Slashdot Mirror
U.S. Government Prepares For Vista
IO ERROR writes "Patrick Svenburg, program manager for Windows Client Solutions in Microsoft Federal, answered questions from government IT managers today about the upcoming Windows Vista release. Many of the questions were about BitLocker, Microsoft's new drive encryption technology, as well as other security questions, upgrading from Windows XP, IPv6 deployment and more. Svenburg is a member of the Windows Vista Launch Team and is leading early adoption efforts for Windows Vista within the Federal community, according to Government Computer News."
I signed up to be a beta tester for Vista.
I make money by helping people with THEIR windows problems.
I wanted to beat the learning curve.
When Vista hits the streets I'm ready to go make money helping people.
I'm 6 months ahead of the game.
But personally, I'll stick with my Linux.
that's just what I heard.
How we know is more important than what we know.
I found response to the DITSCAP question a friging joke. BTW, DITSCAP has been phased out for http://iase.disa.mil/ditscap/index.html DIACAP, the microsoft guy should have know that! Without going into the details... The DoD should demand microsoft do the DIACAP for their OS. If you've ever gone throught the DITSCAP process you would know why... It is a major pain in the ass and was/is crap. Contractors that provide other softwares are or should be required to go through this process, why on earth can the DoD not demand the same from the maker of the primary OS used by them. If the DoD follows their own rules/regs/instructions Vista shouldn't hit the desktop till at least LATE 2008. Bunk I Tell ya!
Still got no threading and its been over 7 hours.
You don't know how much you miss something until its gone do you?
liqbase
"Svenburg is a member of the Windows Vista Launch Team and is leading early adoption efforts for Windows Vista within the Federal community" The USG should adopt a policy of never being an early adopter. Recently-released software generally has too many bugs to be used safely.
Child pornographers. I notice none of these people asked the obvious question about the destructive potential of BitLocker on the science of computer forensics.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
"early adoption efforts for Windows Vista within the Federal community"
Hmm... OK, I'll allow the "itsatrap" just this once; it makes sense here.
Now we have to wait until Windows Vista SP1 is out before the government can be fixed.
What's all this talk about Vista being an "Upgrade" from XP.. ?
MABASPLOOM!
U.S. Government prepares for Vista ...
... by asking the Department of Homeland Security to raise the National Threat Advisory to level orange.
Does the U.S. Government (or any government in the world) get to audit the source code of Vista for themselves? If not, why not?
That means that any computer running with less than 2G of RAM and without a 7900GTX GPU is going to be tossed out as obsolete.
Bet on it! Cheap PCs are-a-comin.......
government prepares for upgraded spam zombies
Why can't we reply to people now? What idiot came up with this?
- The secretary level(basic Word, Excel,..). Something else would work fine.
- The Critical Service Level. Windows should be driven far away
- The Scientific User. They mostly use Linux anyway. The one exception is CAD.
So only the CAD'ers might need Vista, but they probably don't. So why does the gov care? And did I make a mistake in the list?Inventions have long since reached their limit, and I see no hope for further development.-- Frontinus, 1st cent. AD
"Look lady, I know your ISA Client no longer works under Vista, but I am only a GS11. I am only allowed by law to turn off your transparencies, or tweak your ClearType settings. When I am promoted, they will let me defrag you, but only on Tuesdays unless it is raining, which means I can defrag only on Fridays. You need a GS13 to fix network shit, sorry."
You know, Microsoft usually has either extremely dull or extremely stupid names for their products or features, but Bitlocker strikes me as actually being pretty cool. And it's not every day that they do something nifty, so write this one down.
As for the asshats asking about why threading is disabled, GO READ ABOUT IT ON THE FRONT PAGE. A little research won't kill you.
If all my base are belong to you and I attempt to retrieve my base, does that mean I'm freebasing?
I work for a DoD organization and a few weeks ago received a new Core2 Duo machine with 1 gig of ram, and SATA2 hd. The graphics are basic on-board stuff, but that is not too shabby. The machine came with XP, but considering the machines they are rolling out to us it does look like we are preparing for Vista. Or it could be that the P4s with 256 megs of ram in them just couldn't handle the encryption on network traffic.
I have been wondering for years if Windows already has something like that. Initially it would have been motivated by the fact that in case of a cyberwar, the US Govt. should have an upper hand if the rivals happen to use any MS products....
Enormous disruption, hogwash. Your post is garbage. Almost all of the adminning is the same and none of the non-microsoft apps are disrupted in the slightest. If you are talking about the office clones that sit at their workstation, login, and use office suites all day long, then I agree theres no reason those people need to be in windows. But the disturbage to them is no more than equal to the disturbage of using someone else's OS and office suite, and as someone who has used windows for practically of his life that he can remember, I can state with utter certainty that other windows developers who have been using windows for most of _their_ lives are more in the zone and capable of making software that feels right in the subtle ways to a windows user than is some gnu java hack.
rats on a treadmill ... keep paying that microsoft tax ...
I was wondering why all the K-Y lubricant.
The race isn't always to the swift... but that's the way to bet!
I recall a comment some months ago that bitlocker was this impenetrable wall of security, unless you're the admin, in which case you own it. (sort of like the master password feature in OS X's filevault, but manditory) Did they do away with this yet?
I work for the Department of Redundancy Department.
All you get after the last release of XP service packs is some shiny buttons and a new file system? Their transparent panels and animated folders could have been implemented as add-on themes to Win95, whats so special about it? Same about the file system. Now if it had included built in protocols for ssh, had disk partitioning tools, included CD/DVD writing tools, developer tools, an built in office environment, etc. then it would have amounted to something. All the Linux distros have been having these features since 2003 - and for free! Oh and Linux has shiny buttons too. But still it runs at blazing speeds at sub-512MB memory speeds. I'd rather contribute $50 to GNU folks who make a fully loaded operating system, than pay 300 for a lame ass dysfunctional Vista loaded with nothing but bling-bling. And the government is gonna shell out $$$ for each licensed version of Vista and subsequently another $500 something for the Office 2007 (more shine). And you wonder how we run into trillions of dollars worth of deficit.
Face your daemons!
"I use a Mac because I'm just better than you are."
I think it's a joke that Microsoft thinks that BitLocker will allow us to more easily decommission computers. Right now we have to write the entire drive with zeros twice, then verify it. Or we can send them to be destroyed magnetically. There is no way that encryption will be considered good enough.
Unless you get permission, you aren't allowed to have encrypted data on any govt owned hard drive you may be using. BitLocker won't be allowed under current rules. Anyway, the government has shown they're incompetent, schizo, and paranoid about security. They want to use a secure OS, as long as it's Windows. They want COTS, to save money, but they can't get it through their heads that the commercial world does not share their views on security. The commercial world has in effect decided that the costs of the extreme measures the govt wants are not justifiable. Businesses are not interested in spending billions to formally verify everything. It would entail a massive redesign (for instance to a microkernel architecture) so that more formal verification is even possible. That's why there's almost nothing that has met EAL 5 or higher standards. And if that's not enough, govt doesn't want just security, they want the power to give out or take away security as they please, and don't seem to get that that's often not possible-- can't put the genie back in the bottle for one, and for another any form of security that can be "taken away" isn't security. They're all hung up over "made in the USA" or rather "coded in the USA" because foreigners can't be trusted not to put backdoors and traps and so forth in the code, so that's why Linux isn't acceptable, but it's ok to have Mexicans or Nicaraguans illegally in the US build the buildings and roads for the government. Military commanders risk their troops lives sending them on patrols in Iraq or Afghanistan, but they won't dare use some unapproved system such as Windows XP (has to be Windows 2000), because the punishments are so severe. If something goes wrong and it's discovered they used unapproved software, no matter how widely used and known and trusted, not only could they be kicked out of the service, they could be jailed.
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
"U.S. Government Prepares For Vista"
I wonder what the DEFCON level is.
/* No Comment */
It'll be three years before a single agency goes vista. The testing and approval process is long and painful. DOD is just starting now to roll out XP five years after launch. There aren't compelling reasons to upgrade yet, and the third party support isn't there. Most importantly, the crappy administrators they get from learncomputersfast.com don't know how to work it yet.
People who think they know everything really piss off those of us that actually do.
I've prepared by deciding not to install it. Problem solved!
And this is a bad thing?
Genius is one percent inspiration and 99 percent perspiration, which is why engineers sometimes smell really bad.
Whoever decided that we should "upgrade" to vista is obviously just trying to make up stuff to do to keep their job. Govt. contractors and DoD guys do that all the time... "Hey sir, we need a new [fill in the blank] for this and that mission. Can we get some appropriations for that? ...No no sir, it's absolutely imperative for our mission here." Maybe now they'll make us get rid of our Unix systems.(Hahahaha sure.)
President Thomas Whitmore: I don't understand, where does all this come from? How do you get funding for something like this?
Julius Levinson: You don't actually think they spend $20,000.00 on a hammer, $30,000.00 on a toilet seat do you?
"It's a time machine Napoleon, I bought it online."
I tried Microsoft's new "BitLocker" encryption, but it kept saying "nsa.gov not found"
Maybe I should get IPv6 working so my PC can get a personal IP address like Microsoft said. This wont be too hard. Someone spraypainted my IPv6 address outside my house.
I'll go out and write it down once the homeless guy eating out of my rubbish bin leaves. He looks a lot like Donald Rumsfeld. He saw me looking and waved at me. I pretended not to see him.
At least the government and many people were prepaired for disasters on Dec 31 1999. Disasters that for the most part never happened. Now the BIGEST diaster of all time (computer-wise) is about to hit, and there is no preparation at all!!!!
Better have the water and gas tanks filled and plenty on non-perishable food on hand!!!
The VISTA virus is gonna hit and hit HARD!!!!!!!!!!!!!!!!!
If you smooth out the V & tighten Es' middle bar up to it's riser you can predict the things they haven't even said yet.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
"U.S. Government Prepares For Vista"
I didn't realize Vista would include an upgrade path from Windows 3.x.
From TFA:
you can control device insertion to the point where you can prevent USB sticks from being used while allowing use of a USB keyboard and mouse
I've been wondering recently if such a functionality is available in Linux. One of my clients is a health center that would like to migrate toward a thin-client solution. We'd like to keep people from storing, or worse carrying out, "protected health information," so being able to block USB storage devices would be a good feature.
If anyone here works for the government, you'll be the first to know that the government is generally 5 years behind the ball. At my government agency, we just moved from Lotus cc:Mail to Exchange/Outlook, and there are still several thousand people still on cc:Mail.
We're planning on moving to WinXP some time next year (not Vista.)
We still have DOS and Win95 workstations.
"Maybe there are people in the world that are not so stupid as to believe that only people doing illegal things encrypt their files."
Yeah but none of them work in government.
You forgot special case number four and five:
4. The people who run customised, in house, windows only apps that run a large portion of the gov'ts bussiness logic (be it Excel macros, Acess databases with VB frontends, the whole nine yards).
This turns out to be a very large amount of people, if not a mild majority of them, and porting these would prolly cost more than switching over to Linux in the first place.
5. The overworked-as-it-is IT staff who currently manage ten thousand desktops using and wouldn't have any way to currently undergo the switch, even if they could find time and money for it in their budget (which they prolly can't).
The primary configuration of BitLocker involves a TPM. If your computer has one, the key is stored in the TPM, and automatically provided on boot (you can optionally require a PIN). If you don't have a TPM, you can store the key on the active partition*, on a USB key, or possibly on a plain old floppy disk (our instructor wasn't sure on that one). As a last resort you can export a recovery key as a long alphanumeric string (48 characters I believe) and print it or save it somewhere.
If you have the key and the drive, you can get the data, and since the perpetrator probably doesn't want to type a 48-character recovery key every time he boots the PC, he most likely has a key disk of some sort laying around. You might still have to get through the PIN, but I imagine that's a lot easier to brute-force than a 256-bit key (or you can legally compel him to tell you, but we'll assume he's an uncooperative sod and refuses).
* To use BitLocker, you have to have a small active partition that is NOT the OS partition, which is where the BitLocker stuff loads from on boot. You can actually put the key here as well, if you have no TPM and don't want to have to carry around a separate disk.
-- Old Man Kensey
Listen to Leo, people - he's spot on: Vista is a significant break fram what users expect in a Windows box, probably the biggest such leap since the shell beta for NT 3.51 got out, showcasing the Win95 GUI (a blatant rip-off of Norton Desktop). So why not use this break to push Linux instead? If you're looking at significant re-training, hardware upgrades AND licensing - why not just go for the re-training and skip the other two costs? Makes perfect business sense.
Money for nothing, pix for free