>In order for the 15 Eurofighters to start, Austria's federal army paid 1.5 million euros over three years to a private US security company. Now, the costs for those two "civilians" stationed at the Zeltweg airbase have been confirmed, who have to allow every start with the current US-"Crypto-Keys" for navigation and friend or foe identification.
The ministry of defense denies that the two Americans from a not named US company are NSA contractors. They claim the jets would fly without the keys but without encrypted navigation and communication. He also mentions the same situation for Sweden and Switzerland.
That article is not entirely accurate and is based on a misunderstanding of what those contractors are doing. They're loading NATO MIDS/Link-16/IFF keys, not 'starting' the aircraft.
The Austrian Eurofighters can fly and operate without those keys, they just won't be able to join NATO Link-16 networks or other encrypted NATO communications or navigation networks. This is standard practice for all modern combat aircraft, incidentally, as encryption keys are rotated on a regular basis and need to be loaded into the aircraft's onboard systems before flight. The data can also include additional interoperability elements such as TDMA slice allocations in the case of Link-16.
The reason it has to be done by the unnamed contractor is because Austria is not a member of NATO, so it can't be given control over key handling. The same is true for Sweden & Switzerland.
It's a logical tradeoff. Austria, Sweden, and Switzerland get access to encrypted NATO networks and can therefore interoperate seamlessly with NATO forces, but they're always free to opt-out. Sweden for instance has fall-backs to national data links and communications networks to which only it has the encryption keys.
Sweden and Switzerland don't fly Eurofighter jets. They are also not members of NATO so I'm not surprised that they can only get NATO IFF codes under restrictions.
I have seen the army in my country to emphasize on having total control on each and every equipment they have. They boast on being able to completely disassemble and reassemble all the mechanical war machines.
I wonder how that works for software heavy war equipment, such as F-35. Does the seller provide full source code and control (and probably training?) over modification of the software? Do they agree on the paper only that the buyer can never get to use those weapons against the seller? Or, do they set those policies right inside the control units of those weapons?
If the seller country have significant control on the control units of the war instruments sold to another country, and if the seller country is able to update/modify/ control/restrict devices over the air, won't that make the buyer country just an outpost of the seller country?
> If the seller country have significant control on the control units of the war instruments sold to another country, and if the seller country is able to update/modify/ control/restrict devices over the air, won't that make the buyer country just an outpost of the seller country?
No. That would entail rather complete political control. Not just control over certain parts of the buying country's equipment. Still, it is clearly in the interest of the buyer to want more control over the equipment they buy, especially on such a delicate matter.
F-35 source code is only available to a limited subset of trusted allies. Mainly the UK, but it appears that a few other countries such as Israel have at least partial source code and the ability to build custom branches.
In the case of new fighter jets. Absolutely not. Other countries do not get the full packages either. There are some parts they likely take out or give them slightly inferior parts.
I have the feeling that if there were ever a war between major powers breaking out, the first thing that would happen is that a large chunk of military equipment and critical infrastructure on both sides would get bricked pretty much immediately.
Command disablement is present on airframes dating as far back as the B-52.
Nondestructive remote command disablement (what you’re referring to) is probably a real thing. It would fit the same schema that other weapons systems already have (nuclear weapons, drones, satellites).
Kidding aside, the concerns over the possibility for such actions were the primary reasons why the Turkish public was totally O.K. with being expelled from the F-35 program.
First of all, Norway shares their border and coastline with Russia, who would like nothing more than to gain more control over Norway’s fisheries and oil fields, although they’re certainly more friendly now than they were during Soviet times. Second of all, the EU also wants a cut of Norway’s fisheries and oil, although on far better terms. As such, the USA has always treated Norway fairly and favourably in order to gain access to our oil fields. Thus it’s only natural that the favour is returned.
On top of that, Norway has for at least a hundred years had very close ties to the USA due to emigration. Compare that to the rather lukewarm political help Norway got from Sweden during WWII (though their hands were obviously tied) and the strategically insignificant position they’re in to help in future conflicts, given that they are still outside the NATO—where Norway is of course heavily entrenched with their former P.M. Jens Stoltenberg as the current General Secretary. Thus it was an easy call to ditch Sweden’s JAS Gripen in favour of the F35, despite some issues with data transmissions.
While the JAS Gripen perhaps has similar capabilities to that of the F16—which is in fact a far superiour defensive dogfighter compared to the F35—the F35 is a better ground attack plane, and it has stealth.
Because developing good warplanes is extremely expensive and difficult. Also using same equipment as your allies has advantages - can secure external parts supply during a war, foreign planes can easily use your fields, etc. Of course, buying foreign planes comes with risks as well - parts supply might be embargoed, other countries will know something about your plane, etc.
Judging by Norway's likely adversary (Russia), in all likelihood the risks were judged to be small compared to the advantages of using the best available plane from a country (US) usually not in good terms with Russia.
Norway is way too small of a country to develop its own weapons and airplanes. It has 2% of the GDP that the United States has. The cost of the F-35 project would deplete the entire Norweigan sovereign wealth fund. Secondly, what is the likelihood that Norway gets into a war with the United States versus Russia?
Norwegian Unix User Group (NUUG) have campaigns from time-to-time where they highlight stuff like that to Norwegian state owned institutions, counties and municipalities.
> “Due to national considerations, there is a need for a filter where the user nations can exclude sensitive data from the data stream that is shared by the system with the manufacturer Lockheed Martin,” Gjemble ter.
> “Norway has entered into a partnership with Italy to jointly finance the procurement and operation of a laboratory where we can enter nationally sensitive data, as we currently do on F-16,” Gjemble said.
I'm curious about the actual communication here. Does each plane have a satellite uplink or something? If they do, I would expect that they would be configured to use Norways military satellite comms network. I'm not sure how or why that network would be able to contact Lockheed. So are there multiple communications systems? What portion of them are military and what portion, if any, transit the public Internet? Lockheed might own their own communication satellites, I'm not sure, but I really don't think they have carte blanche to use the US military communications networks for their own products. Details might be sensitive or classified so I'll probably just be kept wondering, but the mechanics of the actual physical communication of data aren't clear to me.
This article is over a year old. June 4th 2018. Norwegian blogs and press wrote about similar conserns already back in 2017. Not sure why this is pushed to the top at HN now :p
The title makes the data collection sounds sinister, but this is just a case of a company wanting to make the best product possible. It's necessary to collect data to improve systems.
Norway (and all of Europe) has outsourced much of its collective defense to the United States, so if Norway and the Europeans are comfortable with the entire US military apparatus protecting them, it is quite surprising that Norway would have a problem with something as comparatively insignificant as flight data being sent back to Lockheed.
In fact, given the protective relationship the US has with Europe, wouldn't Norway want to provide as much data as possible to help improve Lockheed's technology and hence the West's future defensive capabilities?
I give for granted that those data will be shared with US military. In any case the company is free to collect data from its own planes, not those that it already sold
Now say the exact same thing but referring to Huawei. How did that sound to the whole world, and especially to the US?
This isn't your thermostat sending temperature data to the manufacturer, it's a war plane sending critical information that the owner of the plane wants to keep secret.
[+] [-] ChuckNorris89|6 years ago|reply
[1] https://news.ycombinator.com/item?id=18642194
>In order for the 15 Eurofighters to start, Austria's federal army paid 1.5 million euros over three years to a private US security company. Now, the costs for those two "civilians" stationed at the Zeltweg airbase have been confirmed, who have to allow every start with the current US-"Crypto-Keys" for navigation and friend or foe identification.
The ministry of defense denies that the two Americans from a not named US company are NSA contractors. They claim the jets would fly without the keys but without encrypted navigation and communication. He also mentions the same situation for Sweden and Switzerland.
[+] [-] _djo_|6 years ago|reply
The Austrian Eurofighters can fly and operate without those keys, they just won't be able to join NATO Link-16 networks or other encrypted NATO communications or navigation networks. This is standard practice for all modern combat aircraft, incidentally, as encryption keys are rotated on a regular basis and need to be loaded into the aircraft's onboard systems before flight. The data can also include additional interoperability elements such as TDMA slice allocations in the case of Link-16.
The reason it has to be done by the unnamed contractor is because Austria is not a member of NATO, so it can't be given control over key handling. The same is true for Sweden & Switzerland.
It's a logical tradeoff. Austria, Sweden, and Switzerland get access to encrypted NATO networks and can therefore interoperate seamlessly with NATO forces, but they're always free to opt-out. Sweden for instance has fall-backs to national data links and communications networks to which only it has the encryption keys.
[+] [-] rjsw|6 years ago|reply
No idea what is going on with Austria.
EDIT: Austria isn't a member of NATO.
[+] [-] strooper|6 years ago|reply
I wonder how that works for software heavy war equipment, such as F-35. Does the seller provide full source code and control (and probably training?) over modification of the software? Do they agree on the paper only that the buyer can never get to use those weapons against the seller? Or, do they set those policies right inside the control units of those weapons?
If the seller country have significant control on the control units of the war instruments sold to another country, and if the seller country is able to update/modify/ control/restrict devices over the air, won't that make the buyer country just an outpost of the seller country?
[+] [-] kebman|6 years ago|reply
No. That would entail rather complete political control. Not just control over certain parts of the buying country's equipment. Still, it is clearly in the interest of the buyer to want more control over the equipment they buy, especially on such a delicate matter.
[+] [-] nradov|6 years ago|reply
[+] [-] wil421|6 years ago|reply
[+] [-] mysterydip|6 years ago|reply
[+] [-] wil421|6 years ago|reply
I couldn’t imagine a situation that would put Norway and the US on opposite sides. Since the military allows Norway to get F-35s they probably agree.
[+] [-] ginko|6 years ago|reply
[+] [-] yasp|6 years ago|reply
[+] [-] harry8|6 years ago|reply
[+] [-] no-dr-onboard|6 years ago|reply
Nondestructive remote command disablement (what you’re referring to) is probably a real thing. It would fit the same schema that other weapons systems already have (nuclear weapons, drones, satellites).
[+] [-] nraynaud|6 years ago|reply
[+] [-] mrtksn|6 years ago|reply
Kidding aside, the concerns over the possibility for such actions were the primary reasons why the Turkish public was totally O.K. with being expelled from the F-35 program.
[+] [-] mytailorisrich|6 years ago|reply
Data should be under the control and scrutiny of the owner of the plane, who would pass on only what they are happy to.
[+] [-] kebman|6 years ago|reply
On top of that, Norway has for at least a hundred years had very close ties to the USA due to emigration. Compare that to the rather lukewarm political help Norway got from Sweden during WWII (though their hands were obviously tied) and the strategically insignificant position they’re in to help in future conflicts, given that they are still outside the NATO—where Norway is of course heavily entrenched with their former P.M. Jens Stoltenberg as the current General Secretary. Thus it was an easy call to ditch Sweden’s JAS Gripen in favour of the F35, despite some issues with data transmissions.
While the JAS Gripen perhaps has similar capabilities to that of the F16—which is in fact a far superiour defensive dogfighter compared to the F35—the F35 is a better ground attack plane, and it has stealth.
[+] [-] yyyk|6 years ago|reply
Judging by Norway's likely adversary (Russia), in all likelihood the risks were judged to be small compared to the advantages of using the best available plane from a country (US) usually not in good terms with Russia.
[+] [-] pmart123|6 years ago|reply
[+] [-] imtringued|6 years ago|reply
[+] [-] brokenmachine|6 years ago|reply
[+] [-] est31|6 years ago|reply
[+] [-] csomar|6 years ago|reply
Do you have details/links about that.
[+] [-] kebman|6 years ago|reply
[+] [-] stunt|6 years ago|reply
> “Norway has entered into a partnership with Italy to jointly finance the procurement and operation of a laboratory where we can enter nationally sensitive data, as we currently do on F-16,” Gjemble said.
[+] [-] asaddhamani|6 years ago|reply
[+] [-] dvfjsdhgfv|6 years ago|reply
[+] [-] otakucode|6 years ago|reply
[+] [-] p_l|6 years ago|reply
Having dealt with the output of the part of Lockheed that makes logistical software, I say run for the hills.
[+] [-] o-__-o|6 years ago|reply
[+] [-] kebman|6 years ago|reply
[+] [-] a3n|6 years ago|reply
[+] [-] kwhitefoot|6 years ago|reply
[+] [-] darkhorn|6 years ago|reply
[+] [-] JohnStrangeII|6 years ago|reply
[+] [-] 420codebro|6 years ago|reply
[deleted]
[+] [-] tandem_bike|6 years ago|reply
Norway (and all of Europe) has outsourced much of its collective defense to the United States, so if Norway and the Europeans are comfortable with the entire US military apparatus protecting them, it is quite surprising that Norway would have a problem with something as comparatively insignificant as flight data being sent back to Lockheed.
In fact, given the protective relationship the US has with Europe, wouldn't Norway want to provide as much data as possible to help improve Lockheed's technology and hence the West's future defensive capabilities?
[+] [-] mrighele|6 years ago|reply
[+] [-] stirlo|6 years ago|reply
[+] [-] orbital-decay|6 years ago|reply
[+] [-] close04|6 years ago|reply
This isn't your thermostat sending temperature data to the manufacturer, it's a war plane sending critical information that the owner of the plane wants to keep secret.