This is not a drill. Per the governor’s office, this is the real screen that technicians see when they’re deciding whether to alert a U.S. state that a nuclear apocalypse is imminent. Now that I’ve seen it, the only surprise is that there isn’t a false alarm about a North Korean launch every other week.
This is the screen that set off the ballistic missile alert on Saturday. The operator clicked the PACOM (CDW) State Only link. The drill link is the one that was supposed to be clicked. #Hawaii pic.twitter.com/lDVnqUmyHa
— Honolulu Civil Beat (@CivilBeat) January 16, 2018
Everyone scoffed when the governor claimed that someone had triggered Saturday’s false alarm by hitting the wrong button but it’s not so hard to believe now, is it? (The “false alarm” option at the top of the photo was added only in the last few days, presumably to avoid 38-minute delays in calming people down the next time this happens.) If you use a computer regularly, you know at a glance why the design is egregious: It does nothing to visually segregate the “drill” option from the “real attack” (PACOM) option. At the barest minimum, you’d expect all test/drill options to be grouped together and all real-alert options to be grouped together rather than all jumbled up, so that a technician who wants to run a drill stays away from the real-alert options altogether. Ideally drills and real alerts would be on completely different parts of the screen as a visual cue as to which options are “safe” and which aren’t.
You’d also expect PACOM to be in a red font and/or blinking to warn of the gravity of selecting it. (I’ve seen at least one liberal on social media grumbie this morning that the poor interface here is a byproduct of underfunding state agencies. How much extra would it cost the state’s IT guy to red-font the “real attack” option?) And if you do select it, you’d certainly expect a dialog box to pop up announcing in 200-point font, “YOU’RE ABOUT TO SEND A REAL ALERT OF A MISSILE LAUNCH. ARE YOU SURE YOU WANT TO DO THIS?” Or better yet, as Jason Kottke notes, instead of offering the technician a simple yes/no option on whether to send the alert, you could have him type a specific word to initiate it. That’s happened to me before in using mundane productivity apps; if you want to delete something that’s potentially important, the app will require you to type “delete” rather than have you click anything since you’re more likely to make an absentminded mistake by clicking. Hawaii technicians could be forced to type “launch” to trigger the real alert and “drill’ to trigger the drill alert when they’re testing the system.
Even the placement of the new “false alarm” option is stupid. The last thing you want if there really is a missile launch is to have something sitting right there on the main screen that could be accidentally clicked and lead to Hawaiians not taking cover when they really need to. The obvious solution is to have the “drill options and the “real attack”/”false alarm” options on completely different pages so that technicians would stay entirely away from the latter except in case of a genuine emergency. At least now we understand why the person who initiated the alert on Saturday isn’t being fired. Even with his training, it’s all too easy to see how this mistake might have been made innocently.
In other nuclear-jitters news this morning, today a Japanese broadcaster issued its own false alarm about an inbound North Korean missile. Coincidence, or is someone playing a dangerous game by hacking alert systems?