“Given Apple’s marketing toward the young and the trendy, you wouldn’t expect the U.S. Army to be much of a customer. Lieutenant Colonel C.J. Wallington is hoping hackers won’t expect it either,” Andy Greenberg reports for Forbes.
“Wallington, a division chief in the Army’s office of enterprise information systems, says the military is quietly working to integrate Macintosh computers into its systems to make them harder to hack,” Greenberg reports.
“The Army’s push to use Macs to help protect its computing corps got its start in August 2005, when General Steve Boutelle, the Army’s chief information officer, gave a speech calling for more diversity in the Army’s computer vendors. He argued the approach would both increase competition among military contractors and strengthen its IT defenses,” Greenberg reports. “Apple computers still satisfy only a tiny portion of the military’s voracious demand for computers. By Wallington’s estimate, around 20,000 of the Army’s 700,000 or so desktops and servers are Apple-made. He estimates that about a thousand Macs enter the Army’s ranks during each of its bi-annual hardware buying periods.”
“As early as February 2008, the Army is planning to introduce software, developed by Arlington, Texas-based Thursby Software, that will also enable Mac desktops and laptops to use CAC [Common Access Cards systems; heavily used by the military] –a change that should make it easier to get Macs into the service,” Greenberg reports.
MacDailyNews Note: Mac OS X has supported CAC since Mac OS X Tiger. More info here.
“Wallington points out that Apple’s X Serve servers, which are gradually becoming more commonplace in Army data centers, are proving their mettle. ‘Those are some of the most attacked computers there are. But the attacks used against them are designed for Windows-based machines, so they shrug them off,’ he says,” Greenberg reports.
“Jonathan Broskey, a former Apple employee who now heads the Army’s Apple program, argues that the Unix core at the center of the Mac OS operating system makes it easier to lock down a Mac than a Windows platform,” Greenberg reports.
Greenberg reports, “The marketing pitch that Apples are inherently more secure than PCs is also largely a myth, contends Charlie Miller, a software researcher with Independent Security Evaluators… ‘I love my Macs, but in terms of security, they’re behind the curve, compared to Windows,’ Miller warns.”
Full article here.
MacDailyNews Take: Charlie Miller. All talk and no action; unless he’s selling vulnerabilities for profit:
Andy Greenberg reported for Forbes, July 9, 2007, “”In the summer of 2005, Charlie Miller was working in his living room when he discovered a hackable vulnerability in a common species of server software. Miller knew he had found something dangerous. But until he offered his prize to a government agency five months later, he had no idea just how much it was worth. ‘I asked for $80,000,’ he says. ‘When the guy on the phone agreed immediately without consulting his boss, I knew I should have asked for much more.'”
Greenberg reports, “In fact, the unnamed agency eventually bargained the price for the information, an exploitable bug in the Linux server program Samba, down to $50,000. And what did the agency do with its newly purchased security hole? Miller received his check and didn’t ask questions. ‘They didn’t buy it in order to patch it,’ Miller says. ‘I can speculate that it wasn’t exactly used for the common good.'”
MacDailyNews Take: Lovely.
Full article here.