Air Force conference notes: New mail security

MONTGOMERY, Ala. -- Air Force personnel should be looking late next year to start dumping their Fortezza cards, which they've used for years to encrypt e-mail messages.

If all goes well, the Air Force will start deploying a new servicewide version of the Defense Message System (DMS) in October 2005. It will use a Web browser instead of the DMS desktop client and Fortezza card.

More than 30,000 of the cards are being used by the Air Force, but they've proven expensive and difficult to maintain. They've been lost, damaged and even washed with laundry and people have found them cumbersome to use, so it's unlikely they'll be missed.

********

It often seems that government agencies are one step behind hackers when it comes to defending their networks, but at least parts of the Air Force may soon be using a technology that gives the good guys an advantage over the black hat guys.

CloudShield Technologies Inc. partnered with Northrop Grumman Corp. to develop an intriguing system for the Air Force Information Warfare Center that gave center officials a clear look at their network and allowed them to develop a profile of the network right down to specific machines, operating systems, what versions of applications were running and even what security patches had been installed.

It enabled center officials to pinpoint vulnerabilities and identify security risks that they would otherwise have overlooked but that hackers could have exploited.

One drawback in the initial tests of the system was that it also profiled an adjacent network that wasn't meant to be included. CloudShield officials said they didn't know their technology was capable of that, but they developed a toned-down version of the system so that it only worked within the center's network.

Company officials claimed they don't know what the center intends to do with the system and Air Force officials, naturally, aren't saying.

********

Scott McNealy, chairman and chief executive officer of Sun Microsystems Inc., is never a boring speaker. Here are a few sound bytes from his presentation Tuesday morning at the Air Force Information Technology Conference.

On the proprietary nature of Microsoft Corp. software:

"Microsoft is welded shut. To use the browser, you have to use everything -- and it's all locked up except to hackers."

On the Air Force's preference for PCs based on Microsoft Windows and Intel Corp. processors:

"Your architecture looks pretty solid. But there is one big blemish: It's your desktop strategy, based on Wintel."

On one of the stranger manifestations of connecting everything to a network:

"I think it's interesting that you put [computer] chips in your pets, but not in your kids."

On the difficulty involved in going from setting up a server to actually delivering Web services:

"A piston ring is to transportation what a Dell [Inc.] server is to Web services."

For more serious stuff from McNealy, read the related story here.