It is absolutely necessary however to do so. It is simply impossible to vet any software system of all possible internal weaknesses. Software also represents a substation portion of the development cost and effort, whereas the source code can be lifted and applied to other systems, friend or foe, at a fraction of that cost. Given the ubiquitous nature of the Internet and the proliferation of naivete as regards good security measures, the more entities owning the source, the more likely it is to be stolen and/or compromised.

Jim

I don't buy that.

We're allies, and we're partially buying the F-35 out of political good will. We want to be friends with the US and have a capable weapons platform, even if it might not be the best fit for what we need. Alternatives that would have done the same thing for less than half the price was pushed aside, and now we're effectively getting a smaller fleet.

The US of course also has a much smaller airfleet than what they wanted. A third of the raptors they were hoping for, and no where near the F-35s. Though its getting there slowly but surely. That project is way too big to fail.

But that argument that its only about security is hogwash. Apple, Google and Microsoft are a couple of companies, encompasing several time the number of people involved in the design of the codebase for F-35. With subcontractors and developers in all sorts of countries. None of them were sworn to secrecy to the level that military developers are. They can be sued for breach of contract, and white collar crime. A person spilling the blueprints, weapon schematics, driver code, or even just the exact extent of the planes capabilities, will get tried as a traitor to their country.

Yet I can't exactly download a copy of the source code for MacOs Mojave, or Windows 10 can I? I can't find the unencrypted binary blob inside the Nvidia Graphics Card.

This has nothing to do with the US no trusting its allies to keep its secrets.

Here are the real reasons its kept secret, as a policy. The first being the most important, and the second being an afterthought in comparison, but almost undeniable.

1) The first reason is simple. The US government, when it comes to the F-22 and F-35, are all more or less lobbied for and controlled by the military industrial complex. They're making tons and tons of money on these projects, and they don't want that gravy train to end. At all. They want to produce the parts. They want to do the repairs. The upgrades. Everything. Any country doing anything on their own in regards to this, is a loss of revenue for Lockheed-Martin and Northrup-Grumman.

And they really jack up the price for those parts. There's still horror stories of the F-16s we have having certain components that wear down a lot, and Northrup Grumman really milking those contracts. Only recently have Denmark been able to buy used parts.

They're as bad as Apple when it comes to this stuff, and it has nothing to do with security, and everything to do with maximising profits.

Neither Northrup-Grumman, nor Pentagon minds having thousands of subcontractors producing the parts. Even in other countries. A factory near me produces a couple of dozen components the plane uses.

We're just not allowed to use them ourselves, or do anything more than final systems integrations. They're shipped directly to the US. And we're not allowed to produce all the parts on a need basis. That too must come from the US.

Not because of safety or secrecy. But because otherwise Northrup-Grumman and Lockheed-Martin would lose money.

If we want spare parts, we'll have to order it from the US. We won't get to make them ourselves. We can do final assembly in Denmark, but otherwise if a plane is out of commission we'll have to wait for weeks for the US to get in gear and repair it. If we want upgrades, we'll have to get Lockheed Martin's Florida division to do it for US.

Israel, it seems has gotten some limited means to modify some of the drivers, to integrate the platform with some of their weapons and technologies in a way that Lockheed Martin would not be able to provide. And that was after ten years of insistently demanding the ability to do it.

The second reason is obvious.

2) There's backdoors and killswitches in the planes. No doubt about it.

The only reason Denmark is accepting the planes is that after inspection of the systems, which was finally granted, though not of the source code, it was determined that the planes can't be dropped out of the sky by any kill-switch command. But its not clear at all in regards to its weapon systems. And without access to the source code we can't switch off those parts, and recompile them to be safe.

This is the biggest issue to me, as it ultimately undermines the sovereignty of these countries buying these weapons from the US.

hmm - me thinks I really don't want to go down this road. You started off complaining about them being cagey with source code and I offered a possible, and reasonable potential reason for them wanting to maintain strict control of it. But now you've wandered of into all sorts of other issues - manufacturing, parts control etc etc and we are but just one post in. Seems a sensitive spot for you, and I'm just not up to that right now. Not to mention my expertise is in software and software security, not the political and financial details and policies of the US military industrial complex.


Jim

So then don't buy them and make your own.

That's what I prefer. Europe has for a long time been neglecting its military. The US military is arguably too large, but the European military is definitely too small. I'm crossing my fingers for a European Military Coalition across the nations, and a military budget above the current anaemic 1% to something 2% (or preferable 2.5%). Then we'd be able to sink the money needed to make our own contender on that field. Not anything that's going to happen any time soon, but its something to hope for.

Denmark are good friends with the US, so we buy F-35s.

We need them too. MIGs are flying over danish cities now and then, and our old F-16's just aren't a threat anymore. A lot of people don't like the F-35, but its about as expensive as the Join Strike Fighter and a lot more capable for the price. The only downside is that it only has one engine which makes patroling the North Pole a bit risky for the pilots.

Still wish we'd be able to service them ourselves and inspect the source code. I don't like us not having that ability.

You could've gone with an offering from Dassault - that would at least be European. I haven't looked recently at how they compare performance-wise, however.

Military was considering it. Then politics went into it. And we're buying up F-35s now.

Eh, at least we got it when all the kinks had been worked out.

Ew. Playing politics with national security is dangerous business.

Why not just write your own code for the computers and replace the code supplied by the USA, or replace the entire computer system? cheaper than building a plane from scratch.

I don't blame the USA if they did put a kill switch in their planes. It makes sense. If a plane fell into the wrong hands you would want a way to disable it. Unless Denmark is planning on turning against the USA I don't think you have anything to worry about. And since it is a defense secret I don't blame them for not revealing the source code. Too risky, if someone released it to an enemy state it would compromise our entire Air Force and every ally who bought our planes. Just takes one hack or unscrupulous person.

... somehow that doesn't strike me as a viable solution ...

Jim

I'm gonna apologize for the long ramble here, but there's a lot of egghead engineers in my family and one of my uncles wrote software for the RAF, so its been on our minds a bit.

Upfront I wanna say I don't entirely blame the US. Its their product, and they're selling it to us. I do blame Lockheed and Northrup though, I think what's happening has more to do with them than anything else.

If the Pentagon has decided not to release the source code to anyone, I don't think they're going to release the detailed schematics of the weapons systems and the details about their binary interfaces. That would expose even more knowledge about how these weapons and radar systems work, than if they'd just made the driver codes available. I, just guessing here, but I doubt we even have the drivers. They're likely encrypted binary blobs burned into some custom cpus, which are loaded at startup and decrypted with a key that's baked into the same cpus and unavailable outside of startup.

There's likely a way to hack it, but its not going to be easy by any stretch and I doubt the Pentagon would react friendly if they discovered the danish military doing that (even if it was just for the peace of mind of knowing there's no kill switches or backdoors). And I'd bet you a dollar that there's systems in place for detecting tampering. We'd have to airgap one of the planes while tampering with it, and try to convince the Pentagon that there's a good reason why one of the planes never leaves a particular hangar, or is never online.

But you're not far off about installing custom computer systems. Something like that could be possible. It would be its own parallel system connected to some other weaponry, and maybe some hacky partially working drivers for the radars. And that might be possible. Except the deal we have with the US precludes us making any changes to the planes. We have to specifically pay either Lockheed-Martin, or Nortrup Grumman for any changes we want. And they can't even be performed on our soil, the planes have to fly to a special facility in Florida for the customizations.

Israel and some other country was granted the rights to make the changes on their own soil. So I'm hoping we can get a similar deal to do our own customization, on our own turf, instead of sending the planes to Florida.

We aren't even allowed to produce the spare parts ourselves. We have all the factories neccessary, but if there's a component inside the engine that breaks often, we'll have to order it home.

I mean most of this has nothing to do with security, half of it is policy, but the bigger half is definitely Lockheed Martin and Northrup Grumman not wanting to lose a chance to earn money. They have heavy lobbying power with the Pentagon.

The only solution is to build up a supply of spare parts basically.

Did you know that the US Military has the same problem in various places? All the rockets launched by the US Air Force out of Vandenberg (save for the SpaceX launches), for the past few decades, have used Russian made engines. Only a few years ago Congress noticed this during a hearing about allowing SpaceX to compete for Air Force contracts. During the hearing United Launch Alliance was asked what they'd do if Russia decided that the US couldn't get anymore engines.

"We have a stockpile of engines" Was the reply. Basically enough engines for half a dozen more launches or so (as I recall it - might be a little off).

They're still being launched on Russian engines, though by 2021 or so a new all US-made engine should be ready.

Mostly, thankfully, the killswitches would be limited to the weapons and radars.

I'm always worried.

Denmark is part of the Seven-Eyes program. That means we work directly with the NSA on intelligence gathering. This was only revealed under Snowden. I think its more likely that someone from within the US would release that information, than someone in Denmark, but that's just me I guess.

A proper look at the drivers would be possible Sparko, without compromising the US. The software is likely on air-gapped networks over in the US. All we'd request is to be allowed to send two dozen engineers with an expertise in security and these kinds of systems. They'd look at the software on those systems. Review the ten million lines of code over a period of a year. Look for anything that opens mysterious socket connections, anything that could act as a kill switch. They could then compile the code on their own terminals, download the compiled encrypted binaries, take them home and load them into the planes at home, and the military could feel more confident and Denmark's sovereignty would be respected.

So doing that would be possible. I doubt the drivers were made impossible to update. Though they might be - you'd have to replace the chips each and every time in that case. The only reason they'd be locked in like that is because Lockheed Martin wants to make more money.

At any rate, I respect the US for making the FF-35 available for purchase. Its a good plane. It'll definitely be interesting to see if Russia will still brazenly fly over our cities if we can get these in the air. They can shoot down a MIG before the MIG can even lock onto it. Likely even before there's any contact, visible or radar.

But I don't know... grumble, grumble, grumble dontlikeit grumble....

Eh, it is what it is. The US was the reason Denmark is currently a part of Nato instead of getting budded out. And if the US leaves, we'll still remain close allies with the US. We've participated with the US has fought for the past couple of decades. In a minor capacy... we're a an itty bitty country.

I know our politicians want that relationship to continue. I hope it does too.

I doubt many people in the USA have access to the proprietary source code either Leonhard.

This is a very pertinent point. The US government doesn't actually own the data rights; the corporations building the jets do. As long as they control the software, they can charge big bucks for maintenance contracts.

Sometimes that's understandable, other times, when its about device drivers I think there's something fishy going on. I'm suspicious by nature Sparko. Also, like my grandfather I'm a tinkerer (I'm told... he died before I was born). I love taking things apart. I love repairing my own stuff.

The iPhone 6 I have I'm mostly capable of repairing. But if I upgraded to the iPhone 8 I wouldn't be able to replace say... the home button. Apple has now added chips to the home button, so that if its repaired with an equivalent component, but doesn't have the magic chip, then even though it works perfectly the phone force shuts down itself.

Another instance of a limit to tampering are Intel CPU's, where it recently turned out that they have their own operating system, on a small dedicated microprocessor. This operating system, has access to all of RAM, regardless of your operating system's settings, it has access to Ethernet, even past the firewalls you've set up, and it can listen for signals even when the computer is turned off.

Also NSA has a special deal with Intel to have that feature switched off in their CPU's.

Intel has not allowed third party security experts to even review that system, which is called the Management Engine.

In older Intel CPU's you could turn it off. Like it was done in the NSA systems. But with every CPU release Intel has made it progressively difficult to turn off that thing. Even if you don't need it. The CPU's will simply force shutdown themselves. There's been various attempts at writing software that can flip some magic switches in the CPU, and put it into a state where the Management Engine is turned off, but where it doesn't shut itself down.

Mixed results of course. And occasionally some people brick their system this way.

I don't like that. At all.

I mean even Google has been trying to get rid of that thing. You can read about that here https://www.extremetech.com/computin...agement-engine

I don't like Apple and Intel feeling like I'm leasing property that actually belongs to them. I prefer to own my tools, and repair them. If it breaks because I repair it wrongly, I'll take full responsibility, but I don't like companies making it intentionally hard to do that.