Slashdot Mirror

← Back to Stories (view on slashdot.org)

Army Buys Macs to Beef Up Security

Posted by Zonk on from the shiny-red-firewall dept.

agent_blue writes "The Army is integrating Macs into their IT network to thwart hack attempts. The Mac platform, they argue, is more secure because there are fewer attacks against OS X than Windows-based systems. 'Military procurement has long been driven by cost and availability of additional software--two measures where Macintosh computers have typically come up short against Windows-based PCs. Then there have been subtle but important barriers: For instance, Macintosh computers have long been incompatible with a security keycard-reading system known as Common Access Cards system, or CAC, which is heavily used by the military. The Army's Apple program, created [in 2005], is working to change that.'"

7 of 342 comments (clear)

  1. CAC on OS X has been working for a while... by Eagle7 · · Score: 4, Informative

    http://www.google.com/search?client=safari&rls=en&q=cac+on+mac&ie=UTF-8&oe=UTF-8

    Support is built into Safari, and it is possible to set it up to log into a Windows domain, I believe.

    --
    _sig_ is away
  2. Re:OpenBSD??? by Nerrd · · Score: 2, Informative

    I met airforce officers at a computer show in maine years ago, who were active developers of OpenBSD for the AF. Also, from what i remember, the navy started using PowerMac's years ago for the same reasons.

  3. Re:OMG Terrorists will attack Macs! by abigor · · Score: 3, Informative

    The NSA have an OS X hardening guide you may be interested in: http://www.nsa.gov/notices/notic00004.cfm?Address=/snac/os/applemac/I731-006R-2007.pdf

  4. Bah, MI-5's been doing this for years by ducomputergeek · · Score: 2, Informative
    http://www.imdb.com/title/tt0160904/

    But on the more serious note:

    Why not Linux?

    A: http://www.openbsd.org/

    Which at one time was a DARPA funded project.

    --
    "The problem with socialism is eventually you run out of other people's money" - Thatcher.
  5. Beg to differ, OS X at install pretty secure by SuperKendall · · Score: 4, Informative

    1) Out of the box, you don't have services running you can exploit.

    2) On install, OS X makes you chose a username so you have to log in to use the system.

    3) OS X by default is suspicious of all content coming in from the web.

    OS X already starts out with a high level of security, and doesn't do anything that would lead a user to weaken that without need (say opening a port for printer sharing).

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  6. No open ports by SuperKendall · · Score: 2, Informative

    1) No Bonjour services listen on open ports by default, even if the Bonjour handler itself may be running somewhere on the system.

    2) Bonjour is ZeroConf is Open Source. And included in Darwin...

    You don't have to assume anything, you can see it right there on a stock install.

    Aqua really is a lot more of a window manager, it's not there to handle things like Bonjour.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  7. Re:one point of failure by Anonymous Coward · · Score: 1, Informative

    Most Linux admins may *think* they can support Windows and Mac platforms... At a Tier I level, you're probably right, they could. Some could do so at a Tier II and very few could do so at a Tier III. There are simply too many nuances for each system. Supporting a few workstations is one thing, supporting a bunch of servers with 10 nines of availability is something else.

    Out of the 30 or unix sys admins in our organization (primarily Solaris and Aix with a little bit of IRIX in there) there's probably only 2 who would be capable of providing functional support to our organization's windows team. Vise versa as well.