RE: [Fed-Talk] Army to Encrypt Computers
RE: [Fed-Talk] Army to Encrypt Computers
- Subject: RE: [Fed-Talk] Army to Encrypt Computers
- From: "Acord, Kendra N C-E LCMC HQISEC" <email@hidden>
- Date: Thu, 24 Aug 2006 12:22:28 -0700
Title: RE: [Fed-Talk] Army to Encrypt Computers
File Vault is not the answer at all. Unfortunately, as far as I can tell Apple has never made good on their promise to pursue FIPS 140-2 certification of their encryption module. The requirement for data-at-rest encryption for the Army is a FIPS 140-2 AES algorithm and Common Criteria certification at EAL 3.
Kendra Acord
Wireless Systems Engineer
USAISEC-TIC
(520) 533-8282; DSN: 821-8282
email@hidden
-----Original Message-----
From: fed-talk-bounces+kendra.acord=email@hidden [mailto:fed-talk-bounces+kendra.acord=email@hidden] On Behalf Of email@hidden
Sent: Thursday, August 24, 2006 12:03 PM
To: email@hidden
Subject: Fed-talk Digest, Vol 3, Issue 221
Send Fed-talk mailing list submissions to
email@hidden
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.apple.com/mailman/listinfo/fed-talk
or, via email, send a message with subject or body 'help' to
email@hidden
You can reach the person managing the list at
email@hidden
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Fed-talk digest..."
Today's Topics:
1. Army to Encrypt Computers (Jim Emmons)
2. Re: Army to Encrypt Computers (Timothy J. Miller)
3. Re: Army to Encrypt Computers (Rex Sanders)
4. Re: Army to Encrypt Computers (Rich Trouton)
5. Re: Army to Encrypt Computers (Timothy J. Miller)
6. 35 Day Time Lapse video (Bob Blankenship)
7. Washington Post article (Tony Murphy)
8. Apple to Recall 1.8 Million Laptop Batteries (Stephen Bates)
----------------------------------------------------------------------
Message: 1
Date: Wed, 23 Aug 2006 12:49:52 -0700
From: "Jim Emmons" <email@hidden>
Subject: [Fed-Talk] Army to Encrypt Computers
To: <email@hidden>
Message-ID: <008901c6c6ed$4dbb57f0$email@hidden>
Content-Type: text/plain; charset="us-ascii"
In a recent speech, the Army CIO/G6, LTG Steve Boutelle, said that within
the next few weeks, all mobile computers (that are removed from secure
areas) will need to have the data on the machine encrypted. The approved
encryption software packages named are all Windows-based.
To meet this new requirement, is there any Mac-based (or further *nix-based)
software available that has been approved? If so, where can we get it, and
what are the costs?
The article may be found on Government Computing News at
http://www.gcn.com/online/vol1_no1/41759-1.html.
(In a more humorous vein, I would like to see someone encrypt a computer, as
opposed to the data on the computer - see the headline of the article.)
Thanks,
Jim
James Emmons
Computer Scientist CISSP GSEC IAM
Information Assurance and Security Engineering Directorate
U.S. Army Information Systems Engineering Command
------------------------------
Message: 2
Date: Wed, 23 Aug 2006 14:58:35 -0500
From: "Timothy J. Miller" <email@hidden>
Subject: Re: [Fed-Talk] Army to Encrypt Computers
To: Jim Emmons <email@hidden>
Cc: email@hidden
Message-ID: <email@hidden>
Content-Type: text/plain; charset="iso-8859-1"
Jim Emmons wrote:
> To meet this new requirement, is there any Mac-based (or further *nix-based)
> software available that has been approved? If so, where can we get it, and
> what are the costs?
I'd think that FileVault would be enough, if each user is careful to
keep data in his home directory.
-- Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2859 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.apple.com/mailman/private/fed-talk/attachments/20060823/c7a72f14/smime-0001.bin
------------------------------
Message: 3
Date: Wed, 23 Aug 2006 13:06:35 -0700
From: Rex Sanders <email@hidden>
Subject: Re: [Fed-Talk] Army to Encrypt Computers
To: <email@hidden>
Message-ID: <p06230900c11264f6e7b9@[130.118.62.71]>
Content-Type: text/plain; charset="us-ascii"
Similar draft policies are circulating in other Government agencies.
Expect this kind of request to become common in Government purchasing
requirements soon.
And no, FileVault is not the answer to every encryption request.
-- Rex
At 12:49 PM -0700 8/23/06, Jim Emmons wrote:
>In a recent speech, the Army CIO/G6, LTG Steve Boutelle, said that within
>the next few weeks, all mobile computers (that are removed from secure
>areas) will need to have the data on the machine encrypted. The approved
>encryption software packages named are all Windows-based.
>
>To meet this new requirement, is there any Mac-based (or further *nix-based)
>software available that has been approved? If so, where can we get it, and
>what are the costs?
>
>The article may be found on Government Computing News at
>http://www.gcn.com/online/vol1_no1/41759-1.html.
>
>(In a more humorous vein, I would like to see someone encrypt a computer, as
>opposed to the data on the computer - see the headline of the article.)
>
>Thanks,
> Jim
>
>James Emmons
>Computer Scientist CISSP GSEC IAM
>Information Assurance and Security Engineering Directorate
>U.S. Army Information Systems Engineering Command
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>
>This email sent to email@hidden
------------------------------
Message: 4
Date: Wed, 23 Aug 2006 16:45:06 -0400
From: Rich Trouton <email@hidden>
Subject: Re: [Fed-Talk] Army to Encrypt Computers
To: "Timothy J. Miller" <email@hidden>
Cc: email@hidden, Jim Emmons <email@hidden>
Message-ID: <email@hidden>
Content-Type: text/plain; charset="windows-1252"
FileVault's not a total answer. It's hard to tie into a directory
service system, let alone a mobile home system. It's also currently a
backup nightmare.
Rich
On Aug 23, 2006, at 3:58 PM, Timothy J. Miller wrote:
> Jim Emmons wrote:
>
> > To meet this new requirement, is there any Mac-based (or further
> *nix-based)
> > software available that has been approved? If so, where can we
> get it, and
> > what are the costs?
>
> I'd think that FileVault would be enough, if each user is careful to
> keep data in his home directory.
>
> -- Tim
---
Rich Trouton (Contractor)
LAN Support
email@hidden
-----------------------------------------------------------
National Human Genome Research Institute
National Institutes of Health - Bethesda, MD
Office number:
(240) 643-7816
NHGRI LAN Support number:
(301) 402-7408
The best way to get in touch with me is through email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.apple.com/mailman/private/fed-talk/attachments/20060823/cd4665cc/attachment-0001.html
------------------------------
Message: 5
Date: Wed, 23 Aug 2006 15:54:29 -0500
From: "Timothy J. Miller" <email@hidden>
Subject: Re: [Fed-Talk] Army to Encrypt Computers
To: Rex Sanders <email@hidden>
Cc: email@hidden
Message-ID: <email@hidden>
Content-Type: text/plain; charset="iso-8859-1"
Rex Sanders wrote:
> Expect this kind of request to become common in Government purchasing
> requirements soon.
OMB mandated it for the US gov't, and the deadline is already passed
(Memo dated 23 Jun with a 45-day deadline). It should be in requirements
for new purchases *now*. :)
> And no, FileVault is not the answer to every encryption request.
No, but in this case it might be. While the memo says "encrypt all
data," the clear goal is to encrypt sensitive data. This is difficult
on Windows because data tends to be all over the FS, so full-disk
encryption is the only real answer. On UNIX systems--and Apple is
one--data tends to be in the home directory, so something like FileVault
*potentially* is enough.
It's still safer to encrypt the whole drive, though.
The *real* problem is "Where's the drive key?" Not a one of the extant
products is CAC-enabled...
-- Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2859 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.apple.com/mailman/private/fed-talk/attachments/20060823/de581a17/smime-0001.bin
------------------------------
Message: 6
Date: Thu, 24 Aug 2006 10:50:04 -0500
From: Bob Blankenship <email@hidden>
Subject: [Fed-Talk] 35 Day Time Lapse video
To: <email@hidden>
Message-ID: <C11334DC.E3FC%email@hidden>
Content-Type: text/plain; charset="us-ascii"
Skipped content of type multipart/alternative-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1739 bytes
Desc: not available
Url : http://lists.apple.com/mailman/private/fed-talk/attachments/20060824/5606e2f7/attachment-0001.jpe
------------------------------
Message: 7
Date: Thu, 24 Aug 2006 12:31:28 -0400
From: Tony Murphy <email@hidden>
Subject: [Fed-Talk] Washington Post article
To: Fedtalk <email@hidden>
Message-ID: <email@hidden>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
http://www.washingtonpost.com/wp-dyn/content/article/2006/08/23/
AR2006082301226.html
Tony Murphy
571.215.1632
email@hidden
------------------------------
Message: 8
Date: Thu, 24 Aug 2006 13:23:33 -0400
From: "Stephen Bates" <email@hidden>
Subject: [Fed-Talk] Apple to Recall 1.8 Million Laptop Batteries
To: "email@hidden" <email@hidden>
Message-ID:
<email@hidden>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
100m to Creative, another couple hundred million on battery recall
(see below WSJ article).
Pretty soon you're talking real money...
vrsb
-----Original Message-----
From: WSJ.com Editors [mailto:email@hidden]
Sent: Thursday, August 24, 2006 1:02 PM
To: Stephen Bates
Subject: WSJ TECH ALERT: Apple to Recall 1.8 Million Laptop Batteries
__________________________________
TECHNOLOGY ALERT
from The Wall Street Journal.
Aug. 24, 2006
Apple Computer is issuing its own big recall of laptop computer
batteries, on the heels of a recall by rival Dell that cast a harsh
light on the perils of a widely used battery technology. The Consumer
Product Safety Commission said Apple plans to recall 1.1 million
batteries in the U.S., plus 700,000 batteries sold in other countries.
The batteries, like those in the Dell recall, were made by a a unit
Sony.
FOR MORE INFORMATION, see:
http://online.wsj.com/article/0,,SB115643854777844595,00.html?mod=djemalert
__________________________________
Copyright 2006 Dow Jones & Company, Inc. All Rights Reserved.
--
email@hidden | +1 703-608-4753
------------------------------
_______________________________________________
Fed-talk mailing list
email@hidden
http://lists.apple.com/mailman/listinfo/fed-talk
End of Fed-talk Digest, Vol 3, Issue 221
****************************************
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden