Re: [Fed-Talk] Question on Mac approval
Re: [Fed-Talk] Question on Mac approval
- Subject: Re: [Fed-Talk] Question on Mac approval
- From: Mike Bainter <email@hidden>
- Date: Fri, 30 Aug 2013 10:22:36 -0700
Could you please provide a link or source regarding your statement that 10.6 is EOL?
Thanks!
Mike
On Aug 29, 2013, at 4:36 PM, Joel Esler wrote:
> 10.6 is eol. No patches. So is 10.5 obviously.
>
> --
> Joel Esler
>
>> On Aug 29, 2013, at 7:21 PM, "Beatty, Daniel D CIV NAVAIR, 474300D" <email@hidden> wrote:
>>
>> Hi Peter,
>> First, I should say take it easy. I am not against you. That said, you kind of proved my point. Apple has buy in with NIST, and from the point of view of having a good product. It is just as much a matter of our relevance as a customer as it is their relevance as a provider.
>>
>> The point I made about OSI is very relevant. The USG also mandated that OSI be used throughout its networks. In other words, OSI was supposed to be the network. Just when did OSI work? IBM had a few prototypes that did not live up to its own standards. If we played by that rule, the internet would never have been. However, the President mandated use of the internet in 1994. What do you think the people were doing in between the two mandates? A lot of people were using the internet, even in the USG, before the President's mandate. Were they in violation of mandates? Or did they choose to comply with their mission, which also a mandate? There is always someone who has the ability to get our customers what they need to do their job, even if it removes us from relevance. It happened in the case OSI.
>>
>> In any case, you are right in the fact we should encourage Apple on higher standards. We should check both with Apple and their third party supporters. There is always some incentive to encourage mutual goals.
>>
>> V/R,
>>
>> Daniel Beatty, Ph.D.
>> Computer Scientist
>> Code 474300D
>> 1 Administration Circle. M/S 1109
>> China Lake, CA 93555
>> email@hidden
>> (760)939-7097
>>
>>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Peter Thoenen - NOAA Federal [mailto:email@hidden]
>> Sent: Thursday, August 29, 2013 2:57 PM
>> To: Beatty, Daniel D CIV NAVAIR, 474300D; Fed Talk
>> Subject: RE: [Fed-Talk] Question on Mac approval
>>
>> True but irrelevant IMHO. Regardless of the private sector we have a statutory requirement within the Federal IT space to follow NIST SP800-70 via 800-53 CM-2 via FIPS200.
>>
>> If a commercial vendor can't meet hard requirements, then we simply shouldn't be using that vendor. We seem to understand that in all procurements EXCEPT It procurements, i.e. we don't use construction contractors that can't meet code (and history of such) nor do we purchase
>> various other widgets that can't meet our requirements. In IT (because we
>> hate to imagine ourselves as a boring commodity/utility instead of a sexy sales/rockstar/engineer/creative class) we have a distinct inability to simply follow the rules as written.
>>
>> If the requirement is 10.6, then you use 10.6. If you can't use 10.6, then buy something else.
>>
>> And once again I'm saying that from a high horse, I live in the same reality as the rest of you were in practice our supervisors and senior organizational managers say "Don't care, want to sexy widget" :)
>>
>>> -----Original Message-----
>>> From: fed-talk-bounces+peter.thoenen=email@hidden
>>> [mailto:fed-talk-
>>> bounces+peter.thoenen=email@hidden] On Behalf Of Beatty,
>>> Daniel D CIV NAVAIR, 474300D
>>> Sent: Thursday, August 29, 2013 10:08
>>> To: Fed Talk (email@hidden)
>>> Subject: Re: [Fed-Talk] Question on Mac approval
>>>
>>> Hi Paul,
>>> That is kind of the point. When the Federal government is not the
>>> only customer, those other customers may have a greater influence.
>>> Hence, the notion of standards is kind of a requirement.
>>> However, for such a thing to have value there has to be buy in by all
>>> parties, including the manufactures. If a manufacture can say, my
>>> customers don't need it, then it is hard to influence an outcome that
>>> has the feature desired.
>>>
>>> On the flip side, the OSI veterans can fill an ear about how they had the
>>> "right people" on their committees. OSI talked a good
>>> scheme, but TCP-IP walked the walk much more effectively. The irony
>>> was that TCP-IP was built into every BSD variant, and thus the
>>> internet was borne. OSI wanted the credit, but in the end their
>>> vendors buy in looked like "sunk cash."
>>>
>>> What will happen with NIST/DISA standards for security? They have the
>>> buy in, just like OSI. However, Apple looks like the TCP-IP
>>> cowboy. So is there a pattern?
>>>
>>> V/R,
>>>
>>> Daniel Beatty, Ph.D.
>>> Computer Scientist
>>> Code 474300D
>>> 1 Administration Circle. M/S 1109
>>> China Lake, CA 93555
>>> email@hidden
>>> (760)939-7097
>>>
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: fed-talk-bounces+daniel.beatty=email@hidden
>>> [mailto:fed-talk-bounces+daniel.beatty=email@hidden]
>>> On Behalf Of Robinson, Paul, DVI/DMA-Fort Meade
>>> Sent: Thursday, August 29, 2013 12:33 PM
>>> To: Disiena, Ridley (GRC-VG00)[DB Consulting Group, Inc.]; Moore,
>>> Dallas
>>> Cc: Apple Fed-Talk List
>>> Subject: Re: [Fed-Talk] Question on Mac approval
>>>
>>> This point Ridley makes (see below) is illustrated by the 10.8 release.
>>> Apple's disk encryption capability changed in 10.8. In 10.7 the CAC
>>> could be used to provide the encryption key making it possible to boot
>>> up the computer with a CAC. 10.8 dropped this support, so encryption
>>> is via username/password. Once set it is not possible to enable CAC
>>> login.
>>>
>>> The only solution is to procure a third-party disk encryption tool for
>>> DAR compliance. I expressed this to an Apple rep yesterday and he
>>> says their focus is small groups use of the workstations, despite the
>>> enterprise use of the Apple OS across the Apple enterprise.
>>> Sad really.
>>>
>>> Paul Robinson, CISSP
>>> Defense Media Activity
>>>
>>> From: "Disiena, Ridley (GRC-VG00)[DB Consulting Group, Inc.]"
>>> <email@hidden<mailto:email@hidden>>
>>> Date: Thursday, August 29, 2013 12:31 PM
>>> To: "Moore, Dallas"
>>> <email@hidden<mailto:email@hidden>>
>>> Cc: Apple Fed-Talk List
>>> <email@hidden<mailto:email@hidden>>
>>> Subject: Re: [Fed-Talk] Question on Mac approval
>>>
>>> Another reason in my opinion, is the rapid release cycle from Apple
>>> which is only compounded by the veil of secrecy and lack of confidence
>>> the federal space has in the future releases. Most if not all Federal
>>> agencies have no assurance in what security features will remain in
>>> Apple provided operating systems from one version to the next, year
>>> after year, what will be deprecated / left limping with lack of
>>> adequate support, or what will be removed entirely and cease to be a
>>> feature.
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Fed-talk mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>> mil
>>>
>>> This email sent to email@hidden
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> _______________________________________________
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden