I’m sure you’ve all heard by now that, on Saturday, January 13th, Hawaii’s Emergency Alert system sent out an SMS message to everybody that said:
BALLISTIC MISSILE THREAD INBOUND TO HAWAII. SEEK IMMEDIATE SHELTER. THIS IS NOT A DRILL.
A half hour later, a message was sent out that this message was a false alarm and there was no missile attack at all. (You can read Michelle Broder Van Dyke’s twitter thread that has pictures and everything here.)
Now, according to the governor, this was caused by an employee pushing the wrong button. Here’s the quotation from the article:
“It was a mistake made during a standard procedure at the change over of a shift, and an employee pushed the wrong button,” he said.
I am very relieved that the end of the world appears to be delayed for a couple more weeks but I have questions about this sort of thing and find it far too easy to question the official narrative.
Here’s what we know: a message saying “missile warning, this is not a drill” got sent out and it took 38 minutes to send out the message that said “whoops, yeah, this is a drill”. When asked about it, the authorities said that this was a mistake that happened when an employee pushed a button.
So let’s look at the possibilities:
1. The message was sent out mistakenly
2. The message was sent out deliberately but the sender knew that there wasn’t a missile
3. The message was sent out deliberately but the sender thought that there was a missile
4. The missile was sent, exploded, and we’re all living in a simulation or dead and in the afterlife or something
So let’s look at the first one:
As buttons go, having a single button that sends out a *VERY* specific message dealing with missile attacks makes me wonder exactly how many messages they have assigned to how many buttons. I mean, if a button got pushed that sent out an email that said “there’s a storm coming and it’s going to be a doozy, get to shelter”, that would make sense to me. Hawaii probably has doozies of a storm often enough that you’d want a message like that to be sendable with a single push of a button.
But a missile attack?
And, on top of that, it’s a button that can be pushed accidentally during a routine shift change? Maybe we’d want a plastic thing over that button that you have to flip up before the button is pressed. Perhaps two buttons (on two different sides of the room) that require being pressed at the same time. Maybe a key that has to be turned before the button is pushable.
I think that we’re lucky that the mistake does not yet appear to have a death toll because I could easily see how something awful could have happened by panicky people responding to a “THIS IS NOT A DRILL” message. Though I suppose that some of the panicky responses could result in a net positive number of lives due to the message… something for an intrepid journalist to investigate 9 months from now.
But if this was a mistake, there needs to be a full accounting, with maps, and descriptions of fixes, and somebody getting fired. This has created one heck of a callus for not only Hawaii but the entire country: the next time that there is an SMS message being sent out saying that there is an attack incoming and THIS IS NOT A DRILL, there will be a huge number of people who just won’t believe it.
So let’s look at the second one:
Off the top of my head, there are a couple of ways that a message could be sent out deliberately with the sender knowing that there wasn’t a missile. The first is that it was a “prank” by a stupid/malicious actor who hacked into the system. The second is that it was a “prank” by a stupid/malicious actor who had legitimate access to the system.
Given that the former exposes a *HUGE* vulnerability, the best response is the government covering up by saying something like “yeah, Joe Blow bumped the button with his elbow during shift change. Oh that Joe!” and figure out, right freaking now, what other systems have these vulnerabilities and patch those holes closed as quickly as possible and start pouring money into computer security.
The latter strikes me as being less likely for the authorities to be willing to cover up (but, I suppose, theoretically possible). If you have a prankster, it’s going to be turned into political hay by somebody. Better to deny the political hay and have the official story be Joe Blow “accidentally” bumped the “button”. Then you fire Joe if he’s firable and you transfer him if he’s not.
And the official story can remain that this was not done deliberately.
The third one is where we *REALLY* get into tin foil hat territory.
Somebody thought that there was a missile. The only proper response is to send out the alert. Maybe it’s because there *WAS* a missile! And our Star Wars program shot it down! But if The People knew that there was an attack, it’d demand a response! And so in order to prevent megadeaths (or even gigadeaths), we say that the SMS message was sent out in error. Whoops. Oh that Joe. Then we go to bed knowing that we saved the world until the next time.
(This strikes me as really, really, really, really unlikely. For one, South Korea and Japan would have known that there was a missile and this would have been all over Korean and Japanese twitter a few minutes before the SMS message went out. Korean and Japanese twitter was not all over this a few minutes before the SMS message went out. Therefore, there was no missile. Q.E.D.)
But maybe they thought there was a missile *MISTAKENLY*. Like they thought that a plane or a drone or a UFO or an undigested bit of beef, a blot of mustard, a crumb of cheese, a fragment of underdone potato. They responded in the only moral way they knew how: they pushed the button and warned their friends and loved ones. And, wouldn’t you know it, it was a bird.
And, at that point, well… there were a number of institutional failures there that need protections. Two-man verification from now on. No sending the SMS unless you’ve got an okay from the supervisor and the supervisor’s manager and the supervisor’s manager’s boss too. And the official story is that the button was pushed by accident.
As for the fourth one, that strikes me as not likely at all but, hey, it’s technically a possibility.
What *REALLY* happened? Well, we don’t know exactly quite yet and probably won’t for at least a few weeks until the official narrative coalesces fully.
As for “why did it take 38 minutes to send out the correction?”, we spoke to friends who had recently taken an extended vacation in Hawaii. They shrugged and said “Island time”. So maybe that’s the explanation there.
All that to say: I’m glad it’s not the end of the world. Yet, anyway.