Feeds

US Army loads up on Apples for 'better security'

Mac users to suffer Chinese backdoor invasion?

Reducing the cost and complexity of web vulnerability management

In a development which may mean good or bad news for the partly-eaten-fruit-themed prestige computer firm, it has been revealed over the festive season that the US Army is increasing its use of Apple Macs.

An article in Forbes magazine revealed the military's (rather limited) newfound passion for Steve Jobs' high-priced Unix boxes. The biz mag quoted Lieutenant Colonel C J Wallington of the Army office of enterprise information systems as saying that Macs were more secure than Windows machines - an assertion often made by the Cupertino marketing department.

Wallington referred specifically to Apple Xserve systems introduced to Army data centres.

"Those are some of the most attacked computers there are. But the attacks used against them are designed for Windows-based machines, so they shrug them off," he said.

Though Apple penetration into the vast US military IT infrastructure has been small thus far, it has increased lately as part of a push to increase computer security by increasing diversity. The idea is that with a variety of different systems in use, no one attack can bring down everything. US Army CIO General Steve Boutelle inaugurated this plan in 2005.

Since then, the primary obstacle to widespread military Mac adoption (setting aside price and app software availability) has been compatibility with Common Access Card (CAC) keycard kit, widely used by US military computers. However, according to Forbes, CAC for Mac will be available from February 2008. The necessary code has been developed by Texan firm Thursby Software.

There are those, of course, who argue that reliance on Mac OS machines for security - on the theory that many fewer exploits have been developed against such platforms - is no more than security by obscurity. As soon as people (for instance the widely-feared Chinese military cyber forces) are motivated to attack Apple kit, it will be found to have many vulnerabilities previously unknown. Even a fairly small Mac takeup by the US military could furnish this motivation, leaving Apple fanciers worldwide in a situation similar to Windows users of recent years.

Of course one might also argue that attackers interested specifically in the US military would not publicise their exploits, and thus that ordinary civil users would have relatively little to fear.

Meanwhile, some also cast doubt on the whole security-through-diversity approach. Forbes also quoted Charlie Miller of Independent Security Evaluators, who gave it as his opinion that more platforms meant all were pulled down to the level of the weakest link.

"In the story of the three little pigs, did diversifying their defenses help? Not for the pig in the straw house,"* he said.

The Forbes writeup is here

*Though in fact, as we recall all three pigs were saved by fleeing to the brick house. Had straw-house piggy not been part of a diversified porcine defence strategy, his brothers would have also been in straw houses and all would have become wolf chow. Perhaps diversification would have been good in the case of a flood, in which the straw and wood dwellings could be easily turned into boats; unlike the lupine-halitosis-proofed brick one. Miller may be hot stuff at computer security, but he isn't much cop at making an argument using irrelevant references.

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Wanna keep your data for 1,000 YEARS? No? Hard luck, HDS wants you to anyway
Combine Blu-ray and M-DISC and you get this monster
US boffins demo 'twisted radio' mux
OAM takes wireless signals to 32 Gbps
Apple flops out 2FA for iCloud in bid to stop future nude selfie leaks
Millions of 4chan users howl with laughter as Cupertino slams stable door
Google+ GOING, GOING ... ? Newbie Gmailers no longer forced into mandatory ID slurp
Mountain View distances itself from lame 'network thingy'
Students playing with impressive racks? Yes, it's cluster comp time
The most comprehensive coverage the world has ever seen. Ever
Run little spreadsheet, run! IBM's Watson is coming to gobble you up
Big Blue's big super's big appetite for big data in big clouds for big analytics
Seagate's triple-headed Cerberus could SAVE the DISK WORLD
... and possibly bring us even more HAMR time. Yay!
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.