Comments, corrections, additions welcome.
-- Rex Sanders, USGS
email@hidden
Fed-Talk mailing list
Frequently Asked Questions
Emailed monthly to email@hidden.
Last update: June 17, 2009.
Contents:
----- How can I get on or off the Fed-Talk mailing list?
----- How can I search the Fed-Talk archives before mailing my
question to
the entire list?
----- How can I browse the Fed-Talk archives?
----- Why doesn't Apple support the Enterprise market?
----- How can Apple sell Macs (or iPhones) to the Government when they
don't do "Z"?
----- How can I ask Apple to support Z?
----- How can I get my CAC card to work with Mac OS X?
----- How can I get my CAC card to work with Mail, Entourage,
Notes, ...?
----- Where can I find Mac OS X security guidelines or STIGs?
----- Where can I find iPhone security guidelines or STIGs?
----- Where is Apple's iPhone security guide?
----- What is the Army Golden Master? What is it's status?
----- What is FDCC? Where is the Mac OS X FDCC?
----- How do I encrypt all or part of my Mac's hard drive?
----- Alright, smarty pants, how do I meet the OMB M-06-16
requirement for
encryption?
----- How can I buy Apple products for the Federal Government?
----- How can I buy Macs without cameras, Bluetooth, or WiFi hardware?
----- Can't you disable cameras, Bluetooth, or WiFi with software,
duct
tape, SuperGlue, etc.?
----- How can I make iTunes iPhone app purchases using a Government
charge
card, without paying sales tax?
----- Can I buy Apple products for personal use with a discount?
----- Does Apple have a web site for Federal Government customers?
==========
----- How can I get on or off the Fed-Talk mailing list?
See the footer in every Fed-Talk message.
See also http://lists.apple.com/mailman/listinfo/fed-talk
Do not send subscribe or unsubscribe requests to the entire list.
----- How can I search the Fed-Talk archives before mailing my
question to
the entire list?
In theory you can use Apple's mailing list search engine from the
Fed- Talk
home page:
http://lists.apple.com/mailman/listinfo/fed-talk
In practice, Google works much better:
http://www.google.com/search?q=site:lists.apple.com+Fed-Talk
----- How can I browse the Fed-Talk archives?
http://lists.apple.com/archives/Fed-talk
----- Why doesn't Apple support the Enterprise market?
Apple does support the Enterprise market, just differently from
other IT
vendors. Attend WWDC to get some idea of the scope and depth of
Apple's
support for the Enterprise market. Apple is primarily a Consumer
company,
and is not focused on Enterprise or Federal Government issues.
Probably what concerns you is support for your favorite Enterprise-
like
feature, service, or process.
----- How can Apple sell Macs (or iPhones) to the Government when they
don't do "Z"?
The Federal Government is a large, diverse market. Just because Z is
required in your part, doesn't mean Z is required in every part. Just
because OMB/NIST/... requires Z for the entire Government, doesn't
mean Z
is being enforced everywhere uniformly. Apple manages to sell plenty
of
Macs and iPhones to many parts of the Federal Government without Z.
Please
make clear in your messages that *your part* of the Government
requires Z
now.
For "Z", substitute your favorite feature, service, or process.
----- How can I ask Apple to support "Z"?
- Contact your agency's Apple sales rep, who will probably tell you
to ...
- Get a free Apple Developer Connection account at
http://developer.apple.com. Post a detailed request on
http://bugreport.apple.com. Indicate approximately how many Macs are
affected. Be realistic, and report numbers only for your part of the
Government. Report the bug number to your Apple sales and
engineering reps.
Yes, reporting a feature request through the bug tracking system is
the
correct method. You should get a reply from Apple. You won't always
get a
reply you like.
- Send email to email@hidden. You are not likely to get a
reply from
Apple.
- Posting your request on Fed-Talk will not work. You might get
sympathy
from other list members.
----- How can I get my CAC card to work with Mac OS X?
----- How can I get my CAC card to work with Mail, Entourage,
Notes, ...?
[I hope someone else can answer these questions. I'm not in DoD]
----- Where can I find Mac OS X security guidelines or STIGs?
Your best source is within your part of the Federal Government. If you
can't find one ...
Apple Security Guides:
http://www.apple.com/support/security/guides/
Center for Internet Security:
http://www.cisecurity.org/bench_macosx.html
http://www.cisecurity.org/tools2/osx/
CIS_MacOSX_10.5_Benchmark_v1.0.pdf
You should not adopt these guides wholesale, they are the starting
point
for a STIG (Security Technical Implementation Guide) specific to
your part
of the Government.
