Friday, April 11, 2014

#1918: Marine Links Serco Red Switch Heartbleed Hack to MI-3 Soames Hotel Key, Decoy Pings From MoD

Plum City – (AbelDanger.net). United States Marine Field McConnell has linked Serco director Maureen Baginski’s Heartbleed hack of a Red Switch Network to divert MH Flight 370 from its en route airway, to Nicholas Soames’s loan of an Entrust root-kit key to the MI-3 Innholders Livery Company and decoy pings transmitted through hotel assets by the U.K. Ministry of Defence.

McConnell claims that the former U.K. Defence minister Nicholas Soames paid Baginski and her Serco colleagues to equip traveling guests of the MI-3 Innholders with Entrust keys so they could generate red switch FLASH OVERRIDE signals with the Heartbleed bug and authorize various MoD decoy assets to start pinging.

Prequel:
#1917: Marine Links MI-3 Mycroft Blackmailed RAN to Serco Huston Red Switch Ping 

How significant is security bug Heartbleed?

The Language of Journalism: Profanity, obscenity & the media books.google.ca/books?isbn=0765802201 Melvin J. Lasky - 2005 - ‎Language Arts & Disciplines Profanity, obscenity & the media Melvin J. Lasky. The Saturday edition ... He was Nicholas Soames, himself a minister in John Major's Conservative government ( 1992-1997). And it could hardly ... You must get your cock in the till."

Malaysia Airlines MH370: Searchers confident signals are from jet
'We have very much narrowed down the search area,' Australian PM Tony Abbott says The Associated Press Posted: Apr 10, 2014 10:50 PM ET Last Updated: Apr 11, 2014 7:46 AM ET

Authorities are confident that signals detected deep in the Indian Ocean are from the missing Malaysian jet's black boxes, Australia's prime minister said Friday, raising hopes they are near solving one of aviation's most perplexing mysteries. Tony Abbott told reporters in Shanghai that crews hunting for Flight MH370 have zeroed in on a more targeted area in their search for the source of the sounds, first heard on Saturday. 

 "We have very much narrowed down the search area and we are very confident that the signals that we are detecting are from the black box on MH370," Abbott said. 

Malaysia Airlines MH370: Why airlines don't live-stream black box dataGRAPHICS: Inside a plane's black box recorders
Black box detector to join search for missing Malaysia Airlines jet
LIVE BLOG: The latest news on the search for Malaysia Airlines Flight MH370

"Nevertheless, we're getting into the stage where the signal from what we are very confident is the black box is starting to fade," he added. "We are hoping to get as much information as we can before the signal finally expires."

The plane's black boxes, or flight data and cockpit voice recorders, may hold the answers to why the Boeing 777 lost communications and veered so far off course when it vanished March 8 while flying from Kuala Lumpur, Malaysia, to Beijing with 239 people on board.”

MDA Wins Key U.S. Aviation Contract
May 3, 2001 Richmond, B.C. - MacDonald, Dettwiler and Associates Ltd. (TSE: MDA) announced today the company has been awarded a contract by the United States Air Force to develop a system to be used by specialists at Air Force bases to design Instrument Approach Procedures (IAPs).

IAPs are published instructions to pilots specifying a series of aircraft maneuvers that must be executed for the aircraft to transition safely from an en route airway to a runway final approach when flying by instruments. MDA's system ingests digital terrain and elevation data, air navigation data (such as the locations of navigation aids, runways, buildings and towers) to build and display a virtual model of the physical environment surrounding an airport. It then develops the complex surfaces that define a safe approach corridor for any of the dozens of IAP variants, and determines whether any of the defined surfaces are penetrated by terrain or man-made obstacles. It flags these incursions to the operator, who can quickly modify the approach procedure through a drag-and-drop user interface.

This initial award, valued at $2.9 million (CDN), consists of a fixed price element to develop, integrate, and test the system. The next phase will include installation, government testing, and operator training. The contract includes an option for the U.S. Federal Aviation Administration (FAA) to adapt the system for their needs. The U.S. Air Force also has options to field the successful system at up to 108 air bases around the world, and to award T&M support contracts for up to 8 years. MDA plans to team up with Air Navigation Data (AND) of Ottawa to offer a custom solution, based on AND's "Final Approach" product.

MDA President and CEO Daniel Friedmann said: "This is a significant project for MDA that has the potential to improve the safety of air transportation for many other air forces and civil aviation authorities world wide."

Related web sites:

www.mda.ca
www.usaf.com
For more information, please contact:
Ted Schellenberg
Media Relations MacDonald Dettwiler
Telephone: (604) 231-2215
E-mail: teds@mda.ca
Thursday, May 3, 2001
Source: MacDonald, Dettwiler and Associates Ltd.” 

 “Heartbleed & OpenSSL — Do End-Users Need to Change Their Passwords? 
April 10, 2014 by Entrust, Inc. No Comments

The discovery of the Heartbleed implementation bug that could attack certain version of OpenSSL has, rightfully, made global headlines. While this vulnerability doesn’t affect the certificates issued by trusted certification authorities (CA), the discovery has set end-users into a bit of “password panic.” The crux of the issue is that services providers, website operators, software developers, etc., need to inform end-users about the status of their end-users’ credentials. End-users are wondering, “Do I need to change my password?”

In many cases, they do not as that specific Web server was not susceptible. In other cases, they do as the Web server has now been fixed. Password Changes Ineffective Until Fix in Place

While changing passwords is smart, it won’t do the end-user much good until the fix is in place. This introduces another scenario where organizations and end-users alike would benefit from transparency and clear, open communication. In other words, what is the status of their Web server? 

 What is the Heartbleed Bug?

Imagine an insect invasion in a house that goes undetected for a long time. When it’s finally discovered, it turns out insects have overrun the entire building. That house is the Web, and the insect is a bug called Heartbleed. According to a website that charted its emergence, “The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library.”

Heartbleed attacks the heartbeat extension (RFC 6520) implemented in OpenSSL. Heartbleed allows an attacker to read the memory of a system over the Internet and compromise the private keys, names, passwords and content. An attack is not logged and would not be detectable. The attack can be from client to server or server to client.”

The Ministry of Defence (MOD) is the British government department responsible for implementing the defence policy set by Her Majesty's Government, and is the headquarters of the British Armed Forces. The MOD states that its principal objectives are to defend the United Kingdom of Great Britain and Northern Ireland and its interests and to strengthen international peace and stability.[5] With the collapse of the Soviet Union and the end of the Cold War, the MOD does not foresee any short-term conventional military threat; rather, it has identified weapons of mass destruction, international terrorism, and failed and failing states as the overriding threats to Britain's interests.[6] The MOD also manages day-to-day running of the armed forces, contingency planning and defence procurement.”

UK Ministry of Defence Standardizes on Entrust PKI

Entrust’s technology selected to be the foundation for the MoD’s PKI ecosystem DALLAS – In an effort to enforce their strategy of centrally controlling policy to maintain a trusted network environment, the United Kingdom’s Ministry of Defence (MoD) sought a public key infrastructure (PKI) solution to manage authentication, digital signatures and encryption capabilities. Entrust, Inc. [NASDAQ: ENTU] proudly announces that the company has licensed its Entrust Authority™ Security Manager to the the UK’s MoD where it is to be used as the MoD root certification authority (Root CA).

“The functionality and comprehensive nature of Entrust’s PKI solution definitely meets our need to seamlessly manage the different capabilities we need for our secure network environment,” said Lieutenant Colonel Keith Bell, Head of Defence Interoperable Network Services Authority. “We now have fully deployed the root certificate authority (CA) technology and look forward to extending this chain of trust to all departments and business partners.” 

Entrust Authority™ Security Manager, a world-leading PKI, is designed to manage the digital keys and certificates that make up the digital identities used to transparently automate security-related processes in an organization. As an organization’s Certification Authority (CA) system, Entrust Authority Security Manager software can help enable the use of digital signature, digital receipt, encryption and permissions management services across a wide variety of applications and solutions.

“Having a secure PKI infrastructure is at the heart of building a trusted network environment,” said Entrust Chairman, President and Chief Executive Officer Bill Conner. “Because the MoD has to service a variety of different internal agencies, it is important that their PKI offers security and functionality to support this vast network. We are pleased to help them in their quest to securely communicate with both internal constituencies, as well as extend this security network to Defence contractors and other outside parties.”

The MoD will use the Entrust Authority Security Manager to support authentication, digital signatures and encryption. The PKI system also will allow the issuance of digital credentials to internal devices, as well as provide security for collaboration with industry partners. In addition, the PKI system will provide a root CA to the Defence Information Infrastructure DII(F) that will help create a single, efficient information infrastructure within the MoD.”

McConnell offers an expert witness service to explain the jargon associated with MI-3 Flash Override and Boeing Uninterruptible Autopilot technology in re red-switch qui tam frauds on MH Flight 370 by Serco and its U.S. Small Business Administration partners.

Yours sincerely,


Field McConnell, United States Naval Academy, 1971; Forensic Economist; 30 year airline and 22 year military pilot; 23,000 hours of safety; Tel: 715 307 8222

David Hawkins Tel: 604 542-0891 Forensic Economist; former leader of oil-well blow-out teams; now sponsors Grand Juries in CSI Crime and Safety Investigation


Ian Bendel's Overview Current SERCO Site Lead Defense Red Switch Network Pentagon at Serco - North America Defense Red Switch Network Engineer II at Serco - North America
Past 
Defense Red Switch Systems Specialist at SAIC, Pentagon
Network Infrastructure Requirements Manager at United States Air Force
Network Infrastructure Technician at United States Air Force
see all
Education
American University
Community College of the Air Force
Airman Leadership School, 2006 United States Air Force, Royal Air Force
….
Seeking new opportunities in IT management and audio-visual production

* Eleven years defense IT & network management experience
* Active Top Secret/SCI U.S. Government security clearance
* Knowledge of LAN/WAN network infrastructure
* Expert maintenance capability for network, cryptographic, and transmission systems
* Advanced knowledge of Government encryption devices, Cisco routers and switches, 
VoIP/SVoIP phones, Windows networks, modems, multiplexers, cabling, and Defense Red Switch Network
* DOD 8570 IAT level II certified, CompTIA Security+ CE

Specialties: cabling, Cisco routers, computer hardware, cryptography, LAN/WAN, materials management, Microsoft Windows, modems, networking, switches, telecommunications, telephone skills, transmission, troubleshooting, voice and data, VOIP/SVOIP
Ian Bendel's Experience
SERCO Site Lead Defense Red Switch Network Pentagon
Serco - North America
Public Company; 10,001+ employees; SRP; Outsourcing/Offshoring industry
January 2012 – Present (2 years 4 months) Arlington, VA
Promoted to Site Lead for the SERCO Subcontract to SAIC. Management of five subcontractors across three shifts in the Pentagon office of the Defense Red Switch Network. Defense Red Switch Network Engineer II
Serco - North America
Public Company; 10,001+ employees; SRP; Outsourcing/Offshoring industry
February 2010 – Present (4 years 3 months)

* Responsible for daily keying, updates, installation, and configuration of all Pentagon
DRSN equipment
* Within one month, reconfigured and modernized more than ten critical circuits vital to the secure communications of the US military
* Routinely interfaces and supports the communication needs of over 800 top government officials including the Secretary of Defense, Chairman of the Joint Chiefs of Staff, and the President of the United States
Defense Red Switch Systems Specialis
SAIC, Pentagon
Public Company; 10,001+ employees; SAIC; Information Technology and Services industry
January 2009 – September 2009 (9 months)
* Responsible for daily keying, updates, installation, and configuration of all Pentagon
DRSN equipment
* Within one month, reconfigured and modernized more than ten critical circuits vital to the secure communications of the US military
* Routinely interfaces and supports the communication needs of over 800 top government officials including the Secretary of Defense, Chairman of the Joint Chiefs of Staff, and the President of the United States
Network Infrastructure Requirements Manager
United States Air Force
Government Agency; 10,001+ employees; Defense & Space industry
June 2006 – January 2009 (2 years 8 months)
* Responsible for surveying technical needs and associated costs for all new network infrastructure requirements
* Led Voice Over IP integration team, providing technical solutions, costs, and engineering skill for over 800 new phones
Network Infrastructure Technician
United States Air Force
Government Agency; 10,001+ employees; Defense & Space industry 
October 2005 – June 2006 (9 months)
* Responsible for the configuration and maintenance of Cisco routers, switches, VOIP phones and call managers.
* Maintained local network configuration management drawings, Primary COMSEC Responsible Officer.
* Supervisor of three airmen in requirements section.
Secure Communications Technician
United States Air Force 
Government Agency; 10,001+ employees; Defense & Space industry 
October 2002 – October 2005 (3 years 1 month)
* Keying and maintenance of more than 75 long-haul cryptographic circuits.
* Primary records custodian responsible for maintenance and disposition of thousands of government files.
* Direct support of TBMCS, JWICS, SIPRNET, and DRSN equipment.”

CCEB military precedence[edit]

The Combined Communications Electronics Board (CCEB), a five-nation joint military communications-electronics organization (consisting of Australia, Canada, New Zealand, the United Kingdom, and the United States), uses the following message precedence designators, in descending order of importance:

FLASH (Z)[edit]

This precedence is reserved for initial enemy contact messages or operational combat messages of extreme urgency. Brevity is mandatory. FLASH messages are to be handled as fast as humanly possible, ahead of all other messages, with in-station handling time not to exceed 10 minutes. Messages of lower precedence are interrupted on all circuits involved until the handling of FLASH messages is completed.

IMMEDIATE (O)[edit] 

This precedence is reserved for messages relating to situations gravely affecting the security of the nation. It requires immediate delivery. Examples include reports of widespread civil disturbance, reports or warning of grave natural disaster, and requests for or directions concerning search and rescue operations. IMMEDIATE messages are processed, transmitted, and delivered in the order received and ahead of all messages of lower precedence. They are to be handled as quickly as possible, with in-station handling time not to exceed 30 minutes. Messages of lower precedence should be interrupted on all circuits involved until the handling of the IMMEDIATE message is completed. The use of the letter "O" comes from the original name for this level, "operational immediate".

PRIORITY (P)[edit]

This precedence is reserved for traffic requiring expeditious action by the addressee or for conducting operations in progress when ROUTINE precedence will not suffice. PRIORITY precedence messages are processed, transmitted, and delivered in the order received and ahead of all messages of ROUTINE precedence. Examples include requests for supplies or equipment during the conduct of an operation, time-critical items requiring quick response, and situation reports. They are to be handled as quickly as possible, with in-station handling time not to exceed 3 hours.

ROUTINE (R)[edit]

This precedence is used for all types of message traffic justifying transmission by rapid means, but not of sufficient urgency to require higher precedence. ROUTINE precedence messages are delivered in the order received and after all messages of higher precedence. Examples include any message that requires the documentation of its transmission or delivery; messages concerning normal operations, programs, or projects; and periodic or consolidated reports. They should be handled as soon as traffic flow allows, but no later than the beginning of the next duty day. Flash Override (Y)[edit]

The National Command Authority (usually the President of the United States) has access to a FLASH OVERRIDE (FO) capability. FO is not a precedence, but instead represents the authority and means to override all other traffic, including FLASH precedence messages. In written message traffic, the proword 'Y' is used to indicate a message having the authority to override all other traffic and is usually assigned to Emergency Action Messages (EAM).”

http://www.linkedin.com/in/salvadorrusso

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Looking into our circumstances...