Sunday, March 8, 2015

#2290: Marine Links Spy In Bag To Serco Black-Hand Jetway Snuff, Clinton Server Hack

Plum City - (AbelDanger.net): United States Marine Field McConnell has linked a sports bag used in the torture murder of MI6 spy Gareth Williams to Serco V-P Maureen Baginski's alleged deployment of Black Hand* snuff-film crews through HSBC Jetways in 81 countries and hack of Hillary Clinton's server domain page formerly hosted in the British Virgin Islands.

Black Hand* – HSBC's drug-hub navigators with a "License to Track, Film and Kill" for the City of London's Honourable Artillery Company 1537; The Master Mariners and Air Pilots (formerly GAPAN) 1929, and The Ancient and Honorable Artillery Company of Massachusetts 1638 – whose alumni include the United States' Presidents James Monroe, Chester Alan Arthur, Calvin Coolidge and John F. Kennedy and – perhaps – Barack 'Choom Gang' Obama.

McConnell alleges that Baginski had Williams' body transported in a North Face sports bag and placed in the bath of his flat in Pimlico, barely a mile from the headquarters of MI6 across the River Thames, where the property used by MI6 as a safe house, was owned by a British Virgin Islands-registered company called New Rodina, meaning 'new motherland' in Russian.

McConnell alleges that Ms. Baginski had Williams tracked through HSBC Jetways and then killed by her Black Hand snuff-film crews after the MI6 spy was found to have discovered the Serco hack in the British Virgin Islands of Clinton's server and the associated man-in-the-middle attacks on the Obama White House.

McConnell has now exposed Serco's deployment of Black Hand snuff-film crews through HSBC Jetways and Serco's use of Hillary Clinton's servers to launch man-in-the-middle attacks on the military and intelligence services of the Five Eyes countries (U.S.A., U.K., Canada, Australia and New Zealand), resulting, inter alia, in the wrongful death of the late MI6 spy Gareth Williams.

Prequel 1: #2289: Marine Links Clinton's Bin-Laden Black-Hand Patent Thefts To Serco's Pentagon Sheraton Check-Free Turns

Prequel 2: #2038: Marine Links Serco Baginski to Patsy Offender's Tag, SIMAS Times and MH Extortion 17


Sophye e homenagem a Maureen Baginski 
 

MI6 Spy In Bag Death Ruled 'Accidental' 

Inside Gareth Williams' flat 

Hillary Emails on Personal Server Credibility Questioned
 

SWISSLEAKS - "HSBC developed dangerous clients: arms merchants, drug dealers, terrorism financers"


Copy of SERCO GROUP PLC: List of Subsidiaries AND Shareholders! (Mobile Playback Version)[Note that HSBC is Serco's banker and one of Serco's major shareholders with Her Majesty's Government and its funds] 

Serco... Would you like to know more? 


"Light to be shed on mystery of MI6 spy Gareth Williams' death 
Last Updated: 9:34PM GMT 28/01/2012 
An inquest into the death of the spy whose body was found in a locked holdall is set to go ahead this spring, casting light on one of the most baffling mysteries in the recent history of the secret services.

It remains one of the most baffling mysteries in the history of the British secret services.

When the body of an MI6 spy was found locked in a holdall in the bath of his flat, in August 2010, it led to a rash of conspiracy theories, from the disturbing to the downright bizarre.

Nearly 18 months on, police have been unable to establish what led to the death of Gareth Williams, despite a battery of toxicology tests and an exhaustive investigation into his background and his movements.

But Dr Fiona Wilcox, the recently-appointed coroner for Westminster, has decided the time is now right to attempt to record the first official account of what happened to the 31-year-old spy.

She will hold a Pre Inquest Review (PIR) on March 29 at Horseferry Road Coroners Court. A full inquest will begin three weeks later, probably at a larger venue, and is expected to last three to four days.

The PIR is required to establish who will give evidence and, crucially, in what form. Attending will be a member of Scotland Yard's investigation team and legal representatives of GCHQ and MI6.

A solicitor is understood to have been appointed by Mr Williams's parents Ian and Ellen to represent his family. It is expected that some, if not all, the evidence from as many as 40 of Mr Williams's colleagues will be held 'in camera', to protect their identities and the content of their statements.

The spy's badly-decomposed body was found at 6.30pm on August 23 at his flat in Pimlico, barely a mile from the headquarters of MI6, the Secret Intelligence Services, across the River Thames.

The property was used by MI6 as a safe house. In what was apparently a secret services in-joke, the building was owned by a British Virgin Islands-registered company called New Rodina, meaning 'new motherland' in Russian."

