Air Force ROTC (AFROTC) Detachment 550 is a United States Air Force ROTC detachment located at Rensselaer Polytechnic Institute in Troy, New York, USA. Commanded by Colonel Christopher O'Hara, Detachment 550 is the 2004 winner of the Right of Line Award, given to the best small AFROTC unit in the country. While Rensselaer is the host university, Detachment 550 has agreements with 21 neighboring schools in the Hudson-Mohawk Association of Colleges and Universities for enrollment into the program. Detachment 550 is currently home to approximately 60 AFROTC Cadets.
History
Detachment 550 at Rensselaer Polytechnic Institute was established in 1949. The detachment under the command of Major Edward M. Rex organized the detachment around 97 cadets. The Air Force ROTC detachment was the last of the three branches to be represented on campus. By 1950 the total number of cadets in the wing had increased to 264. In 1951, the cadre grew to 7 officers and 6 enlisted airmen to meet the growing demands of the rapidly expanding detachment. With the beginning of 1952 came the organization of a 30 member AFROTC band which served as a complement to the existing 15 member Drum and Bugle Corps. The detachment grew and shrank in numbers along the years following the eb and flow of support for military organizations and military conflicts.
Since its inception, Detachment 550 has published a wing newsletter. Initially titled "The Prop Wash", the detachment newsletter changed its name to "Flight Lines" in 1952 and was combined into a joint newsletter titled "On Review" in 1953 due to spending budget cuts. The newsletter came to be called "The Eagle's Eye" through the 80's and 90's and eventually settled on the title, "The Navigator," as it is called today.
Distinguished Graduates
* Captain Carmen A. Lucci - First female AFROTC scholarship recipient and first female flight test engineer to lose her life. She was selected to the NASA astronaut corps shortly before her death.
* John "Scarsdale Jack" Newkirk - World War II Ace and member of the Flying Tigers, killed over Burma in March 1942.
History
Detachment 550 at Rensselaer Polytechnic Institute was established in 1949. The detachment under the command of Major Edward M. Rex organized the detachment around 97 cadets. The Air Force ROTC detachment was the last of the three branches to be represented on campus. By 1950 the total number of cadets in the wing had increased to 264. In 1951, the cadre grew to 7 officers and 6 enlisted airmen to meet the growing demands of the rapidly expanding detachment. With the beginning of 1952 came the organization of a 30 member AFROTC band which served as a complement to the existing 15 member Drum and Bugle Corps. The detachment grew and shrank in numbers along the years following the eb and flow of support for military organizations and military conflicts.
Since its inception, Detachment 550 has published a wing newsletter. Initially titled "The Prop Wash", the detachment newsletter changed its name to "Flight Lines" in 1952 and was combined into a joint newsletter titled "On Review" in 1953 due to spending budget cuts. The newsletter came to be called "The Eagle's Eye" through the 80's and 90's and eventually settled on the title, "The Navigator," as it is called today.
Distinguished Graduates
* Captain Carmen A. Lucci - First female AFROTC scholarship recipient and first female flight test engineer to lose her life. She was selected to the NASA astronaut corps shortly before her death.
* John "Scarsdale Jack" Newkirk - World War II Ace and member of the Flying Tigers, killed over Burma in March 1942.
<b>Project ETHOS</b> (www.ProjectEthos.com), known as the “incubator for emerging artists in fashion, music and art,” is a quarterly, red carpet event in Los Angeles that showcases all emerging Millennial Generation forms of creativity in one house, on one night. By merging fashion, music and art into one giant display of genius, Project ETHOS creates an innovative form of exposure for artists, a new scouting location for talent representatives, and a fresh outing for event goers. Project ETHOS is on a mission to bridge the gap between the Indie and Mainstream worlds and provide opportunity for previously unrecognized talent. With a potent ear to the street, the ETHOS team seeks out extraordinarily talented fresh faces, creating a link to decision makers and industry professionals. Project ETHOS is the next generation of exposing all artistry to the media, public and industry.
Website Fingerprinting is a technology that captures identity parameters of a website to develop a unique fingerprint. This fingerprint is unique to every website and can be used to define its identity.
Introduction
A web user today has a trillion web pages asking for his attention every time he is online with thousands of websites being added each day. Owing to the decentralized nature of issuance of domain names and the low cost of web hosting, it has become extremely simple for anyone to buy a domain name and host a website on his own. This has also meant that anyone can use the web to create a fraudulent website with content and URL’s stolen from existing genuine websites.
Most web users look to the site domain name and the look and feel of the content to establish the identity of the website. There is no central authority that validates the content before giving out the domain name. Therefore www.indiangovernment.com could easily be used to host malicious content.
By the time authorities catch such a website and take action, customers and businesses would have already lost enormous sums of money. It therefore becomes critical for every website to have a unique digital identity on the web.
Server Side Digital certificates - are they effective?
Digital certificates use a public private key pair to track the identity of domain names (not websites). They have been the standard security feature used by banking websites. There are however several issues with the process and have been a subject of much debate.
The foremost issue with digital certificates is that a web user is clueless about what needs to be checked in the certificate. All he can see is that the website uses a digital certificate. But rarely does he check if the certificate indeed belongs to the entity, because the entity never ever communicates what certificate they are using! It is quite possible to duplicate the content of an existing website and get a valid digital certificate issued.
Secondly there are multiple Certificate Authorities offering certificates and several of them are resellers who do not have the requisite processes to check the identity of the site. In fact some of the certificate authorities hand out free certificates. It is impossible to regulate certificate authorities and resellers to conduct checks on the domain and content before handing out certificates.
Lastly, what is the accountability of the Certificate Authority towards web users? Moreover, the browsers do not recognize any of the certification authorities as approved by the Government of India. Can a victim of identity theft take a certificate authority to task in case of error in issuance? Certificate authorities are mostly private enterprises based in the US and bear no liability towards online identity theft.
Counterfeiting digital identities
The URL, content and certificate are weak identifiers since all these can be spoofed to create duplicate websites. Let’s look at how fraudsters create a counterfeit website.
1.They buy a domain name (if required an obfuscated one - that is, one that is very similar to the original domain name).
2.Copy the content from the ORIGINAL website (and change it if required) and, if required,
3.They buy a certificate from say VERISIGN (!) with some domain name, host it at some server,
You now have a fake website whose URL can be distributed over emails (which is the least secure communication medium). If the end-users have NO means to authenticate these three fundamental identifiers only luck can save them! The above discussion undisputedly proves that the three primary identifiers - WEBSITE URL, CONTENT and (optionally) PKI based CERTIFICATE are incomplete as identifiers, as the user has NO a priori knowledge about them. There is no central authority where they can go and check this out. And lastly, these can be easily duplicated - leaving the user at the mercy of the fraudsters who use this knowledge to their benefits, by sending fraudulent emails with links of similar looking websites.
Identity necessarily needs a priori knowledge (identity data) with the verifier. In the absence of such a priori knowledge how can the verifier authenticate the identity is any body's guess. For example - login password or fingerprints etc have to be set first in order to be used as an identity. In case of websites, what do they set with (provide) the user which the user can use to identify the website? Also, any such data that is provided to the user a apriori, should be unique and difficult to duplicate.
In case of server side digital certificates, the user visiting the website is never informed about the certificate by the entity (say a bank) that has bought this certificate. Without any such a apriori knowledge about the certificate, how can server side certicates be used to define the identity of the website? Just because the browser is able to check the validity of the certificate? That it was issued by a valid certification authority, has not expired, and the domain name is the same that the browser is trying to connect to? What if the domain name itself is wrong? What if the certificate has been bought by the fraudster? Unless the user is provided with the apriori knowledge about the public key of the certificate, and the user is able to match it against the one the browser has extracted during the SSL handshake - how can the user identify the website? Server side digital certificates at best provide an encrypted channel, however, one could have an encrypted channel with the fraudster as well, based on a very legitimate server side digital certificate!
Website fingerprints
Website Fingerprinting works this way,
1. Generate website fingerprints: The identity parameters of a website are used to generate a unique fingerprint for each website. The fingerprint for each website is unique and cannot be copied by a third party.
2. Creation of a website fingerprint database: The site fingerprints are stored in a central database. this database is used by legal website owners to prove its identity to its customers.
3. Customer tool for matching fingerprints: The customers are given a browser plug-in which allows them to verify the fingerprint for a trusted website and alerts them if they are on a fake website.
The process of authenticating the fingerprints is based on a secure protocol that mutually authenticates the website without transfer of data.
Benefits
Website owners
•Better monitoring: Incase www.xyz.com notices that content from his website has been duplicated on another website and his brand is being utilized for commercial purposes or otherwise, he can report the incident and use his registration with the NWIR to prove his case.
•Reducing loss of traffic: He/She can ask his customers to watch for the green band to make sure they are on the correct website, thus preventing loss of traffic.
