“Given Apple’s marketing toward the young and the trendy, you wouldn’t expect the U.S. Army to be much of a customer. Lieutenant Colonel C.J. Wallington is hoping hackers won’t expect it either,” Andy Greenberg reports for Forbes.
“Wallington, a division chief in the Army’s office of enterprise information systems, says the military is quietly working to integrate Macintosh computers into its systems to make them harder to hack,” Greenberg reports.
“The Army’s push to use Macs to help protect its computing corps got its start in August 2005, when General Steve Boutelle, the Army’s chief information officer, gave a speech calling for more diversity in the Army’s computer vendors. He argued the approach would both increase competition among military contractors and strengthen its IT defenses,” Greenberg reports. “Apple computers still satisfy only a tiny portion of the military’s voracious demand for computers. By Wallington’s estimate, around 20,000 of the Army’s 700,000 or so desktops and servers are Apple-made. He estimates that about a thousand Macs enter the Army’s ranks during each of its bi-annual hardware buying periods.”
“As early as February 2008, the Army is planning to introduce software, developed by Arlington, Texas-based Thursby Software, that will also enable Mac desktops and laptops to use CAC [Common Access Cards systems; heavily used by the military] –a change that should make it easier to get Macs into the service,” Greenberg reports.
MacDailyNews Note: Mac OS X has supported CAC since Mac OS X Tiger. More info here.
“Wallington points out that Apple’s X Serve servers, which are gradually becoming more commonplace in Army data centers, are proving their mettle. ‘Those are some of the most attacked computers there are. But the attacks used against them are designed for Windows-based machines, so they shrug them off,’ he says,” Greenberg reports.
“Jonathan Broskey, a former Apple employee who now heads the Army’s Apple program, argues that the Unix core at the center of the Mac OS operating system makes it easier to lock down a Mac than a Windows platform,” Greenberg reports.
Greenberg reports, “The marketing pitch that Apples are inherently more secure than PCs is also largely a myth, contends Charlie Miller, a software researcher with Independent Security Evaluators… ‘I love my Macs, but in terms of security, they’re behind the curve, compared to Windows,’ Miller warns.”
Full article here.
MacDailyNews Take: Charlie Miller. All talk and no action; unless he’s selling vulnerabilities for profit:
Andy Greenberg reported for Forbes, July 9, 2007, “”In the summer of 2005, Charlie Miller was working in his living room when he discovered a hackable vulnerability in a common species of server software. Miller knew he had found something dangerous. But until he offered his prize to a government agency five months later, he had no idea just how much it was worth. ‘I asked for $80,000,’ he says. ‘When the guy on the phone agreed immediately without consulting his boss, I knew I should have asked for much more.'”
Greenberg reports, “In fact, the unnamed agency eventually bargained the price for the information, an exploitable bug in the Linux server program Samba, down to $50,000. And what did the agency do with its newly purchased security hole? Miller received his check and didn’t ask questions. ‘They didn’t buy it in order to patch it,’ Miller says. ‘I can speculate that it wasn’t exactly used for the common good.'”
MacDailyNews Take: Lovely.
Full article here.
Charlie Miller is a idiot and Independent Security Evaluators would be out of business if it weren’t for windows.
Independent Security Evaluators = Ruinously devastated pertinence.
Let’s hope the US military doesn’t take too much of a fancy to them, anyone remember this:
“The Power Mac G4 is so fast that it is classified as a supercomputer by the U.S. government, and we are prohibited from exporting it to over 50 nations worldwide,” said Steve Jobs, Apple’s interim chief executive officer.
CNet, September 17, 1999
Oops, that should be CNN
If I made money securing peecee’s, I’d diss Mac’s too.
“My philosophy? A hundred-dollar shine on a three-dollar pair of shoes.”
Be all that you can be, with Apple.
The United States Army: Be Apple Strong.
Independent Security Evaluators.
The few, the proud, the maroons.
Independent Security Evaluators
Your Fear. Our Fortune.
Greenberg’s article is wrong about CAC. I’ve been using CAC with my Mac for over a year. OS X 10.4 and 10.5 have CAC reader drivers pre-installed, and Keychain handles the rest. On my Dell at work, we had to use multiple 3rd party add-ons to Windows in order to get CAC to work. Additionally, Macs can currently perform CAC log-in:
My Mac was hacked by the US. Military.
Why? Because I blogged certain details about a black bag operation in the Florida Keys involving “american speaking soldiers with funny wires sticking out of their arms” and “bodies washing up on shore” “survivers calling for their mother” (code of some sort)
I kid you not. With all the security issues of Mac OS X over the last year, Mac’s only GIVE THE ILLUSION OF SECURITY.
The military has a saying, “if it emits a signal, we can crack it”.
That’s a fact.
“”The marketing pitch that Apples are inherently more secure than PCs is also largely a myth, “
Apple doesn’t heavily market this. It’s mostly anecdotal information from users.
Not sure what you are trying to say, but it is scary none the less.
Give us more info, please. How was your Mac hacked? How did you find out? What proof do you have?