Snow Leopard (Mac OS X 10.6) security guides will likely take several
months to appear from these sources. Until then, you are on your own.
----- Where can I find iPhone security guidelines or STIGs?
Your best source is within your part of the Federal Government. If you
can't find one ...
Center for Internet Security (under Mobile Devices near the bottom):
http://www.cisecurity.org/benchmarks.html
http://www.cisecurity.org/tools2/iphone/CIS_iPhone_2.2.1_Benchmark_v1.0.0.pdf
or possibly this post to Fed-Talk:
http://lists.apple.com/archives/Fed-talk/2009/Apr/msg00075.html
----- Where is Apple's iPhone security guide?
Not available at this time.
----- What is the Army Golden Master? What is it's status?
AGM is a project to create a standard, secure Mac OS X image for the
Army.
The project is in progress, and will be finished when the Army says
it's
finished.
----- What is FDCC? Where is the Mac OS X FDCC?
The Federal Desktop Core Configuration is a project to create and use
standard, secure configurations for Federal desktop computers.
http://fdcc.nist.gov
FDCC configurations for Windows XP and Vista have been released and
widely
implemented.
Mac OS X FDCC development is waiting for the Army Golden Master.
----- How do I encrypt all or part of my Mac's hard drive?
Depends on what you mean by encryption. ROT-13 works and runs quite
fast.
http://en.wikipedia.org/wiki/ROT-13
---- Alright, smarty pants, how do I meet the OMB M-06-16
requirement for
encryption?
You mean the one we were supposed to have fully deployed by August
7, 2006?
Ahh, that's different. You need encryption using FIPS 140-2 validated
cryptographic modules.
Some parts of the Government have approved interim or final encryption
methods for Mac OS X. Ask your security people.
Apple is in progress to get FIPS 140-2 validation for Mac OS X
security
modules. No ETA. Filevault or encrypted disk images created with Disk
Utility might meet your needs.
Some third party products claim to support FIPS 140-2 validated
whole disk
or partial disk encryption for Mac OS X. No reliable list exists.
Ask potential vendors for their specific FIPS 140-2 certification
number
for that particular Mac OS X product. Then check the NIST list of
validated
modules:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm
Some vendors confuse using a FIPS 140-2 accepted algorithm (e.g. 3DES,
AES), with having a FIPS 140-2 validated solution. Writing buggy
encryption
software is easy. Getting FIPS 140-2 validation is hard. Caveat
emptor.
----- How can I buy Apple products for the Federal Government?
Follow the purchasing rules for your part of the Government - every
part is
different. Some sources that might be available to you include:
- Apple online store for Government charge card purchases
http://www.apple.com/r/store/government/smartpay.html
- Apple GSA schedule and other major Federal contracts:
http://www.apple.com/r/store/government/reseller.html
- Apple resellers on GSA schedule:
https://www.gsaadvantage.gov
- NASA SEWP:
http://sewp.nasa.gov/
----- How can I buy Macs without cameras, Bluetooth, or WiFi hardware?
Two Apple resellers are authorized to remove these devices from Macs
before
shipping them to you:
- Holman's http://www.holmans.com
- Intelligent Decisions http://www.intelligent.net
These modified Macs must be serviced by these resellers under Apple
warranty or AppleCare. You cannot send modified Macs directly to
Apple for
warranty or AppleCare repair.
----- Can't you disable cameras, Bluetooth, or WiFi with software,
duct
tape, SuperGlue, etc.?
Yes. However, some parts of the Federal Government require removal
of the
offending parts.
----- How can I make iTunes iPhone app purchases using a Government
charge
card, without paying sales tax?
Move to a state without sales tax?
Apple knows this is a problem. At this time, the only solution is to
make
the purchase with sales tax, then contact your Apple sales rep to
get the
tax removed after the fact. Yes, that's a lot of work to remove a
few cents
from a 99 cent purchase.
----- Can I buy Apple products for personal use with a discount?
Apple offers a Federal Employee Purchase Plan, with discounted
prices on
many items, for all Federal Employees. Apple offers similar plans to
many
other large corporations. Yes, this is legal.
http://www.apple.com/r/store/government/epp.html
----- Does Apple have a web site for Federal Government customers?
http://www.apple.com/federal
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden