Filed under CTO's Blog, Digital Evidence by Todd Glassey on August 27, 2010 at 11:19 am
no comments
Certichron SecureNTP OpenAPI project is launched
We have been sitting on this since RSA2010 where it became obvious based on the evolution and acceptance of cloud computing models that a new reference time practice was needed. One which used a less network-centric but still controlled and authenticated time-transfer process. To meet this need we decided that the best solution was to enable the Applications themselves to call a time-service provider as a runtime request and that for most operating environments this just replaces the gettime(); service with a variant which actually calls the NTP reference device for that security/evidence generation model.
And so to make this idea a valuable resource we present the OpenAPI for NTP Services. The requirements of the API are to provide Secure SNTP style services using both IPC and Berkeley socket based communication models for distributing time with the associated proofing practices to force the creation of those necessary records to fully document time-control on the entire chain-of-custody for any digital object. The intent is to create a more application-infrastructure based time-evidence model for reducing risk and providing better assurance in the records created therein and in doing so to localize the time service request and response to the application and not just reading it from an unprovable register in the HOST OS.
Application level NTP Client — for Applications not the OS!
The OpenAPI is then an integrated OS Time Of Day (TOD) service replacement which in a localized cloud environment allows the HOST or other specified reference device to supply time services to the virtualized platform at the application layer itself. This resource creates an NTP time-evidence service set which is called at the application level to provide all NTP time setting and remote time-content stamping facilities provided in the NTP service only to applications rather than the applications themselves relying on the HOST OS.
- This new facility provides an unprecedented level of security and integrity in application level time stamping services rather than relying on the HOST OS, and thus associating trusted time-transfer processes (setting, calibration, equalization and attestation) directly with the relying-party application.
- This unique new model allows the introduction of modular and secure sources of time complete with their necessary evidence models as resources in the production of transparent business systems.
Secure Time is generally the Source of all Provable Evidence in Computers!
Our reasoning is that since networking especially in tightly coupled clusters and Cloud Systems models is today accomplished through very high-speed channels and many of them through shared memory and semaphores as well as Secure IPC tools, the issues of Network Latency are not such an issue and the forefront of the time control practice is to build reliable proof models which are light-weight yet strong enough to prove themselves accurate in the most stringent applications and use models.
For more information on how you can participate in OpenAPI or how your products can use the OpenAPI to bring secure time into them directly, please contact us at <font color=”#0000ff” face=“Times New Roman” size=“3”>OpenAPI@Certichron.COM</font> or call your Certichron Sales person at 800−511−2301.
Filed under CTO's Blog, Digital Evidence by Todd Glassey on August 19, 2010 at 11:31 am
no comments
What you don’t know about Digital Evidence can kill your business.
You never thought about it before but how you prove what you said you did on the computer systems you accomplish your businesses work on is key to how much it costs to operate your business. Information Risk and Business Process Control are becoming key factors in managing any and all risks in operating an entity.
The world of an implied knowledge of information security requirements
In today’s world where personal information is protected by law and process control integrity is mandated by legislative regulation, the processes through which the entity creates enduring proof of its proper operations are key to making informed business-centric decisions at all levels.
This was nowhere more driven home than in California State’s Khaled ruling that Red Light Camera systems in place at the time of the ruling were hear-say evidence generators meaning their very design was flawed. What they would need are processes which provide the missing pieces of existing evidence models which implies that most if not all of the systems in place were not designed to comply with or operate under today’s evidence requirements
Adding a new Evidence Competence Step to Audit and Design Processes
To meet this new need, that means the addition of an Evidence Strength and Facilitation Metric to all processes. That’s really just fancy talk for a process that evaluates the mathematical strength of the computer’s security and information integrity controls to create a simple Process Risk Coefficient, what we refer to as the PRC in the risk domain.
Computed ContinualCompliance
For those looking for a solution for this Certichron meets this need through its proprietary and patent applied for ContinualCompliance practice.
ContinualCompliance is a unique approach to data proofing and its adoption by an entity creates a process where a reliable set of Forensic Telemetry ™ is installed so that the business practices being monitored provably use the source of time for this timestamp service model that is used to control this process.
How this magic works is that every process a computer performs is digital in nature so the idea that a security model can actually be created which is computed based on content and certified processes is a no-brainer. Its just never been done because of the size of the evidence created for each event case. But with today’s storage systems being what they are this is no longer a hurdle. By creating a set of uniform timestamps which tag and prove content at stages the correctness of any event thread can be “solved for completeness and correct summing”.
How do I use this?
Certichron’s ContinualCompliance practice process provides a set of tools to insure key control events are timestamped through a part of the same evidence control practice the entity uses to set their time-of-day clocks and generate their third-party evidence of proper tracking of the time-of-day in their key systems. The SecureNTP DES service from Certichron is used in addition to the SecureNTP server calibration and infrastructure control service to provably document an entities proper synchronization, end to end.
From a financial or evidence standpoint ContinualCompliance creates a computational model for representing any form of content-event supporting any and all mime types. What this means is that virtually any type of service process can be instrumented to provide proper and end-to-end forensic services with the addition of the Certichron DES and SecureNTP DES service partnership.
Contact us!
For more information on how to implement you own digital-evidence centric practice contact sales@certichron.com or call us at 800−511−2301.
Filed under CPR, Certichron by Todd Glassey on August 13, 2010 at 9:29 am
no comments
SecureNTP DES for Cities™ and the vLEO™ Evaluation Program
As a part of Certichron’s new vLEO working group efforts Certichron is pleased to announce the availability of DES for a 90 day trial period for Cities using secure time services as a new evidence anchor for the Law Enforcement and City Operations services.
SecureNTP for Cities program
SecureNTP for Cities profides a secure source of time for City IT Operations which is provable. SecureNTP for Cities provides a City Manager with a secure source of time which is provable to the point of court admissibility. With this service the City Manager working to produce a court-admissible evidence workflow will have the time-base trust anchor to prove the synchronization of the local time service as well as any servers which peering was setup for.
SecureNTP with DES
Additionally DES offers the City Manager the ability to create their own Digital Evidence Policy and IT Practice for its creation in the form of NTP based content-timestamps. Most IT people are unaware that NTP has two optional payloads which can be used to carry additional hashes which can be used to represent events in time. Certichron’s SecureNTP DES does exactly this and allows for the time-stamping and archival storage through the Peering Program component of SecureNTP.
DES provides its adopters an unprecedented Audit and Evidence Practice Enablement
This capability allows a City Manager and IT Director to provide a Time-stamping practice which can be used like a Cash Register Receipt only one which can contain any number of event or practice types. The service is an audit designers dream because they can create third-party timestamps which are provably created through the use of the NIST(UTC) time standard itself. No other time management and evidence creation/management process offers this level of capability.
DES for Cities is a new program to implement new digital evidence practices atop existing and emerging city-operations work flows. This key practice adds supporting value to existing work flows and can be used as the basis of a virtual Law Enforcement Operations (vLEO) system.
vLEO and Law Enforcement or Court Practices
vLEO uses Certichron’s patent applied for OpenTDI and Ceremonies in Software™ process which allows for the virtualization of a Law Enforcement Officer’s commission through the NCCSL eNotary Provisions now on the books in all fifty states. If your Camera System or Redlight Service is down now, this vLEO service may be just what you need. Call Certichron at 800−511−2301 or email us at Sales@Certichron.COM
Filed under Facility News, New Jersey by Todd Glassey on August 8, 2010 at 3:54 pm
no comments
Certichron’s latest Las Vegas site is complemented by a new twin-site opening in the State of New Jersey.
Certichron’s new Las Vegas site is complemented by a the dual-purpose New Jersey site as both service for their local gaming communities and the NYSE operations now coming online in New Jersey proper. The New Jersey Site also serves as critical fail-over for Certichron’s heavily used NYC timing service center!
