Here’s how Hawaii’s emergency alert design led to a false alarm - The Verge

The disastrous false alarm issued by Hawaii over the weekend has raised concerns about what safeguards the state had in place. The state-wide alert, which told people a ballistic missile was about to hit, terrified residents and visitors, as the state scrambled for 38 minutes to issue a correction.

Officials soon released a timeline of events, saying the state’s software contained a menu option that allowed a live alert to be sent in place of a test, a problem that several people quickly categorized as a design failure. The state released an image that showed a list with options for test and live alerts next to each other. Officials later said the image did not accurately portray the system, and released what it characterized as a “representation” of the system, but said that it could not share an actual screenshot.

While the state has not named its software provider, evidence suggests it is an Idaho-based company called AlertSense, a FEMA-approved company that says it works with clients in states around the country. The audio version of the alert broadcast in Hawaii was posted on the company’s website. The first image released by Hawaii also appears similar to example software provided to The Verge by AlertSense. For instance, the word “templates” appears above the alert options in AlertSense’s software, and is barely visible in the first image issued by the state. (A local TV station in Hawaii independently came to the same conclusion.) The Verge’s review of the program suggests that functionally there is only a one-click difference between sending a test and a live alert.

Image: Hawaii Emergency Management Agency

Image: AlertSense

AlertSense would not confirm whether it was the vendor of the software, but in an interview with The Verge, it provided a presentation that outlines how its system works. (The Hawaii Emergency Management Agency declined to comment.)

AlertSense CTO Randy Grohs explained that there are essentially two paths to send an alert using the system. In one, an alert is created from scratch. The user of the software fills in information for the alert, like where it’s being sent, what the message says, and crucially, whether it’s a test or live alert.

But the company also lets software users create “templates” — options that fill in all of the information with one click. Templates can be created for both test and live alerts. (Hawaii has publicly said that the person who sent the false alarm chose an incorrect template option.)

Regardless of what’s selected, the user then has the opportunity to review the information before submitting the alert.

A pop-up box is the final step in sending the alert. The box has the same message, whether a live or test alert is sent: “Are you sure you want to send this Alert?”

AlertSense describes the system as an eight-step process. If you select a template, some of those steps include scrolling through and checking auto-filled information, but even so, the company says, it requires more than one click to send an alert. In Idaho, the company points out, a news segment ran this week about AlertSense having safeguards to prevent what happened in Hawaii.

But effectively, when using a template, there are three clicks, whether a live message or test is sent. If the information in those templates isn’t double-checked, the versions would look essentially the same. The main difference is whether the user clicks the test template option or the real one. The company says it may now alter the final pop-up confirmation to be different for test and live alerts.

“If you don’t follow best practices, the difference between sending live and a demo can be configured to be a small difference,” Grohs says.

https://www.theverge.com/2018/1/18/16905512/hawaii-missile-software-false-alarm-emergency-alert