Prequel 1:
#1421 Marine Links Serco P4-In-the-Middle Ambush to Marcy, Obama, Rumsfeld and Tillman Clocks
Privatization of UK justice system-A simple question-04-09-2012
The Tillman Story - ReThink Review & Discussion
“0 292234Z APRIL 04 FM TASK FORCE TO RUCAACC/USCENTCOM MACDILL AFB FL//CDR//INFO RUCQAS/USSOCOM PP MACDILL AFB//FL//CDR// RUEPVBT/TASK FORCE BT [REDACTION] PERSONAL FOR CDR USCENTCOM CDR USSOCOM CDR USASOC DELIVER DURING NORMAL DUTY HOURS [REDACTION] DO NOT TRANSMIT VIA OPINTEL BROADCAST OPER/OEF// MSGID/GENAMIN/TASK FORCE // SUBJ/P-4 COCERNING INFORMATION ON CORPORAL TILLMAN'S DEATH// RMKS/SIR, IN THE AFTERMATH OF CORPORAL TILLMAN'S UNTIMELY YET HEROIC DEATH IN AFGHANISTAN ON 22 APRIL 04, IT IS ANTICIPATED HIGHLY POSSIBLE THAT CORPORAL TILLMAN WAS KILLED BY FRIENDLY FIRE. THIS POTENTIAL FINDING IS EXACERBATED BY THE UNCONFIRMED REPORTS THAT POTUS AND THE SECRETARY OF THE ARMY MIGHTIN CLUDE COMMENTS ABOUT CORPORAL TILLMAN'S HEROISM AND HIS APPROVED SILVER STAR MEDAL IN SPEECHES CURRENTLY BEING PREPARED, NOT INFORMING THE SPECIFICS SURROUNDING HIS DEATH. THE POTENTIAL THAT HE MIGHT HAVE BEEN KILLED BY FRIENDLY FIRE IN NO WAY DETRACTS FROM HISD WINTESSED HEROISM OR THE RECOMMENDED PEROSNAL DECORATION FOR VALOR IN THE FACE OF THE ENEMY. CORPORAL TILLMAN WAS KILLED IN A COMPLICATED BATTLESPACE GEOMETRY INVOLVING TWO SEPARATE RANGER VEHICLE SERIALS TRAVERSING THROUGH SEVERE TERRAIN ALONG A WINDING 500-600 FOOT DEFILE IN WHICH FRIENDLY FORCES WERE FIRED UPON BY MULTIPLE ENEMY POSITIONS. CORPORAL TILLMAN DISEMBARKED FROM HIS VEHICLE, AND IN SUPPORT OF HIS FELLOW RANGERS AND DEMONSTRATING GREAT CONCERN FOR THEIR WELFARE OVER CARE FOR HIS OWN PERSONAL SAFETY ENTERED THE ENEMY KILL ZONE INTO WHICH BOTH IMPACTED. I FELT THAT IT WAS ESSENTIAL THAT YOU RECEIVED THIS INFORMAITON AS SOON AS WE DETECTED IT IN ORDER TO PRECLUDE ANY UNKNOWING STATEMENTS BY OUR COUNTRY'S LEADERS WHICH MIGHT CAUSE PUBLIC EMBARRASSMENT IF THE CIRCUMSTANCES OF CORPORAL TILLMAN'S DEATH BECOME PUBLIC.// DECL/DERI:DRV FROM [REDACTION] /INST-[REDACTION]-//BT CLASSIFIED BY: [REDACTION] REASON [REDACTION] DECLASSIFY ON: [REDACTION] CLASSIFICATION: [REDACTINO] CAVEATS: [REDACTION] TERMS: [REDACTION]”
The Guardian has also seen a management email to staff describing how they should manipulate their computer system in order to meet targets set down in the company's contract on 999 responses.
Serco introduced a new cost-saving NHS IT system to the out-of-hours service it runs in Cornwall last summer as required by the local commissioners, enabling it to replace skilled clinicians with call-handlers without medical training who follow a computer-generated script to assess patients. The move triggered a fourfold increase in ambulance call-outs.
An email from Serco managers to staff this month, leaked by a whistleblower to the Guardian, instructed call-handlers to "stop the clock" if the IT system reaches a screen telling the operator to make a 999 call while they check it. Staff have expressed concern that this might delay an ambulance in a real emergency and that the new system is not sophisticated enough to distinguish between urgent and less serious cases.
The Guardian revealed last year that whistleblowers believed the company was putting patients at risk and falsifying data. Suspicions over the service will be raised again by these latest revelations.”
“JUSTICE DENIED People persecuted for political reasons must be defended. SATURDAY, 20 OCTOBER 2012Andrea Davison, Jimmy Savile, SERCO and How it all Fits In With Child Abuse, Covert Arms Shipments and Government Fraud http://google-law.blogspot.ca/ 2012/10/andrea-davison-jimmy- savile-serco-and.html”
“Time called on Serco’s NPL contract
By Gill Plimmer
Serco, the FTSE 100 outsourcing company, has lost its contract to run the National Physical Laboratory – which built the first atomic clock – after the government said it would seek academic partners to take over the centre instead.
The laboratory has been managed by Serco on a profit-share basis since 1994. But David Willetts, science minister, has decided that the government can “encourage greater interaction with businesses” by ending the contract in March 2014, when the company’s 17-year tenure comes to an end.”
“Time and PKI
When it comes to PKI, an accurate time is essential. The Issuing CA, and the computer system that uses the certificate, need to have synchronized time. If the end user’s computer doesn’t have the same time as the Issuing CA, you could run into trouble.
Running a (CA) cluster relies on time even more. With a two-node cluster, for example, each node needs to have the same time or data will be out of sync and possibly corrupted.
A Time Stamping Server needs to have an accurate time for legal purposes. Therefore, it is advisable to have your own, physical, Stratum-1 Time Server, on your own network, to not have to rely totally on the internet time servers. This ensures that your time stamps are accurate and your system is the most efficient.
Microsoft has a build-in NTP client in most of their Windows Operating Systems. It is called SNTP (Simple Network Time Protocol). SNTP is not as accurate as using a NTP client, as the time difference with SNTP can be to 1 or 2 seconds. Thus, I advise you to use a NTP client available at ntp.org.
Categories: Blog, Public Key Infrastructure
Tags: Certificate authority, Got PKI?, Issuing CA, IT Security, Master Clock, Microsoft PKI, Microsoft Public Key Infrastructure, Microsoft Security Partner, Network time Protocol, NTP, Simple Network time Protocol, SNTP, Stratum-1,Stra tum-2, Time Stamping Authority, TSA”
Tags: Certificate authority, Got PKI?, Issuing CA, IT Security, Master Clock, Microsoft PKI, Microsoft Public Key Infrastructure, Microsoft Security Partner, Network time Protocol, NTP, Simple Network time Protocol, SNTP, Stratum-1,Stra
“Project Athena was a joint project of MIT, Digital Equipment Corporation, and IBM to produce a campus-wide distributed computing environment for educational use. It was launched in 1983, and research and development ran until June 30, 1991, eight years after it began. As of 2013, Athena is still in production use at MIT. It works as software (currently a set of Ubuntu packages) that makes a machine a thin client, that will download educational applications from the MIT servers on demand.
Project Athena was important in the early history of desktop and distributed computing. It created the X Window System, Kerberos, and Zephyr Notification Service. It influenced the development of thin computing, LDAP, Active Directory, and instant messaging.
Athena continues in use today, providing a ubiquitous computing platform for education at MIT; plans are to continue its use indefinitely.
Athena was designed to minimize the use of labor in its operation, in part through the use of (what is now called) "thin client" architecture and standard desktop configurations. This not only reduces labor content in operations but also minimizes the amount of training for deployment, software upgrade, and trouble-shooting. These features continue to be of considerable benefit today.
In keeping with its original intent, access to the Athena system has been greatly enlarged in the last several years. Whereas in 1991 much of the access was in public "clusters" (computer labs) in academic buildings, access has been extended to dormitories, fraternities and sororities, and independent living groups. All dormitories have officially supported Athena clusters. In addition, most dormitories have "quick login" kiosks, which is a standup workstation with a timer to limit access to ten minutes. The dormitories have "one port per pillow" Internet access [and opportunities for the likes of Noam Chomsky and John Deutch to set up and film Greek Life pedophile entrapment and oath-taking ceremonies].
Originally, the Athena release used Berkeley Software Distribution (BSD) as the base operating system for all hardware platforms. By the mid 1990s, public clusters consisted of the Solaris operating system on SPARC hardware from Sun Microsystems, [here is the reason for the intimidation of JonBenet Ramsey’s father on Christmas Day 1996] and the IRIX operating system on MIPS hardware from Silicon Graphics, Inc. (SGI). SGI hardware was dropped in anticipation of the end of IRIX production in 2006. Linux-Athena was introduced in version 9, with the Red Hat Enterprise Linux operating system running on cheaper x86 or x86-64 hardware. Athena 9 also replaced the internally developed "DASH" menu system and Motif Window Manager (mwm) with a more modern GNOMEdesktop. Athena 10 is based on Ubuntu Linux (derived from Debian) only.[4][5] Support for Solaris is expected to be dropped almost entirely.”
“Single point of failure: It requires continuous availability of a central server. When the Kerberos server is down, no one can log in. This can be mitigated by using multiple Kerberos servers and fallback authentication mechanisms.
Kerberos has strict time requirements, which means the clocks of the involved hosts must be synchronized within configured limits. The tickets have a time availability period and if the host clock is not synchronized with the Kerberos server clock, the authentication will fail. The default configuration per MIT requires that clock times are no more than five minutes apart. In practice Network Time Protocol daemons are usually used to keep the host clocks synchronized.
The administration protocol is not standardized and differs between server implementations. Password changes are described in RFC 3244.
Since all authentication is controlled by a centralized KDC, compromise of this authentication infrastructure will allow an attacker to impersonate any user.
Each network service which requires a different host name will need its own set of Kerberos keys. This complicates virtual hosting and clusters.
If time is not consistent across your network
ISO/IEC 17799:2000(E) (AKA BS7799), clause 9.7.3 specifies "Clock synchronization:"
"[...]Where a computer or communications device has the capability to operate a real-time clock, it should be set to an agreed standard, e.g. Universal Coordinated Time (UCT) or local standard time. As some clocks are known to drift with time, there should be a procedure that checks for and corrects any significant variation."
Event Logging, Auditing or Intrusion Detection across different systems becomes very difficult.
Many cryptographic functions, especially those involving key creation, exchange and expiration, as well as "ticketing" functions such as used by Kerberos require precise time synchronization.
Event or program scheduling may not work as expected.
Client/Server transactions may not work as expected (transaction precedence is incorrect).
There may be legal issues when submitting logs or other material as evidence if the time is not known to be correct.1
Security certificates, WWW Cookies, DHCP and WINS leases may not work as expected.
High Availability or clustering solutions may depend on members’ clocks being exactly synchronized.
File creation and access times will be wrong across different computers, thus:
Differential, Incremental or other backups may not work as expected.
Revision control systems (such as CVS) may not work properly.
E-Mail Message time stamps may be wrong, leading to unexpected transmission issues.
NetWare NDS will not work right unless all NDS servers have the same time.
Neither will Active Directory, even though it says it will. If you have an object collision (two objects are modified at the same time by different people on different masters) the time stamp is used to help resolve the conflict. If time is not synchronized, the results will not be as expected.”
More to follow.
PresidentialField Mandate
Abel Danger Blog
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.