Feeds

US Army loads up on Apples for 'better security'

Mac users to suffer Chinese backdoor invasion?

Security for virtualized datacentres

In a development which may mean good or bad news for the partly-eaten-fruit-themed prestige computer firm, it has been revealed over the festive season that the US Army is increasing its use of Apple Macs.

An article in Forbes magazine revealed the military's (rather limited) newfound passion for Steve Jobs' high-priced Unix boxes. The biz mag quoted Lieutenant Colonel C J Wallington of the Army office of enterprise information systems as saying that Macs were more secure than Windows machines - an assertion often made by the Cupertino marketing department.

Wallington referred specifically to Apple Xserve systems introduced to Army data centres.

"Those are some of the most attacked computers there are. But the attacks used against them are designed for Windows-based machines, so they shrug them off," he said.

Though Apple penetration into the vast US military IT infrastructure has been small thus far, it has increased lately as part of a push to increase computer security by increasing diversity. The idea is that with a variety of different systems in use, no one attack can bring down everything. US Army CIO General Steve Boutelle inaugurated this plan in 2005.

Since then, the primary obstacle to widespread military Mac adoption (setting aside price and app software availability) has been compatibility with Common Access Card (CAC) keycard kit, widely used by US military computers. However, according to Forbes, CAC for Mac will be available from February 2008. The necessary code has been developed by Texan firm Thursby Software.

There are those, of course, who argue that reliance on Mac OS machines for security - on the theory that many fewer exploits have been developed against such platforms - is no more than security by obscurity. As soon as people (for instance the widely-feared Chinese military cyber forces) are motivated to attack Apple kit, it will be found to have many vulnerabilities previously unknown. Even a fairly small Mac takeup by the US military could furnish this motivation, leaving Apple fanciers worldwide in a situation similar to Windows users of recent years.

Of course one might also argue that attackers interested specifically in the US military would not publicise their exploits, and thus that ordinary civil users would have relatively little to fear.

Meanwhile, some also cast doubt on the whole security-through-diversity approach. Forbes also quoted Charlie Miller of Independent Security Evaluators, who gave it as his opinion that more platforms meant all were pulled down to the level of the weakest link.

"In the story of the three little pigs, did diversifying their defenses help? Not for the pig in the straw house,"* he said.

The Forbes writeup is here

*Though in fact, as we recall all three pigs were saved by fleeing to the brick house. Had straw-house piggy not been part of a diversified porcine defence strategy, his brothers would have also been in straw houses and all would have become wolf chow. Perhaps diversification would have been good in the case of a flood, in which the straw and wood dwellings could be easily turned into boats; unlike the lupine-halitosis-proofed brick one. Miller may be hot stuff at computer security, but he isn't much cop at making an argument using irrelevant references.

Providing a secure and efficient Helpdesk

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.