This article is more than 1 year old
HMS Windows XP: Britain's newest warship running Swiss Cheese OS
Spotted on carrier control room screens - reports
Updated The Royal Navy’s brand new £3.5bn aircraft carrier HMS Queen Elizabeth is currently* running Windows XP in her flying control room, according to reports.
Defence correspondents from The Times and The Guardian, when being given a tour of the carrier’s aft island – the rear of the two towers protruding above the ship’s main deck – spotted Windows XP apparently in the process of booting up on one of the screens in the flying control room, or Flyco.
“A computer screen inside a control room on HMS Queen Elizabeth was displaying Microsoft Windows XP – copyright 1985 to 2001 – when a group of journalists was given a tour of the £3 billion warship last week,” reported Deborah Haynes of The Times, accurately describing the copyright information on the XP loading screen.
Similarly, the Guardian’s Ewen MacAskill (who also worked on the Edward Snowden NSA revelations in 2013) noted: “During a tour of the carrier, screens were spotted using what appeared to be the outdated 2001 Windows XP operating system.”
The loading screen for XP Professional features the copyright info
The Ministry of Defence assured El Reg two years ago that the carrier would not be running XP, saying, when our eagle-eyed readers spotted the iconic XP default background on a techie’s laptop during a documentary about the ship: “The MoD can confirm that Windows XP will not be used by any onboard system when the ship becomes operational,” adding that this applied to sister ship HMS Prince of Wales.
Today, however, one of the minions in the ministry’s inventively named Main Building told us: “While we don’t comment on the specific systems used by our ships and submarines, we have absolute confidence in the security we have in place to keep the Royal Navy’s largest and most powerful ship safe and secure.”*
Flyco, the flying control room, aboard HMS Queen Elizabeth seen while under construction in December 2016. Crown copyright
The carrier’s Commander (Air) – head of flying, in naval parlance – Commander Mark Deller, evidently caught on the hop by the alert press pack, was quoted by the Guardian as saying: “The ship is well designed and there has been a very, very stringent procurement train that has ensured we are less susceptible to cyber than most.”
“When you buy a ship,” added Cdr Deller, “you don’t buy it today, you bought it 20 years ago. So what we put on the shelf and in the spec is probably what was good then. The reality is, we are always designed with spare capacity, so we will always have the ability to modify and upgrade. So whatever you see in the pictures, I think you will probably find we will be upgrading to whatever we want to have in due course.”
El Reg has not been able to identify the picture Cdr Deller refers to, but hopefully it’s not this screencap from a BBC documentary two years ago, as mentioned above:
Windows XP inside: The Aircraft Carrier Alliance is the conglomerate that built the two carriers for the Royal Navy
We have asked informed sources whether commonly used air traffic control software depends on Windows XP to run. HMS QE took a decade to build and fit out – and five years ago NATS, the UK’s air traffic control firm, ditched its Windows XP-based software in favour of private cloud-based remote desktop services for air traffic controllers. It is superficially plausible that “state of the art” air traffic control software in use prior to 2012 was specified for QE and has since been installed, despite XP being an ancient Swiss cheese.
As world+dog also reported, large chunks of the NHS were running Windows XP when it was struck down with the WannaCrypt ransomware earlier this year - though many failed to note that the operating system was not the attack vector used by the miscreants.
Though the British public sector keeps bunging Microsoft ever larger sums of cash to keep up extended XP support, you can only flog the dead donkey for so long. The MoD insisted that it has lots of folk worrying about cyber security so there's no need to worry.
On the bright side, things could be worse aboard QE in software terms. Flyco could have been running Windows 3.1, like Paris Orly International Airport was in November 2015. ®
*Updated at 1437 UTC 27/06/17 to add: While this would appear to be at odds with what we were told back in 2015, the Royal Navy has been in touch to say: "For clarification, the MOD line from 2015 stated 'The MoD can confirm that Windows XP will not be used by any onboard system when the ship becomes operational'; we are following a programme towards delivering a carrier Strike capability – ie, operational - for the UK from 2020."