Air Force Orders Up A Custom Windows Monoculture

Soulfader writes "It seems that the Air Force has not learned from the Navy's folly in single-source mammoth contracts and their attendant problems, and is now working on something similar with Dell and Microsoft. Particularly interesting is the article's assertion that the Air Force is 'fed up' with Microsoft OS problems--but not enough to switch to something else. Instead, they're going to be getting a custom 'solution' of Windows products specially configured for their use. Is this the ever-hoped-for 'good' version of Windows, or more along the line of the sucks-in-new-and-interesting-ways version of Highlander II?"

What's wrong with OS X?

[sockonafish]

The FBI uses OS X, why won't the military consider it?

And no, it's not because of the don't ask don't tell policy.

Re:What's wrong with OS X?

[Linuxathome]

I've always thought that Linux evangelists should advocate the Windows user to buy Macs. If users who switch at all wanted to learn *nix, they could always crack open the terminal application and learn a few commandline commands and shell scripting techniques to make their Mac experience all the more useful and efficient. Then after they become more adept at *nix in general, the migration to Linux is easy (that is, if they want to give up the niceties of Mac OS X :). For example, how many of us Windows users wanted to be able to send email without the need to setup SMTP settings in Outlook or Netscape mail -- thus avoiding the terrible restrictions our ISPs have on email transport? Mac users have it easy, they can easily enable sendmail in their systems, since sendmail is packaged but inactive in the standard Mac OS X system.

Re:What's wrong with OS X?

[Coryoth]

Sez you. Now go get a bid from IBM or EDS for managing your desktop environment with 6 different platforms. I guarantee that it will come in way way way over the Windows bid.

Sorry, the network in your mom's basement does not remotely represent a huge desktop deployment.

Who said anything about 6 different Desktops? I mentioned 2, OS X and Linux, and those two were well divided with regard to role. It is hardly a big ask to maintain developer/research desktops separately to corporate desktops. You can give the corporate desktop to [anyone but EDS], and run the developer desktop bid separately. The important point is division according to role - it hardly matters if the corporate and developer desktops aren't in line. As for maintaining the servers - that's what Sun service contracts are for.

Jedidiah.

Was mentioned on CNET and ZDNET on 11/19/2004

[antdude]

CNET News.com and ZDNet.

"The Air Force is consolidating its 38 software contracts and nine support contracts with Microsoft into two all-encompassing, agencywide agreements, according to a statement seen by CNET News.com.

The contract, done in conjunction with Dell, will call for the installation and configuration of software as well as ongoing maintenance and upgrades. The deal, which includes 525,000 licenses of Microsoft's Windows and Office, is valued at $500 million over six years, according to Microsoft."

Posted this on my AQFL Web site and even submitted to /. (rejected) on 11/19/2004.

Re:Eww gross!

Ahh...nice troll, nice indeed. I guess you haven't looked at the webpage for the project any time recently? The part where major stable and development releases coming out in early November might be a good one to look at.

Dumb fuck.

Classified Systems

95% of the classified systems I've run into are running *nix (in one flavor or another) The systems on my base are proposing to switch to RedHat in the next year. It's not all Windows

SELinux?

[nocotigo]

Why the hell did the U.S. government even bother with SELinux if they won't use it?

Re:SELinux?

[Coryoth]

Head over the the NSA and read some of their papers about SELinux, and what it was intended for. It was not intended to be the ultimate secure OS. If you read between the lines, its mre like a bunch of NSA people got so pissed off with the current complete lack of security in commercially available OSs, so grabbed Linux and hacked in Mandatory Access Controls without any real difficulty and turned it back to the community as a demonstration to say "See, it isn't so damn hard to make things a lot more secure".

I wouldn't make any bets as to whether the NSA themselves make a lot of use of SELinux. They won't really tell you what they use. They do certainly know alot about writing secure OS code though, considering how fast they managed to put SELinux together.

Random fact: The NSA web site has never been hacked or defaced. The CIA, FBI, the White House etc. have all been hacked, even if it is rarely and briefly. The NSA... never. You can't tell me it's for lack of trying.

Jedidiah.

Re:SELinux?

[moosesocks]

Wow. If the design of their website doesn't give you a 'Big-brother' impression, nothing will.

Seriously... are they GLOATING at the fact that they're an agency which literally nobody knows what they're doing.

Heck, I remember reading somewhere that during WWII, the mere existance of the British equivilant to the NSA was known of by somewhere along the liens of two or three people outside of the agency itself -- Churchill was one of them.

Re:Actually, Windows can be quite stable...

Get ProcessGuard for Windows....no process can run without your approval (once). This is way better than an antivirus or anti-spyware...this is anti-anything that executes PERIOD. (Including regular programs or services if you don't approve)

Also deals with global hooks, dll injection, and kernel root kits, and protect physical memory...

THIS makes windows secure...

http://www.diamondcs.com.au/processguard/

Windows and the AF and Navy

These single size fits all solutions are typical of the military. The concern Ihave is that the Justice Department is not reviewing these contracts in view of the anti-trust law suits that MS lost. Additionally, the government and the military are supposed to aviod the appearance of backing a single company yet it would appear the the DOD is firmly in bed with Microsoft, Dell, and EDS. I would encourage all the readers of Slashdot to write their Congressional representatives and the President of the U. S. demanding an accounting of how each piece of these contract was justified.

write your congressman

[acvh]

How about a federal regulation prohibiting the government from doing business with a convicted monopolist? Hell, if felons can't vote, why should felonious corporations benefit from government contracts?

Gilligan spoke...

[acvh]

From an interview with Air Force CIO John Gilligan, "Do we like what the Navy is doing? Apart from the fact that it's all one big contract, yeah, there are a lot of good things about that. As you may know, they're struggling on some areas -- it's gone a lot slower than they would like, the contractor is having problems, etc. -- so that is why I am caveating the statement. Would we do it exactly that way? No. Do we plan in the future to outsource increasingly some of our infrastructure? Yes. In fact, I'm looking for us to begin that dialogue with industry in earnest about nine months from now. "

I wonder what changed his mind?

Re:NMCI Mystery

[dedeman]

Hmmm, well I can't say why he would have thought this was a "success" particularly, but there are a few factors at work here.

#1 The Capt, Col, whoever, in charge of J6 or whatever dept heads up the IT scheme told him it was a success.

#2 CINPACFLT (or someone) told him it would be a success

#3 His C4I Dept heads or NCTAMSPAC told him it was a success, as it is always a good idea to tell the boss his idea is great

#4 NMCI was pitched to someone (Adm somebody) as the end all be all of information systems uniformity (buzzword!), as a tenet of more functional C4I, (or is it C5I now?) infrastructure

#5 Because someone used a great many cool buzzwords to confuse the old leadership

#6 Someone believes uniformity to be the hallmark to wise financial expenditure and a better computer user experience.

To summarize, whoever is making the decisions (old men who yell "just make the damn thing work!") will be impressed seeing some eagle with anchors somewhere with the word "security" thrown in there, and told (by someone who is a good salesman) that this is what is needed in a 21st century Navy. Hell, just look at this five vector crap we have now.

Re:NMCI Mystery

We had an E6 get an award for 100% account creation at our command.
Everyone had logged on at least once....

This is one comment I hope to stay A. and C. on.
The NMCI sucks so badly, our travel claim pay is three to six months behind.

Re:Such BS

The cost of software isn't the only factor - management and maintenance of the software costs way more than initial aquisition cost.

Linux, quite simply, blows in a managed environment.

Active Directory Group Policies, WMI, systems management server (inventory, software distribution, remote control), Operating System Deployment Feature Pack, MOM for the servers... management tools.

Oh, and they all work together, with relative ease.

I'm by no means an MS aplogist, but the Linux crowd has a long way to go before I can take them seriously enough to deploy on the 2500 desktops I am responsible for - and the 20K desktops that are in our entire enterprise.

Linux works great on the server - we have 'em all over. But it would be more practical for us to switch to Mac OSX than Linux on the desktop. And that ain't gonna happen either as we have really good pricing (as does the Air Force and Navy) via our enterprise agreements. All that stuff I quoted above - bundled in as part of our EA - the whole package. It really does work well together and makes managing my 2500 desktops quite nice.

Set up in a managed enterprise environment, windows is a stable and capable performer with lower cost of integration than any other platform out there. Might change someday, but not today.

So, when the armchair slashdot quarterbacks out there are really responsible for 2500 desktops and have their job hinging on their ability to carry out the organizations core mission instead of half baked IT experiments, then I'll be listening. Show me the tools, show me they work and I'll consider it - I enjoy the hell out of tweaking our MS sales rep - I would love nothing more than to have a real stick to hit him with instead of a bunch of trash talking on an "advocacy" web site...

Re:NMCI Mystery

[Camel+Pilot]

Mod the parent up as he speaks the truth.

I also labor under the nmci network. I work at research lab were we are working on the next generation technology but the nmci contract requires us to use prior generation tools!

A little known fact about the navy's tansition is that they sold the entire network infrastructure to a private concern! EDS actually "owns" the navy's entire infrastucture including the cable plant, routers, and desktop computers. this decision is so astounding dumb for several different reasons. first, if the contract doesn't work out (which it does not) how do you divorce yourself from a company that owns your infrastructure! keep in mind the navy has to work within a year-to-year budget, so if they decided to take back the infrastructure they could not because of the expense.

second, do you think it as wise to trust all your important secrets to single source? we are small detachment, our local file storage was sensible local before. now our "lan" is a "wan" over 2000 miles away! which creates preformance and reliabilty problems and nicely concentrates information for a would be hacker.

Then there is the monoculture thing, the slow desktop thing and the inability to use the software that works best for us. last I checked the list of approved software we could use mozilla v1.1. I was looking into writing a command and control intraface using xul and moz and now have to resort to vb.

Re:PC/Mac price comparisons

[danila]

This was stupid, but apparently mods chose to ignore this fact. You don't buy a P2 for a "missing critical" security sensitive computer. Where would you get a replacement CPU, ISA card, 150Watt power supply and other old stuff when your computer breaks? Not to mention the fact that many applications may be developed for the browser platform (which sadly means you need a relatively modern PC to run it and a stable OS) and many other factors.

Just the day before yesterday I saw a PC that was responsible for radiactive material video control (client workstation) on a Russian-Finnish border. Apparently, someone succumbed to the temptation to get an el cheapo brand of P2 (or was it Pentium?), and let me tell you - it wasn't pretty.

Low-end system is theoretically feasible, but in practice you face so many different requirements, problems and issues, that buying a standard modern medium-range PC is a smart decision, even if that means paying a few hundreds extra for each. The cost of commodity computer hardware is rarely the biggest factor in any organisation or business.

Full disclosure: this post was typed on Intel Pentium MMX 200MGhz computer with 192Mb of RAM (it costed about 1000$, AFAIR) using Opera 7.54 on Windows 98. It's sluggish, even though perfectly functional.