Apple Computer Inc. is seeking Common Criteria evaluation of Mac OS X, which could open government doors wider to open-source software. Apple wants a Common Criteria Evaluated Assurance Level 3, which “costs big bucks,” said John Hurley, Apple’s security policy architect. “It’s a pain in the neck to spend that money.” Elsewhere, C|Net has two more Apple-related articles here and here.
Apple Pushes Feds Toward Broader Open-Source Use
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
From the article “It’s still a debate whether open-source development produces more security than the proprietary method,” Maughan said. But a diverse environment with multiple operating systems could make an organization less vulnerable to exploits, but diversity is limited today
This is one of the two contraversial points made in the security paper by Dan Greer and co-workers. The paper “CyberInsecurity:The cost of Monopoly” can be found at http://www.ccianet.org/papers/cyberinsecurity.pdf
It looks like this view is becoming mainstream. When Apple gets OS/X certified, the federal government will be able to choose a BSD-based OS running a Mach kernel. I’ll bet that will give MS a run for its money. It there anyway for a patron (like IBM) to step forward and to sponsor Linux (or one of the BSDs)? It would be costly, but it seems like money well spend for anyone opposed to an industry dominated by a monopoly supplier.
How about security, is that even an issue to you?
“‘at cost’ pricing” — When was the last time that happened in the government? Do you think for a minute that IBM, SGI, Sun or any other vendors have provided this?
I am tired of certain parts of the Federal Government only running Windows. I don’t want my government held hostage to the vagaries of MS security issues and OS design.
Show me the data on the retraining costs as well.
“The vast majority of Federal applications only run on Windows. It would take billions of dollars to retrain any significant number of Federal workers to use Macs instead of Windows. ”
Not likely. At the speed of intranet based gov’t apps adoption, i doubt it takes ‘billions’ to train on point and click.
I certaintly want my tax dollars to go to a virus free system.
i don’t want government employees that are being paid by my tax dollars to have a media player installed on their work PCs. i don’t want their PCs to be crippled by *almost* weekly exploits that are discovered and realized. i don’t want them wasting more of my money on power for CPUs with huge pipelines and high cooling costs. i don’t want the FBI using an OS with a security model that allows almost anyone full control modify (read: destroy) anything on the system, or an email client or office suite that has more exploits then OS X and all its software combined (including Microsoft Office for OS X, which until this past week was responsible for the only virus on OS X, written as a Word Macro).
and i agree with the last poster, i don’t want my tax dollars spent on proprietary software from an illegal monopoly that they’ve already convicted (and are continually blessing, not punishing). and how many government purchased computers do you think cost much less then an equivelent apple workstation? i doubt the one sitting in front of me did. they’re not building these white box, they are ordering them from manufacturers.
Linux, BSD, OS X, a flavor of Unix, heck, i’d be happy if they used any of those, and probably some other ones that i don’t know about. but not windows. there’s no way anyone concerned with security or stability should choose windows.
“OS X wouldn’t be here without open-source,” Hurley said. “Everything that isn’t graphical is open-source.”
What does he mean by graphical?
imovie,itunes,isync,rest of iapps = graphical???
he was probably referring to everything having to do with the BSD subsystem, and not programs that make use of the graphical interface.
that’s not entirely true, though, as apple has included commandline tools that are definitely not graphical and definitely not open source (ie softwareupdate, open, screencapture, etc).
i doubt anyone is proposing that they switch the entire government instantly over to macs. they are simply trying to get macs available in government positions where windows machines are inadequate security wise.
Windows is remarkably virus-free if you install anti-virus software and keep your virus definitions up to date.
oh silly me. of course windows is virus free if you go through all these expensive measures and procedures. except for those new viruses, and those social engineering viruses, and those undetermined security exploits, and, and.. sorry. that doesn’t cut it. mac os x is not just more secure than windows by design, but also in track record.
if more developers used cross-platform toolkits and languages (Qt, wxWindows, Java, openstep) then they could easily port software. this wouldn’t be an issue, and porting wouldn’t be a great cost to tax payers. i think you should write your congressman to tell the government to stop buying software developed with the sole intent to lock them into one platform, not giving the government choice between a convicted monopoly and a company that values open source and the end users.
Rather than spending many billions on new Macs and rewriting most of the government applications (most of which are Windows and not web) to run on Mac, I’d rather improve the existing security.
so how do you suggest the government go about doing this when they don’t have the source code to windows? this is quite easy with an open system like BSD.
The vast majority of Federal applications only run on Windows. It would take billions of dollars to retrain any significant number of Federal workers to use Macs instead of Windows.
Are you guys counting embedded systems when you number Federal applications running only on Windows? I’ve got some cruise missiles, strike aircraft, stealth aircraft, satellites, Mars rovers, etc. that say you’re wrong.
There have been two major negative points made about Federal Agencies buying Macintosh systems. First that Macintoshes cost too much, and it would be a waist of tax dollars to buy them. Second the cost of converting applications would be too high. Both of these comments stem from a narrow understanding of computer costs and purchasing.
The first thing you need to understand is that the government rarely if ever buys components and builds computers, nor do they buy computers from Wal-Mart. Like private business they buy a mix of name brand products, either direct from the manufacture or from resellers that add some form of value. In either case they never pay full retail. Apple has been successful selling computers into the educational market even against heavy price competition. Just as schools get competitive pricing from Apple you can expect the government to get the same.
Also government purchases decisions are not always based on hardware costs alone. They often (but not always) consider cost of ownership issues. This can include maintenance fees, training fees, software costs,life expectancy, etc. These other costs can be substantial and there is no reason why Apple can’t compete in these areas.
Consider this, say the government pays $200 more for a Mac, and uses that Mac for 2 years. Now say the employee it is assigned to makes $60,000 per year. The loaded cost of that employee is probably closer to $100,000 dollar per year or about $48.00 per hour. Apple only needs to demonstrate a little more than 2 hours per year, of avoided down time for that employee, to justify the purchase.
Any purchase decision must take into account the cost of converting software. However how much impact does that have on the normal office PC in the government. Most government workers depend on same core tools business users do, word processing, spread sheet, email, and web access. These are all available on the Macintosh. Of the remaining tools, some are web based and therefore not a great problem. The remaining software that is truly customized to some other operating system may be an obstacle. However after you eliminate all the devices running incompatible software a large population of devices could still remain and be converted.
For some purchases programs the cost of software conversion might be unavoidable regardless of the OS selection. When my company converted 15,000 devices from Windows 98 to XP a substantial amount of the software had to be rewritten or upgraded. The software conversion costs involved with moving from Windows 98 to Mac OS might not have been substantially higher.
I read things like this and every time it gets me thinking this is one step closer to OS X Server running on IBM servers.
http://www.macnn.com/news/20518
Granted they’re all running YellowDog, but this was before 10.3 and the security improvements it utilized. Who knows what they’re running now… Anyone? Anyone? Bueller? Bueller?
And yet you’re quite happy with GWB bailing out Boeing to the tune of $30billion by purchasing refueling aircrafts that where no required. If you’re going to moan about corporate welfare, lets start at the biggest; agricultural subsidies then work out from there.
Frankly, the govt isn’t following it’s own guidelines buying only windows OS PCs. In almost every field of technology the Govt requires the right to Dual-source where it gets stuff from. Sure the complicated stuff like jet fighters only goes to one company…but they buy the specs seperately…so they can [and DO!] move contracts if neccessary away from underperforming suppliers. It’s amazing that they don’t hold desktop PCs and servers to the same candle….that or Billy is in for a shocking surprise when the Pentagon gets it’s act together and requires MS give all it’s source so somebody else can fix it!
There really is no value in Macintosh for government or big business.
All the mainstream business applications run on Windows, not on Macintosh. All the custom business applications that aren’t web run on Mac. And even the web applications would all have to be retested and validated vs. iKonqueror (i.e. Safari).
Introducing Macintosh into government justs adds more headaches — application conversion, usage retraining, another hardware platform to support, another software platform to support, another web platform to support, cross-platform compatibility and connectivity issues, etc.
In this day and age of government agencies not being able to talk to each other well, the last thing we need is more computer and software platforms.
Let’s keep Macintosh where it’s useful — pro-audio, pro-video, iPod host, etc.
There really is no place for Macintosh outside of a number of small niches or as an executive status item that no one else can afford.
oh silly me. of course windows is virus free if you go through all these expensive measures and procedures.
You spend upwards of $1200 on a decent machine and aren’t willing to spend $50 for anti virus? come on.
Let’s bring some things into perspective here. First what you people may not realize is the mounds of hassle that government agencies have to go through to get software/hardware systems. One reason the Air Forces main logistics program is still DOS based. Coupled with the fact that it’s probably close to 10 times more expensive for a government entity to upgrade outdated systems compared to a private corporation. Coupled with the fact that the government doesn’t maintain an IT staff, contractors come in build a system then it goes to the lowest bidder for maintenance. So that is one reason windows is so popular its still less of a hassle than anything OSS can provide currently.
that’s not entirely true. what if the amount of productivity people gained just from using a mac from a year more than triple paid for the machine?
Why does anyone care either way about this decision? Unless you’re a gov’t employee who’s happy to finally be able to use a mac at work or one who hates macs like the plague and will go postal if you have to deal with one, why should you have an emotional response to this article? [It would be too bad if the postal service started using macs too]. The zealotry is astoundingly stupid, inane, and infantile.
The taxpayer doesn’t lose anything and the government gains something. Hopefully no mission-critical systems are running on a stock consumer-grade OS, but having multiple sources for hardware is great for those departments that need this sort of equipment. Ultimately the computers will be a far smaller source of government waste than government employeers themselves, so who gives a damn about marginal productivity differences between platforms?
The point is, you can use Darwin in some way and bid for a government contract without having to pay for the certification. Its about creating buisness oportunity.
BTW.
Any OS can add numbers and process documents, give it a rest
Some disagree:
http://www.computerworld.com.au/index.php/id;759393285;fp;16;fpid;0
Your virus checker retrospective i.e. it is only as good as the lastest virus it can detect – a new virus can come out and rip its way throught the internet before the anti-virus companies can provide a solution or even know its exists.
For the costs of all the down time a virus/worm outbreak can cause, new multi-platform applications can be written. If they buy applications externally, the cost belongs to the external companies.
Your virus checker retrospective i.e. it is only as good as the lastest virus it can detect – a new virus can come out and rip its way throught the internet before the anti-virus companies can provide a solution or even know its exists.
This is very true, for all platforms. Guess which is faster, though:
a) writing a virus definition for an existing virus checker
b) writing a virus checker for a new platform because it just got its first virus
For the costs of all the down time a virus/worm outbreak can cause, new multi-platform applications can be written. If they buy applications externally, the cost belongs to the external companies.
No one writes software for the government without passing the cost onto the government. If the government wants Photoshop on Unix they’ll pay by the bucketload, even if Adobe turns around and sells it to consumers when they’re done making it. As for the cost of the down time from a virus/worm outbreak, ask a few people that were around large Linux networks back in the mid-90s about that. Most network admins never have to deal with significant down time due to a virus or worm, regardless of the platform, because they take their time early on to prevent it. This is why the worst down time I’ve ever seen hit a bunch of Linux and Solaris machines; all because the admins were mostly under-educated about security and over-confident about the platforms in use. I see the same attitude from the Mac crowd with OS X (and saw it to a lesser extent before OS X, despite the number of virus and worm threats for MacOS 9), and eventually it’s not going to be a proof of concept that comes down the pipe, but the real thing.
As a federal employee, I can tell you that Macs are already used in government. While it is not wide spread they are still around. My agency’s logistics department and graphic design departments use Macs. I can also tell you there are very few applications that we use that would need to be ported to the Macintosh. The only one off the top of my head is Access. A lot of the applications we used to use ARE being ported to web based systems.
Just my opinion, but I’d love to have an eMac at here at work, they won’t cost much more than a PC and it would not only free up desk space being all in one but they would be easy to maintain.
…US government departments can buy Windows computers without submitting their purchase requirements to a committee, other equipment purchase has to be justified.
If this is correct (I’m not a US citizen, so forgive any ignorance) then does this move mean that Macs would come under the same arrangement? If this is so it seems eminently sensible and not controversial. The machines would be for normal administrative and secretarial tasks, and it appears that more specialised and military work is done on a variety of Windows, Mac, Security grade Linux, and presumably assorted Unix machines.
“oh silly me. of course windows is virus free if you go through all these expensive measures and procedures.”
You spend upwards of $1200 on a decent machine and aren’t willing to spend $50 for anti virus? come on.
You’re assuming they would spend that amount. I guess you need a litle time in the enterprise market with the Charlie Cheapskates and Terry Tightass managers of the corporate world who purchase cheap crappy computers then wonder why their employees keep finding that their computer crashes resulting in lower productivity.
These same managers are quite happy to waste money wineing and dinning customers whom they’ll never get, receiving bonus’s for *just* doing their job, but when it comes to keeping their ship in order, they’re so tight, they squeak when they walk and possibly able to peel oranges in their pockets
more and more goverments around the world are turning to Open sources, the U.S should be the leader in it.
yes, i am serious. because anti-virus is not just $50. it’s $50 x N computers. it’s also $50/hr (or whatever the wage is of the sysadmins) * N hours to fix computers when a virus hits that the AV doesn’t protect, or that some idiot gets in outlook express by opening a .scr or .pif file. the end cost of viruses in windows is a LOT LOT more than the cost of just a single mac over the course of the years you run that windows machine.