The Complex

Air Force Swears: Our Nuke Launch Code Was Never '00000000'

For nearly a decade, an awkward debate has raged about the U.S. military's nuclear force: Did top Air Force officials really choose "00000000" as a code that could enable the launch of a nuclear missile? Ten years later, in a document obtained by Foreign Policy, the U.S. military told Congress that it never happened. But is the Pentagon telling the truth?

Bruce Blair, a nuclear security expert and former launch officer , says no. Blair, now a scholar and author at Princeton University, first raised the idea in a piece published in 2004. He accused the Air Force of circumventing President John F. Kennedy's 1962 order to install extra security codes to safeguard against accidental or unauthorized launch by putting them in place, but making them painfully simple to the missile launch officers who manned underground bunkers. Doing so, Blair said, effectively eliminated the codes' usefulness.

The U.S. military says that's not the case. A new wave of media coverage sparked by online media outlets last year prompted the House Armed Services Committee to ask about the issue, and the military responded by insisting "00000000" was never used.

"A code consisting of eight zeroes has never been used to enable a MM ICBM, as claimed by Dr. Bruce Blair," the new document, obtained by FP, insists, while laying out the basics on how a nuclear missile can be launched.

The release of the document comes at a time when the Air Force's Minuteman nuclear missile arsenal is aging, and faces stiff financial competition if it is to be modernized. It also comes amid a string of embarrassing incidents for the "missiliers" who oversee intercontinental ballistic missiles. The mission, once considered among the military's most crucial during the Cold War, has sustained a decrease in attention from the Air Force that has "declined conspicuously," according to a 2010 report released by the Pentagon.

Those concerns were stirred again this month, after service officials disclosed that they effectively had removed 34 nuke officers from their positions after investigators discovered evidence of some of them cheating on a monthly aptitude test. Foreign Policy obtained the new document just before news of the cheating scandal emerged.

Blair, a critic for decades on the U.S. handling of nuclear weapons, wrote in 2004 that the Air Force's Strategic Air Command quietly decided set the locks to all zeroes in order to circumvent a demand from then-President John F. Kennedy in 1962.

"During the early to mid-1970s, during my stint as a Minuteman launch officer, they still had not been changed," he wrote. "Our launch checklist in fact instructed us, the firing crew, to double-check the locking panel in our underground launch bunker to ensure that no digits other than zero had been inadvertently dialed into the panel."

The Air Force made the decision, Blair alleged, because it was less concerned with accidental launches than with too many safeguards interfering if a launch was needed. The story made a comeback late last year, when it was featured on the website Today I Found Out. It then spread to the technology blog Gizmodo, the Huffington Post, the Daily Mail newspaper in London and other news outlets, prompting the Air Force to respond to questions about the issue from Congress.

But Blair, who has testified before Congress on nuclear policy, told Foreign Policy that while the new document describes in some detail how the Minuteman missile program works now, it leaves out key basics from before 1977. That is when a program known as Rivet Save added in additional security precautions, including new launch codes, allowing the United States to reduce the number of personnel needed for the program.

"Before this real enable code system was adopted, there was no technical safeguard and both crewmembers were thus required to stay awake throughout the alert period in the underground capsule," Blair said. "Thus the document errs and misleads when it says that the 00000000 enable code system was never used."

The military's new response to Congress also states that upon the direction of the president, two "separate and distinct processes are required to launch an ICBM." First, the missile must be enabled, or "unlocked," it says. The enabled missile must then be commanded to launch from two separate launch control centers, using a series of codes that are not stored in the control centers, the response says.

Blair said that contention is misleading, too. A single control center could fire "the entire squadron of 50 missiles" using a device called a single-vote timer, he said. If none of the other four launch control centers stopped a launch command using the timer, the missiles would be fired after the timer expires, he said.

Attempts to solicit comment from the Air Force were unsuccessful. However, Lance Lord, a retired four-star general and former nuclear launch officer, said he does not recall any codes including all zeroes ever being used. Like Blair, he recalled that both crew members in a launch control center were required to stay awake prior to Rivet Save being put in place in the late 1970s.

Blair has consistently defended his story over the years, most recently in a December exchange with the blog The War Room. He told Foreign Policy he questions the Air Force's motivation for responding now, considering the service wants to replace or rebuild its existing Minuteman arsenal and needs Congress to approve money to do so.