Certichron is expanding with partner New York Internet into their newly-opened Bridgeport New Jersey operations center. Certichron’s selection of the Bridgeport site for NYC fail–over services is there to provide a legal time-reference backup to the Securities and Financial Industry who use the NYC time server.
Casino’s and Surveillance Clients
Casinos’ complying with Nevada Gaming Code 9.060(b) are pleasently surprised the same service which satisfy time service mandates in surveillance systems also meet their PCI DSS 10.4 compliance requirements seamlessly. SecureNTP and NIST(UTC) certification are the absolute best source of time anywhere.
SEC compliance
Certichron’s time-solution service called SecureNTP also works to manage distributed event sychronization across any number of systems and locations meaning it is FINRA listed as a OATS 7430 (time services for trading) compliance solution.
Further expansion
Certichron’s Regional Time Center operations framework is also expanding into the Southeast with planned operations in Atlanta, Dallas, and Miami, and plans International Timing Service Centers to satisfy the need in Europe and Asia alike.
For information on use of the New Jersey or Las Vegas timing centers and the facilities they provide contact sales@certichron.com or call us directly at 800−511−2301 .
Filed under Digital Evidence, Khaled by Todd Glassey on August 8, 2010 at 10:18 am
no comments
Filed under CTO's Blog, Certichron by Todd Glassey on August 5, 2010 at 1:00 pm
no comments
In direct opposition to the DoD Ban on unencryupted GPS for any official purpose becasue of its spoofability and lack of security, the Massachusetts State Supreme Judicial Court ruled that GPS data from a 2004 case is reliable evidence for prosecution.
The Court’s response was: “Our preeminent concern with respect to the evidence presented and considered at revocation proceedings is its reliability,” Justice Robert Cordy wrote in the decision. “If the evidence is admissible under standard evidentiary rules, it is presumptively reliable. If it is not admissible under such rules, a judge must independently evaluate its reliability.” That makes sense since the data was captured in 2004 but later in this response will will point out that the DoD banned the use of L1 GPS in 1998, so even in 2004 it was known how insecure GPS data reports were. There is also another issue this ruling creates and that is the Couurt’s setting precedents which pertain to technology which is now no longer secure. In 2010 (today) this ruling pertains to an event which happened in 2004, and since then the technological basis of GPS security models has changed, it is no longer as secure as it was in 2004. The problem we are concerned with is then that this 2010 ruling paves the way for more parties to sidestep technology changes and readily available information in the hacker and general access communities. As such the ruling is dangerous in my opinion, and as to why read on…
Joint Chiefs of Staff ban GPS L1 use in 1998
With the verification of the GPS data admissibility, what the court didn’t review was that the official Federal Policy from the DoD on the use of L1 GPS or that of the DoE. In fact the DoD banned the use of the un-encrypted GPS services in 1998 and that was never factored into the Court’s decision. The 1998 order of the Joint Chiefs forces all Military users of GPS to switch to the SAASM encrypted service or L2 GPS which has its own security. It was delayed to October 1st 2006 as to its effective date but the DoD policy about standard positioning system use without SAASM was in fact set in 1998 meaning that everyone in the DoD and the real world of the Government itself knows about these liabilities.
The DoE also has specific guidance on the liabilities and has staged actions with the FBI to hijack GPS tracked vehicles to document the security liabilities of GPS Data. That the Court refused to review this violated the Sua Sponte responsibility the Court has to determine fact and in this ruling is effectively rewriting Physics Texts to sidestep the fact that whether they rename RED as BLUE, it still will be RED.
Searches — do the diligence
Try this GOOGLE Search and notice everyone talking about the SAASM Mandate from the Joint Chiefs (JCoS), this is the most heavily guarded ‘secret’ from the public and it is the GPS Industry which will loose billions of dollars of profit if the truth about the GPS systems liabilities for trust-transfer are reviewed with regard to its inability to create reliable evidence is found out… don’t believe me — do the searches here.
SAASM Mandate
The JCoS order that “no unencrypted GPS L1 Systems will be purchased because of their lack of security and spoofability/jamming ease” can be seen all over the GPS world:
- http://www.google.com/search?hl=en&rls=com.microsoft%3Aen-us%3AIE-SearchBox&q=joint+chiefs+SAASM+mandate&aq=f&aqi=&aql=&oq=&gs_rfai=
- US DoE official GPS Vulnerability Assessment Team at LANL: http://www.né.anl.gov/capabilities/vat/spoof.html
- Financial aspects of GPS reliance: http://philosecurity.org/2008/09/11/gps-and-wall-street
- Article on Jon Warner’s GPS tracked “Gasoline Truck Hijacking” which is specific to this case and the use of GPS in any vehicle tracking requirement: http://philosecurity.org/2008/09/07/gps-spoofing
.
GPS and Cellular Jammers
Based on the tons of well known data, the Supreme Judicial Court in its GPS ruling failed to take actual real evidence into account and documented its failing as an objective forum. The physics of the issue are well known and very well documented. The L1 GPS system can be shutdown from a ground-station perspective with about $20 in parts. Additionally today there are commercial jammers available as off the shelf devices from multiple vendors
US Coast Guard warning about Tandy/Radio Shack and other TV Amplifiers in response to a GPS outage for all of Moss Landing (a Monterey California suburb) for 37 calendar days. The amplifier is $20… the area blacked out by this device was about a kilometer and a half wide circle meaning any GPS device staying into that area would be dead while it was inside that area http://www.uscg.mil/hq/cg3/cg3pcx/publications/alcoast/alcoast-298–03.asp
Spoofing L1 GPS Systems such that any records are creatable as needed costs only marginally more.
As a demonstration of how bad GPS is as a source of Court Admissible evidence we took a standard offender tracking bracelet and showed how with simple equipment available through a Google Search, that bracelet could be jammed. The Judge we actually performed this for stood there as the blood drained from his face as he realized that the evidence model they present is useless. We took it a step farther and then showed him what could be done with a GPS Test/Simulator Apparatus like a LABSAT (http://labsat.co.uk/) system from Race Logic. What came to this Jurist was that evidence could be fabricated through the use of GPS L1 systems and that they were unacceptable for use in any key critical applications such as the tracking of certain high-risk parties.
In closing: What to do about the situation
The reality is that anyone with a LABSAT and six of those $20 amplifiers can make a L1 GPS system say anything they want it to… making it an unacceptable source of evidence for courts. From our perspective it is not too late for the Court to review the actual evidence about the physics of GPS and the evidence GPS based appliance systems create, and if so warranted to reverse itself based on its finally reviewing the tons of evidence out there. We feel the data clearly proves that the GPS L1 System is now neither reliable (from a “Evidence Sense”) or trust-able without other oversight controlling that trust. In closing if GPS is used for human oversight based navigation applications, it is wonderful but because of how easily the data model is manipulated this is not a source of information which could be court admissible without secondary confirming information.
Filed under CTO's Blog, Certichron by Todd Glassey on August 5, 2010 at 11:34 am
no comments
Rogue Radio Shack $20 TV Amplifier takes Moss Landing GPS Services out for 37 days.
In early 2001 a rogue TV Amplifier on a sailboat in the Moss landing harbor was left turned on and because of a problem with the antenna lead became a source of GPS interference in Moss Landing California. The outage was so dramatic it caused the US Coast Guard to issue specific guidance on the use of the low-cost “powered TV amplifiers” since they can become radiators of broad-spectrum interference which takes GPS down hard.. This GPS Service outage also caused several research vessel’s IT teams to snap into action, but the bad news is that with all that brain-power it still took a month to solve meaning that “GPS Outages are complex to analyze and very easy to cause”. The evidence specific implications of this are self-evident.
GPS as a source of trustable time for SmartGrid or RedLightr Camera Operations?
Think what an outage of this type would do to a GPS based smartgrid or redlight camera based application. In fact for that matter think of that since GPS is unprovable as a legally provable source of evidence of anything. Whether it works correctly most of the time is not the issue, the issue is whether for the purposes of a law enforcement practrice or legal matter whether something with known liabilities and easily disrupted services provides a reliable enough solution for trust processes as an “Anchor for treating portable trust” services.
A local copy of the USCG Notice page can be seen at:
Filed under CPR, Certichron by Todd Glassey on August 1, 2010 at 12:36 pm
no comments
Filed under Certichron, Digital Evidence by Todd Glassey on July 23, 2010 at 10:54 am
no comments
Police and Sheriff’s Departments have a new hurdle to leap and that is in meeting the new constraints Khaled placed against their existing evidence capture and management practices
To make it possible for Law Enforcement (LE) to protect our culture and to deal with the rising costs of insuring that security Law Enforcement processes are turning to both outsourced or remotely operated surveillance systems which depend on virtualization of internal LE and many of the field-based LE Data Capture Operations which would ultimately lead to some form of prosecution and settlement-fine.
Traditional Evidence has been first-person in form
Traditionally in these matters any citations issued through those processes would generally need to be issued by the Police Officer or Sheriff’s Deputy who was operating that system under the commission of their office as a law enforcement officer. Some States actually have law limiting the issuance of citations to requiring the office of a commissioned Law Enforcement Officer to issue which complicates many surveillance and automated traffic management practices.
Certichron’s “Ceremonies in Software” allows for the virtualization of Law Enforcement Functionality
Certichron’s Virtualized Law Enforcement Officer, a Ceremony in Software Practice based on already-approved eNotary practice addresses this requirement fully meaning with Certichron’s system existing Law Enforcement Agencies are ‘good-to-go’ to restart their traffic enforcement practices immediately.
The use of the Notary statures amplifying the Law Enforcement commission creates a new and powerful electronic signing resource with the integrated $15,000 bond all notarized signings create. This system fully meets California and other State requirements since these states already ratified the specific portions of the Notary Practices Act’s as UCC making the Certichron model already approved for rollout across all 50 states.
In fact with proper implementation of a new evidence-capture mindset, many if not all existing systems can be brought into alignment with the new control requirements to maintain their admissibility into US and California Courts.
The Virtualized LEO
The virtiualized LEO allows for Intentional Evidence from each stage of each process to be created under the commission of the officer attesting to the issuance of the citations. The capture of the data can be certified by adding a hashing timestamp for each event. The reporting or containment receipt can be properly acknowledged with a timestamp request showing each component movement of evidence content, and when that content is ephemeral in form this is the only way to properly document controlled management of that data.
With this system any existing system can have transparency and the certifying process added to the process by the LEO signing into the Session Manager and attesting that they are applying their commission as a LEO to that operating session. The practice also can be facilitated against the Camera Operations Models today for any and all systems (RedFlex and Lockheed, or ATS operated in form). For all of these control practices the Certichron DES infrastructure allows the creation and application of the human commission in a virtual sense
to these existing systems.
For more information on our services and technologies, please email Certichron with your requirements or contact the sales office directly at 800−511−2301 (9−5 PST). Certichron, Inc. © 2009, 2010
Filed under Certichron, Gaming by Todd Glassey on July 17, 2010 at 1:33 pm
no comments
The Khaled ruling has unique impact on Orange County businesses and campus-security operations for commercial, medical and educational center operators.
The issues with the creation and management of trustworthy surveillance data is directly an issue with Orange County courts meaning now to reduce risk, operating groups need to create reliable evidence of their actions.
Most processes which only include two parties are inherently weak, those with a trusted third party. Now there is a real requirement to create the Trustworthiness of the Digital Evidence they in all systems capturing or containing it for the Risk Mitigation Model that allows those entities to obtain insurance for their operations.
Certichron’s SecureNTP and the DES timestamping technology is exactly what the doctor ordered in that it allows a law enforcement or civic operator to provide court admissible evidence. Adding DES with its SecureNTP completely meets the existing requirements and when coupled with our Ceremonies in Software service model, can set up a notarial control service on RedLight Camera and other systems designed to automate law enforcement activities.
Page 1 of 1312345»...Last »
