rob53

"The Federal Bureau of Investigation was unable to access data from nearly 7,800 devices in the fiscal year that ended Sept. 30 ..." Sounds to me like Apple's encryption is working just fine. 

"...The FBI has been unable to access data in more than half of the devices that it tried to unlock due to encryption, Wray added." So we're talking about 14K devices. I assume the half they were able to access were older iPhones and Android devices, throwing in a few Windows phones Microsoft gave them the keys to.

"The FBI supports strong encryption and information security broadly, Wray said ..." Here's where Wray needs the most education. In order for encryption to be strong, it can never be broken. 

Christopher Wray, DOB 12/17/1967, Republican and a LAWYER!!!! The last part says it all. No offense to those choosing private schools, but... "He attended the Buckley School in New York City and the private boarding school Phillips Academy in Andover, Massachusetts." Person of privilege demanding everyone follow what he says while not knowing much of anything about computers.

VRing said:

williamh said:

VRing said:

macxpress said:

Hey @VRing, does that supposed magical and revolutionary custom build of yours that is SO much better than an iMac Pro do this? Didn't think so and never will! 

I know you're just flaming, but TPM chips have been in the vast majority of Windows computers and motherboards for enterprise use for years. As well, a number of these types of computers have a self-healing BIOS to restore a corrupt or potentially attacked BIOS.

I've used enterprise hardware with TPM chips for years.  Correct me if I am wrong, but I don't think the TPM does what the T2 chip does.  For me, it just seems to be like a trusted enclave that to my knowledge I am only using for BitLocker encryption.  I don't know or care enough to find out about VRing's "magical and revolutionary custom build" but essentially, isn't Macexpress correct if referring to the T2 chip?

TPM doesn't do everything the T2 offers, but it offers security for disk encryption keys among a few other features. Features, such a self-healing BIOS, are separate from TPM. The approach of the hardware is different, but both offer secure features for the user's data.

I thought intel was going to full EFI so no more antiquated BIOS. Doesn’t matter to me since I don’t really care about windows systems. 

That said, I think I could have written a security plan for classified computing on an iMac Pro with internal SSDs that wouldn’t have to be locked in a vault or repository. Can’t steal the SSDs and get any data and can’t boot from external drives (disabling ports already a requirement and T2 handles this by default). Just make sure booting works to off-Internet validation server (MDM system) and it should be easy. Of course I don’t have to write these anymore but OTS OS and HW handling all this with no third-party additions makes it a slam dunk for government systems even for Windows-biased IT managers and security officers. 

Shane0527 said:

FaceID is awful! I have to type in my passcode the majority of the time to access my phone. Need directions while you’re driving? Better pull over because you have to fully interact with the phone to unlock it to get directions. This is the iPhone I strongly dislike!

What are you doing accessing your phone while you’re driving? That’s illegal in most states so quit complaining. 

danvm said:

rob53 said:

I wish I was still working. Writing up a security plan for a department full of these will be a piece of cake. Add MDM software that works with these and the security plan will write itself. Would just have to deal with the troublesome Windows PCs. Now if Apple would just re-release a compatible server and Macs would dominate secure government organizations. 

Interesting how one government organization, the USA DoD, see no issues with Windows security.  They announced the deployment of Windows 10 in 4 million devices "based on the need to strengthen our cybersecurity posture while concurrently streamlining the IT operating environment.".

https://www.defense.gov/News/Article/Article/688721/dod-wide-windows-10-rapid-deployment-to-boost-cybersecurity/

I don't see how bring back the XServe will make Apple dominant in government organizations, when Windows Server and Linux are far more capable than macOS Server.

DoD adjusts their cyber security rules to meet their needs. Are their systems secure? It all depends on who you ask and who is responsible for accepting the risk. Windows PCs don't come standard with any type of physical encryption like the new iMac Pro, everything is bolted on requiring software updates from third-party companies. I worked for DOE and we actually had higher security than DoD.

tipoo said:

That's...Honestly not as high as I expected it would go! The tower Mac Pros and Power Mac G5s could get well into decent car territory. 

My only wish is it was more configurable, I need a lot of CPU for my big data workload, but Vega Pro is a wasted cost, while someone training Metal 2 neural nets would go max GPU. Hope the Mac Pro provides that ability to min/max different components. 

Maybe you need to look at your data workload and see if a change in program will allow you to use more GPU computing power. Most of the supercomputers are using GPU processing anyway so I'd look into your workflow and see what can be changed.