”…

You have to appreciate that the regiment I was in which was a Special Comms (SC) regiment and had more women than men, and that on the rolls they Were “Royal Signals” not the “Women’s Royal Army Corps”(WRAC) which was very unusual,for the time[1]. In fact the only part of the entire regiment that did not have women in it were “HQ techs” even Motor Transport(MT) had more women than men, even P-Company had some women.

More importantly most of the people in the regiment had levels of education that were either proffessional (accountancy, legal, medical) or at Old University post graduate level or above, and more than a few had passed both Civil Service and other boards and were considered high flyers. Others were stock brokers and other City types again high flyers, and as an engineer even though of recognized proffessional standing legaly and of strange security clearance I was considered an oddity in my own right, which usually played out to my advantage.

Whilst the PT Pants Green were issued to all the young ladies in the regiment they were only ever worn when away from the Regiment on WRAC training courses[2] (out on excercise most of the young ladies actually wore boxer shorts for reasons of comfort, and you would be surprised just how many of the men were given measurments and told to “go get em” by the young ladies)…

Occasionaly though the PT Pants Green were worn for a mess game that might these days be called a varient of “capture the flag” the rules of which I will not go into, other than to say to win, you had to not just capture the oppositions PT Pants Green, your “three man team” all had to get at least a leg in them at the same time at a home base with the teams designated pants wearer still wearing the teams PT Pants and without a member of the other team in them… Needless to say whilst a male team might have brut strength, and longer arms the women had speed, dexterity, and often whilst in a melee a mean set of fingernails to ventute into places most sensitive, to balance the odds. I was regarded by some of the women players as a bit of a cheat even though they knew I could “caber toss”[2], because I was strong enough and tall enough to hold their team wearer of the PT pants Green up seven or eight foot in the air or tuck her under my arm whilst fending off her team mates with my other hand whilst leisurely strolling down the mess (apparently not cricket, and one decided that sinking her teeth in my behind was par for the course).

Which all gives rise to the question how can three fully grown rugby playing men all get in a pair of WRAC PT Pants Green?

Remember I said “one size fits all” well whilst you had tiny little young ladies just tall enough to get into the army in our regiment that were bundles of directed kinetic and potential energy most fiesty, and many looked like your archetypal “British Rose”, the same was far from true of the WRAC cohort… The WRAC had women who could put Russian male weight lifters and small elephants to shame… Less than effectionatly known as the “Mastodons” for obvious reasons[3]. So PT Pants Green being “one size fits all” could at a stretch get three men in them or as was jokingly said at the time make good refugee tents…

Needless to say such a garment was in some cases, to be able to stay up, was in need of actually having a flat cord threded through the top along with the elastic such that it could be sufficiently drawn in at the waist or just below the rib cage (yes they were realy that big, we once managed to get eight London bricks in a pair and lift it up by the top).

[1] Known less than effectionately as the “Wrack-n-ruin” the WRAC was formed in 1949. It pulled in just about all women then in Army service. Officially it eventually included all women serving in the Army except medical and veterinary orderlies, chaplains and nurses and one or two proffessional specialists. Their uniform was truley appaling whilst not one size fits all, it was a truely awful shape giving even baggy a bad name, and required tailoring to even remotely have a chance of looking presentable let alone smart. The regiment I was in was “special” in that it was not directly under the “Ministry Of Defence”(MOD) but the “Foreign and Commonwralth Office”(F&CO) along with some other oddities like the “Field Axuilary Nursing Service”(FANY), “Diplomatic Wireless Service”(DWS), and the “Secret intelligence Service”(SiS/MI6). All of whom had women in Army uniform, ranks, pay scales etc, but well clear of the WRAC who appart from the very few “proffessionals” they ensnared were all considered “Not suitable as bookend material”. In the regiment I was in, the women were all issued standard “working dress” like the men, the main difference was that whilst the men got issued “Shirts wool hairy” the women got “Shirts green polyester”, though quite a few of the women traded in to get the mens wool shirts (warmer, larger, absorbed sweat without smelling, and you could sew the creases in as well, one young lady I was well aquainted with used to wear one of my special issue wool shirts as a night dress…).

[2] https://en.m.wikipedia.org/wiki/Caber_toss

[3] I once nearly started a punch up one sunday lunch time in a pub in Guildford Surrey. There used to be a large, WRAC training base as well as another Army base around Guildford. I was with some friends doing a sponsored 32mile walk “along the valley” and we had stopped at a pub for lunch. Somebody asked me if I knew what the Army Camp we would be passing after lunch when I was up at the bar getting my round in. Without thinking I said “The first one is ‘The Wreck of the Hesperus'[4] run by the ‘Wrac and ruin'”. At which point this sack of bulbous red necked expansivity I thought was a lardy arsed builder or some such turned around revealing it’s self to be one of the Mastodons and her almost identical friend. I did my fade to grey then invisable trick by steping into the crowd and ducking then diving and it turned back with it’s outsized hand still wrapped around it’s pint jug.