"Maureen Baginski 
VP Intelligence & Technical Advisory Services Senior National Security Advisor, Serco 
Maureen Baginski is Vice President of Intelligence Services at Serco North America. Ms. Baginski entered the private sector in 2005 following a 27 year career in the Intelligence Community. From 2003 to 2005 Ms. Baginski served as the Executive Assistant Director for Intelligence (EAD I) where she built and managed the FBI's first-ever intelligence program, including technology acquisition and workforce development. From 1979-2005, Ms. Baginski served in a number of positions at the National Security Agency, including Director of SIGINT, the third highest ranking official at NSA. Ms. Baginski s serves on the Board of Directors of Argon S&T. She is a member of the Defense Science Board, the Intelligence Science Board, the National Defense Intelligence College Board of Governors, and serves on the Board of Directors of the Intelligence and National Security Alliance (INSA) and is the Vice Chairman of the Armed Forces Communications and Electronics Association’s Intelligence Committee. Ms. Baginski is the recipient of two Presidential Rank Awards, two Director of Central Intelligence National Achievement Medals, the Director of Military Intelligence’s Leadership Award, and NSA’s Exceptional Civilian Service Award. In addition, Ms Baginski was the first-ever recipient of NSA’s Outstanding Leadership Award, an award voted on and bestowed by the NSA workforce. Ms. Baginski holds a BA and MA in Slavic Languages and Linguistics from the University of Albany. In June 2006, Ms. Baginski received an honorary Doctorate of Humane Letters from the University of Albany for her service to the nation."

"How Unsafe Was Hillary Clinton's Secret Staff Email System?

Sam BiddleProfile
FollowSam Biddle 
When Hillary Clinton ditched government email in favor of a secret, personal address, it wasn't just an affront to Obama's vaunted transparency agenda—security experts consulted by Gawker have laid out a litany of potential threats that may have exposed her email conversations to potential interception by hackers and foreign intelligence agencies.

"It is almost certain that at least some of the emails hosted at clintonemails.com were intercepted," independent security expert and developer Nic Cubrilovic told Gawker.

Within the instant classic "ClintonEmail.com" domain, it appears there are three separate servers. The domain's blank landing page is hosted by Confluence Networks, a web firm in the British Virgin Islands, known for monetizing expired domain names and spam.

But the real worry comes from two other public-facing ClintonEmail.com subdomains, which can allow anyone with the right URL to try to sign in. One is sslvpn.clintonemail.com, which provides a login page that apparently uses an SSL VPN—a protocol that allows your web browser to create an encrypted connection to a local network from any internet connection—to users to access their email. That sounds secure, and under the right circumstances, for regular users, it can be. But there are two huge problems with using it for the Secretary of State's communications with her staff and others.

First: Anyone in the world with that URL can attempt to log in. It's unclear what exactly lies on the other side of this login page, but the fact that you could log into anything tied to the Secretary of State's email is, simply, bad. If the page above is directly connected to Clinton's email server, a login there could be disastrous, according to Robert Hansen, VP of security firm WhiteHat Labs:

It might be the administrative console interface to the Windows machine or a backup. In that case, all mail could have been copied.

What's more troubling is the fact that, at least as of yesterday, the server at sslvpn has an invalid SSL certificate. Digital certificates are used to "sign" the encryption keys that servers and browsers use to establish encrypted communications. (The reason that hackers can't just vacuum the internet traffic between your browser and Google's Gmail servers and read your email is that your browser is encrypting the data to a public encryption key. The reason that you know that you are encrypting to Google's key and not to, say, the People's Liberation Army's, is that the Gmail servers have a digital certificate from a trusted third-party confirming that the key is theirs.)

When you attempt to access sslvpn.clintonemail.com using Google's Chrome browser, this is what you see:

The apparent reason for that message is that the certificate used by Clinton's server is self-signed—verified by the authority that issued it, but not by a trusted third party—and therefore regarded by Google's Chrome browser as prima facie invalid. The government typically uses military-grade certificates and encryption schemes for its internal communications that designed with spying from foreign intelligence agencies in mind. But the ClintonEmail.com setup? "If you're buying jam online," says Hansen, "you're fine." But for anything beyond consumer-grade browsing, it's a shoddy arrangement.

Security researcher Dave Kennedy of TrustedSec agrees: "It was done hastily and not locked down." Mediocre encryption from Clinton's outbox to a recipient (or vice versa) would leave all of her messages open to bulk collection by a foreign government or military. Or, if someone were able to copy the security certificate Clinton used, they could execute what's called a "man in the middle" attack, invisible eavesdropping on data. "It's highly likely that another person could simply extract the certificate and man in the middle any user of the system without any warnings whatsoever," Hansen said.

The invalid certificate would have also likely left Clinton vulnerable to widespread internet bugs like "Heartbleed," which was only discovered last spring, and may have let hackers copy the entire contents of the Clinton servers' memory. Inside that memory? Who knows: "It could very well have been a bunch of garbage," said Hansen, or "it could have been her full emails, passwords, and cookies." Heartbleed existed unnoticed for years. A little social engineering, Hansen said, could give attackers access to Clinton's DNS information, letting them route and reroute data to their own computers without anyone realizing. "It's a fairly small group of people who know how to do that," Hansen noted, but "it's not hard—it's just a lot of steps."

"It was done hastily and not locked down."

We don't know, of course, if the current state of Clinton's servers is representative of the security precautions that were in place while she was using it as Secretary of State. The system could have previously been hardened against attack, and left to get weedy and vulnerable after she left government. We don't know. But that's part of the problem—at the Department of State, there is accountability for the security of email systems. If we learned that State's email servers had been hacked or left needlessly vulnerable, there would be investigations and consequences. With Clinton's off-the-books scheme, there are only questions.

The final address behind ClintonEmail is a mail host, mail.clintonemail.com, which will kick back an error message when visited directly:

But if you plug in a different URL with the same mail server, you're presented with a user-friendly, familiar Outlook webmail login:

This is basically no more secure than the way you'd log into AOL, Facebook, or any other website. There's no evidence that Clinton (or her staffers) used this web interface to check their emails, as opposed to logging in through a smartphone or other email software. But its mere existence is troubling enough: there have been five separate security vulnerabilities identified with Outlook Web Access since ClintonEmail.com was registered in 2009. These security bugs include doozies like "a flaw that may lead to an unauthorized information disclosure" (2010) and "a remote attacker can gain access to arbitrary files" (2014).

But even without exploiting software bugs, Hansen says leaving a public login page for something that's meant to be private is "pretty much the worst thing you can do." Clinton's Outlook form could've been susceptible to a brute force attack—where random combinations of words and characters are tried until one of them works—or an old fashioned denial of service assault. "Even if she had a particularly strong password," Hansen said, a brute force attack will "either work eventually—foreign militaries are very good at trying a lot—or it'll fail and block her from accessing her own email." If Clinton had been using a government account, Hansen explained, her messages with colleagues would all be held within one relatively tidy system, monitored by the federal government. It's the difference between doing your laundry at home and dropping it off. But with a private account, you're introducing many separate points of failure; every single company in this custom system is a place to pry and attack. "Any joe hacker" could get inside with enough knowledge and time, according to Hansen.

"Pretty much the worst thing you can do."

Cubrilovic echoed Hansen's concern: "When you are a staffer in a government department, internal email never leaves the network that the department has physical control over," he told me. But "with externally hosted email every one of those messages would go out onto the internet," where they're subject to snooping.

Security researcher Kenn White agrees that private internet access stirs up too many dangerous variables while emails bounced from person to person: I think the bigger security concern here is the complete lack of visibility into who has been administering, backing up, maintaining, and accessing the Secretary's email. If classified documents were exchanged, who viewed them? Were they forwarded? Where multiple devices (ie, mobile phones and tablets) configured to access the account? Was encryption required or optional for remote access?

Cubrilovic agreed that opting out of the government's system is an awful idea for someone with a hacker bullseye on her back: "having a high profile target host their own email is a nightmare for information security staff working for the government," he told me, "since it can undo all of the other work they've done to secure their network." The kind of off-the-shelf email service it appears Clinton used comes with a lot of inherent risk, especially since a pillar of her job is overseas travel:

With your own email hosting you're almost certainly going to be vulnerable to Chinese government style spearphishing attacks—which government departments have enough trouble stopping—but the task would be near impossible for an IT naive self-hosted setup.

While some of these hacking scenarios may sound outlandish or far-fetched, keep in mind that Clinton's emails would have been a prime target for some of the globe's most sophisticated state-sponsored cyberwarriors—the Chinese, the Israelis, the Iranians. The very existence of Clinton's private account was revealed by the hacker Guccifer, an unemployed Romanian taxi driver who managed to gain access to former Clinton aide Sidney Blumenthal's AOL account with relative ease. The Hillary account was reported by Gawker in 2013, and White House spokesman Eric Schultz used that story to argue that the Clinton email story was old news: "This was public years ago," he told Business Insider, linking to the 2013 Gawker story.

Which is another way of saying that foreign intelligence agencies have had two years to work on the target."

"One millionth Patent Application in US 
Date : 20 May 2010 
Serco has recently processed the one millionth patent application for the U.S. Patent and Trademark Office (USPTO) under a contract awarded in 2006. The Serco team has processed an average of 350,000 applications annually - or about 1,350 application on a typical day.

After being awarded the contract in 2006, Serco built a virutally paperless classifications operation. The operation included establishing a secure facility and IT infrastructure, recruiting and training highly skilled staff, and implementing a set of automated tools that streamlined the classification process while minimizing errors.

Under the contract the Serco team is required to identify the correct classification from more than 150,000 possible U.S. classifications and more than 70,000 international classifications. This is required while maintaining an accuracy rate of better than 95% and completing work within strict time limits.

The facility located in Harrisonburg, Virginia employs more than 100 Serco and subcontractor employees. The team have received numerous performance incentives for exceeding the USPTO contract's requirements for accurate assignment of application classifications, achieving a 96% accuracy rate over the most recent 12 months.

Ed Casey Chief Executive Officer of Serco's business in the US said: "We are very proud of the work being done by the Serco team and we celebrate their achievement of this important milestone. The work they do for the USPTO is critical to our country's technological and economic leadership. Serco has established a steller reputation of delivering innovative solutions and substantial value to our customers in the federal government in carrying out their important work".

Ends

For further information, please contact Marcus DeVille, Head of Media Relations 020 83344 388 Download PDF [PDF, 16 KB] (Please note: this link will open the page in a new browser window)"

"The United States Patent and Trademark Office (PTO or USPTO) is an agency in the U.S. Department of Commerce that issues patents to inventors and businesses for their inventions, and trademark registration for product and intellectual property identification. The USPTO is "unique among federal agencies because it operates solely on fees collected by its users, and not on taxpayer dollars".[1] Its "operating structure is like a business in that it receives requests for services—applications for patents and trademark registrations—and charges fees projected to cover the cost of performing the services [it] provide[s]".[1][2]

The USPTO is based in Alexandria, Virginia, after a 2005 move from the Crystal City area of neighboring Arlington, Virginia. The offices under Patents and the Chief Information Officer that remained just outside the southern end of Crystal City completed moving to Randolph Square, a brand-new building in Shirlington Village, on April 27, 2009.

The head of the USPTO is Michelle Lee. She took up her new role on January 13, 2014, and formerly served as the Director of the USPTO's Silicon Valley satellite office.[3]

The USPTO cooperates with the European Patent Office (EPO) and the Japan Patent Office (JPO) as one of the Trilateral Patent Offices. The USPTO is also a Receiving Office, an International Searching Authority and an International Preliminary Examination Authority for international patent applications filed in accordance with the Patent Cooperation Treaty."

"Building a State-of-the-Practice Data Communications Network To create a state-of-the-practice data communications network required Serco to engineer different solutions for each of the AFSCN's unique locations. Each ground station around the world had to be surveyed in order to develop detailed installation plans, project support agreements and testing plans. Furthermore, to assure communications reliability between the ground station and the operational control nodes, Serco also had to conduct a complete circuit testing exercise. 

In developing this enhanced voice and data communications network, Serco's team engineered and implemented an ATM backbone and secure voice system for each of the AFSCN ground stations. The installed network was based on a Wide Area Network (WAN) architecture utilizing IP based network capabilities and proprietary secure communication technologies such as KG-75s, KG-84S and KIV-7s. In addition, Serco ensured Defense Red Switch Network connectivity and operations throughout the AFSCN"

Yours sincerely,


Field McConnell, United States Naval Academy, 1971; Forensic Economist; 30 year airline and 22 year military pilot; 23,000 hours of safety; Tel: 715 307 8222

David Hawkins Tel: 604 542-0891 Forensic Economist; former leader of oil-well blow-out teams; now sponsors Grand Juries in CSI Crime and Safety Investigation

5 comments:

  1. These suggestions can really be helpful ! If you are writing content for SEO purpose than it has to be unique and productive and more than at-least 450 words. The more accurately you write the more beneficial results will you get. Its also essential for you to write & publish content on persistent basis otherwise these will not deliver expected beneficial results. Thanks...Driver Navigator key

    ReplyDelete

Who's visiting Abel Danger
view a larger version of the map below at whos.amung.us

You Too can be a CAPTAIN SHERLOCK