The latest SANS Newsbites happily reports on a FCW article titled OMB likes Air Force's patch strategy. The US Office of Management and Budget's Karen Evans reportedly likes the US Air Force's plans to "deliver standardized and securely configured Microsoft software throughout the service." Brig. Gen. Ronnie Hawkins, director of communications operations in the Air Force's Office of the Deputy Chief of Staff for Installation and Logistics, says "We'll decide which configurations will be acceptable in the Air Force... We'll then implement these configurations and then lock the desktops down."
This should have been done ten years ago when I was using Windows for Workgroups 3.11 as an Air Force lieutenant. This approach is fighting the last war, since it relies on running hundreds of thousands of personal computers with general purpose operating systems. All of these systems will still need applications installed, and those apps and the OS will have to be patched, updated, etc.
Instead of running PCs, .mil and .gov should adopt centrally managed thin clients. (No, I do not work for Sun, nor do I receive any compensation for pushing their Sun Rays!) Instead of wasting time shoring up a flawed PC-centric computing model, the military and government should run screaming away from Windows on PCs and embrace thin clients. I don't mean run an embedded Windows-based client either, like the Wyse terminals.
Expect to see more on Sun's thin clients as I deploy them here in my network operations center.