[4] It’s, a poinient poem by Henry Wadsworth Longfellow from 1840 a tale of folly by a Captain who looses not just his ship but daughter to Norman’s Reef. It’s the sort of thing Cambridge and Oxford classicists both male and female that were very apparent by sheer numbers in the F&CO “oddities” could recite off the top of their head. It was such enchanting examples of the “British Rose” that gave the Camp it’s unoficial name in our regiment with grim humour. Because they all had to do basic training there, and were obviously not liked by the mastodons that ran such courses. The mastodons knowing full well that with in a couple of months of the basic training the Roses would be doing either their det commander or officer training and would out rank the mastodons within a year.

vas pup April 1, 2021 2:33 PM

@Clive – I continue admiring you as person and professional.
May I give a suggestion?
Clive, if I were you and English was my first language, I’d write a set of books describing with your sense of humor all your life experience.

Trust me, it’ll not be less popular than ’50 Shades of Gray’.
Make a team with Bruce with his invaluable skills as a writer.

@ALL: Covid new rapid non-invasive test


“Rapid Breath Test for Coronavirus Detection

The VOX system is designed for the rapid detection of pathogens in breath, including the coronavirus. From a simple exhalation The system detects whether the coronavirus biomarkers are found in the subject’s breath and outputs accurate test results. The test is groundbreaking and designated to be, fast, with on-the-spot results, accurate (over 90%) non-invasive, and able to detect patients in all stages of the disease, even asymptomatic patients. At this stage, the company is carrying out a final validation trial and is in the process of making the product operational.”

Clive Robinson April 2, 2021 6:01 AM

@ vas pup,

Thank you for the complement, but I’m not sure I have enough anecdotes to fill a book, nor do I think my story telling ability is upto say Peter Ustinov’s,


With regards the “Rapid Breath Test for Coronavirus Detection”

It’s an obvious if not difficult problem and solution. Kenya was soing research into such a device back about a year ago, I don’t know what happened to it.

The reason it’s obvious is that dogs can be trained to “sniff out” COVID even in nonsymptomatic and presymptomatic people at “ankle hight” with better than 94% reliability.

The dog and it’s handler take about three weeks to train, a lot of it being the trouble with getting the handler to understand the rich indicators the dog puts out (being intelligent the dogs want to be not just helpfull but good at it).

There are two main problems though,

1, Few authorities want to use dogs often due to “NIH Syndrome”.

2, The dog does not come with an “idiot indicator” driven by a computer chip.

And that’s before the issue of you can not just chuck the dog in a cupboard at the end of the day and go off down the pub.

It’s a shame because from an economic viewpoint they would be able to rapidly test people for further screening just by walking people past the dog or vice versa. So way faster than any other testing system that exists and dogs can be retrained for other diseases or chemicals and in many ways are more agile and usefull than the typical human operator of electronic equipment.

Wesley Parish April 7, 2021 7:31 PM


While unconfirmed, the ability of external actors to tamper with off-limits systems is worrisome, especially when one imagines the consequences of losing control over weapons systems that can direct strikes.

This was one of the issues with Ronald [Raygun] Reagan’s “Star Wars” aka Strategic Defense Initiative or as Arthur C. Clarke corrected it to, “Budgetary Defense Initiative”. How could the SDI HQ guarantee that it could avoid losing control of the vast network that was necessary?

Clive Robinson April 7, 2021 8:34 PM

@ Wesley Parish, ALL,

How could the SDI HQ guarantee that it could avoid losing control of the vast network that was necessary?

They could not then, and they still can not now.

However the Chinese with their “entangled particle communications satellite” might just be getting towards that goal (though it’s very very vulnerable to a kinetic denial of service via space missile).

At the end of the day two things must be in place,

1, A secure root of trust.
2, Guarenteed control of the root of trust.

Whilst we know of ways to do the first (propperly setup and used “Perfect Security” aka OTP being one). The real problem is the second one and that is problematic.

To see why, look at it this way, I’ve a safe full of OTPs to imolement “Perfect Security” communications. An attacker has to obvious ways of stopping me,

1, Jam Communications.
2, Drop a nuke where the safe is.

To stop the second attack that means having replicated stores of the OTP in several places. That implicitly and practically breaks the OTP rules that give perfect secrecy thus security over the root of trust.

Similar logic but in the temporal domain applies to jamming. Each command I send has to use fresh OTP otherwise it implicitly and practically breaks the OTP rules thst give perfect secrecy thus security over the root of trust. So jamming forces me to burn through the OTP in an attempt to beat the jamming thus regain control. Eventually the satellite is going to run out of OTP.

Each method you use to try to retain the root of trust thus control can be countered by an enemy of similar sophistication as yourself.

Thus you get the same “Turtles all the way down” issues that arose with Electronic Warfare in general but most notably the ECM/ECCM/ECCCM/… spiral that leads to a stalemate thus loss of utility of the primary system and increasing resource cost.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.