Feeds

US Army loads up on Apples for 'better security'

Mac users to suffer Chinese backdoor invasion?

Secure remote control for conventional and virtual desktops

In a development which may mean good or bad news for the partly-eaten-fruit-themed prestige computer firm, it has been revealed over the festive season that the US Army is increasing its use of Apple Macs.

An article in Forbes magazine revealed the military's (rather limited) newfound passion for Steve Jobs' high-priced Unix boxes. The biz mag quoted Lieutenant Colonel C J Wallington of the Army office of enterprise information systems as saying that Macs were more secure than Windows machines - an assertion often made by the Cupertino marketing department.

Wallington referred specifically to Apple Xserve systems introduced to Army data centres.

"Those are some of the most attacked computers there are. But the attacks used against them are designed for Windows-based machines, so they shrug them off," he said.

Though Apple penetration into the vast US military IT infrastructure has been small thus far, it has increased lately as part of a push to increase computer security by increasing diversity. The idea is that with a variety of different systems in use, no one attack can bring down everything. US Army CIO General Steve Boutelle inaugurated this plan in 2005.

Since then, the primary obstacle to widespread military Mac adoption (setting aside price and app software availability) has been compatibility with Common Access Card (CAC) keycard kit, widely used by US military computers. However, according to Forbes, CAC for Mac will be available from February 2008. The necessary code has been developed by Texan firm Thursby Software.

There are those, of course, who argue that reliance on Mac OS machines for security - on the theory that many fewer exploits have been developed against such platforms - is no more than security by obscurity. As soon as people (for instance the widely-feared Chinese military cyber forces) are motivated to attack Apple kit, it will be found to have many vulnerabilities previously unknown. Even a fairly small Mac takeup by the US military could furnish this motivation, leaving Apple fanciers worldwide in a situation similar to Windows users of recent years.

Of course one might also argue that attackers interested specifically in the US military would not publicise their exploits, and thus that ordinary civil users would have relatively little to fear.

Meanwhile, some also cast doubt on the whole security-through-diversity approach. Forbes also quoted Charlie Miller of Independent Security Evaluators, who gave it as his opinion that more platforms meant all were pulled down to the level of the weakest link.

"In the story of the three little pigs, did diversifying their defenses help? Not for the pig in the straw house,"* he said.

The Forbes writeup is here

*Though in fact, as we recall all three pigs were saved by fleeing to the brick house. Had straw-house piggy not been part of a diversified porcine defence strategy, his brothers would have also been in straw houses and all would have become wolf chow. Perhaps diversification would have been good in the case of a flood, in which the straw and wood dwellings could be easily turned into boats; unlike the lupine-halitosis-proofed brick one. Miller may be hot stuff at computer security, but he isn't much cop at making an argument using irrelevant references.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
Turnbull should spare us all airline-magazine-grade cloud hype
Box-hugger is not a dirty word, Minister. Box-huggers make the cloud WORK
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.