The U.S. military's new response to Congress fails to address Blair's long-held claim that nuclear codes in the early 1970s were different than they are today, said Jeffrey Lewis, director of the East Asia Nonproliferation Program at the Monterey Institute for International Studies. Asked to review the new military document by Foreign Policy, he said confirmation of Blair's story hinges heavily on the documents Blair says he has (but refuses to share). Lewis added that the argument over the past existence of "00000000" codes is "really just a proxy for a broader question about our reliance on nuclear weapons and the trust we place in government.

"Bruce is correct about the major historical narrative at stake - the United States Air Force, particularly Strategic Air Command, generally resisted the introduction of technical safeguards out of concerns that such measures might make it more difficult to use the weapons in the event of a conflict," Lewis said. "Like many other practices of the period... the Air Force's emphasis on readiness at the expense of safety at that time seems, admittedly with the benefit of hindsight, unwise in the extreme."

140113 Blair ICBM Code Response by Dan Lamothe

The Complex

Could This Company Be the Answer to Obama’s Big Data Problem?

President Obama announced on Friday that a huge database of all Americans' phone records will be moved out of the National Security Agency, where it's currently stored, and kept either with phone companies or a third party. "This will not be simple," Obama warned. The approach could be more expensive and legally ambiguous than if the government held the records, and it could raise a host of new privacy concerns, the president said.

Who would want, or even be capable of such a job?

Meet Neustar, Inc., a company most people have probably never heard of but have almost certainly dealt with in some form, even if they didn't know it. If you've ever changed cell phone carriers and wanted to keep your old phone number, Neustar "ported" it over for your from one carrier to another. To do that, it keeps a record of all cell phone numbers in the United States. The company also acts as a kind of middleman between law enforcement agencies serving surveillance warrants on telephone companies, ensuring that the companies only give over the amount of information they're legally required to disclose.

So: third-party organization -- check. Maintain huge logs of phone data -- check. Field surveillance requests from government officials -- check.

Neustar, which has headquarters in Sterling, Va., and an office in downtown Washington, D.C., hasn't been contacted by anyone from the administration or the intelligence community, nor has anyone at the company discussed whether it could be the solution to the Obama administration's new big-data problem. But "it's absolutely not a wild and crazy idea," Rodney Joffe, Neustar's senior vice president, told Foreign Policy. Any organization chosen to hold of Americans' phone records "certainly would take some of the strengths we have. We handle very big data. We have to have absolute reliability and security."

Neustar is not a government contractor. But as the administrator of the Number Portability Administration Center -- which allows you to keep that old cell phone number -- Neustar has to abide by neutrality regulations enforced by the Federal Communications Commission. That means the company can't show any favor towards a company or segment of the telecom industry.

That status as an "honest broker" between companies and government will be essential for whatever organization is ultimately elected to house Americans' phone records. The idea is that an outside party with no allegiance to the government or the company will be more likely to adhere strictly to the law and only give over that information that's being requested, and nothing more. Phone giants like Verizon and AT&T, other potential custodians, have already started to push back against any attempt to make them hold onto years' worth of customer records.

Obama has instructed Attorney General Eric Holder to come up with options by the end of March. But there's every reason to believe that actually setting up the system will take much longer. "More work needs to be done to determine exactly how this system might work," Obama said. The president said he would also seek congressional authorization for the new program if necessary.

Neustar, which doesn't store call data like time and duration of calls, isn't the only potential candidate. Any number of large Defense Department contractors, for instance, that store and analyze huge volumes of Internet traffic looking for cyber threats conceivably could do the job. Lockheed Martin, for instance, runs four large computer network monitoring centers, which store and categorize billions of discrete pieces of data every day. And cloud service providers like Amazon, which is a contractor for the CIA, theoretically have the storage space for such a massive cache of information.

Whether any company would want to be associated with the call records program is another matter. It's the most controversial of the NSA operations revealed by Edward Snowden, and it's future is all but certain. Congress has tried once to suspend the program, and conflicting court decisions over its legality mean it's almost certainly headed to the Supreme Court, which could rule on whether metadata is protected by the Fourth Amendment.

"Whoever does this has to be in an incredible position of trust," Joffe said. The NSA hasn't come calling yet. But, Joffe said, he'd certainly entertain the conversation.


John W. Adkisson / Getty News Images