•Lower cost of monitoring: The website owner can also be alerted whenever the user does not see a green band indicating that he may be on a phishing website, who can then report it to NWIR. The time to track down a phishing website and ban the same can be dramatically reduced with this technology.
•Better trust: Customers would feel more secure in transacting online if the web environment is secure. This would eventually benefit the website in terms of more business.
Web users
•Better web security: Web users can now add websites they trust to their safe list and watch for a green band every time they are on a trusted website. This practice can effectively eliminate all forms of phishing which essentially rely on an unsuspecting user giving up his login and passwords.
•Legal recourse: In case a victim falls to an online identity theft, he can rely on a history of no green bands with the website signatures captured and stored locally to figure out the phishing websites he/she may have visited. This history can be used as a legal document to prove that he was indeed a victim of online identity theft - which is currently almost impossible.
The role of the government
Ideally governments should have initiated such a project before allowing companies to set-up websites especially those involved in financial transaction. If there already is a shop act to start a shop or a company act to start a company, there must have been some legal framework to ensure that the companies comply with registering the identity of their websites with the government agency before going online. A central agency would have the authority to give legal sanction to websites, capture and store their identity, thus making it easier for the customers to differentiate between authentic and fake (duplicate) websites.
<references/>http://trusite.rel-id.com/research.php<references/>
Introduction
A web user today has a trillion web pages asking for his attention every time he is online with thousands of websites being added each day. Owing to the decentralized nature of issuance of domain names and the low cost of web hosting, it has become extremely simple for anyone to buy a domain name and host a website on his own. This has also meant that anyone can use the web to create a fraudulent website with content and URL’s stolen from existing genuine websites.
Most web users look to the site domain name and the look and feel of the content to establish the identity of the website. There is no central authority that validates the content before giving out the domain name. Therefore www.indiangovernment.com could easily be used to host malicious content.
By the time authorities catch such a website and take action, customers and businesses would have already lost enormous sums of money. It therefore becomes critical for every website to have a unique digital identity on the web.
Server Side Digital certificates - are they effective?
Digital certificates use a public private key pair to track the identity of domain names (not websites). They have been the standard security feature used by banking websites. There are however several issues with the process and have been a subject of much debate.
The foremost issue with digital certificates is that a web user is clueless about what needs to be checked in the certificate. All he can see is that the website uses a digital certificate. But rarely does he check if the certificate indeed belongs to the entity, because the entity never ever communicates what certificate they are using! It is quite possible to duplicate the content of an existing website and get a valid digital certificate issued.
Secondly there are multiple Certificate Authorities offering certificates and several of them are resellers who do not have the requisite processes to check the identity of the site. In fact some of the certificate authorities hand out free certificates. It is impossible to regulate certificate authorities and resellers to conduct checks on the domain and content before handing out certificates.
Lastly, what is the accountability of the Certificate Authority towards web users? Moreover, the browsers do not recognize any of the certification authorities as approved by the Government of India. Can a victim of identity theft take a certificate authority to task in case of error in issuance? Certificate authorities are mostly private enterprises based in the US and bear no liability towards online identity theft.
Counterfeiting digital identities
The URL, content and certificate are weak identifiers since all these can be spoofed to create duplicate websites. Let’s look at how fraudsters create a counterfeit website.
1.They buy a domain name (if required an obfuscated one - that is, one that is very similar to the original domain name).
2.Copy the content from the ORIGINAL website (and change it if required) and, if required,
3.They buy a certificate from say VERISIGN (!) with some domain name, host it at some server,
You now have a fake website whose URL can be distributed over emails (which is the least secure communication medium). If the end-users have NO means to authenticate these three fundamental identifiers only luck can save them! The above discussion undisputedly proves that the three primary identifiers - WEBSITE URL, CONTENT and (optionally) PKI based CERTIFICATE are incomplete as identifiers, as the user has NO a priori knowledge about them. There is no central authority where they can go and check this out. And lastly, these can be easily duplicated - leaving the user at the mercy of the fraudsters who use this knowledge to their benefits, by sending fraudulent emails with links of similar looking websites.
Identity necessarily needs a priori knowledge (identity data) with the verifier. In the absence of such a priori knowledge how can the verifier authenticate the identity is any body's guess. For example - login password or fingerprints etc have to be set first in order to be used as an identity. In case of websites, what do they set with (provide) the user which the user can use to identify the website? Also, any such data that is provided to the user a apriori, should be unique and difficult to duplicate.
In case of server side digital certificates, the user visiting the website is never informed about the certificate by the entity (say a bank) that has bought this certificate. Without any such a apriori knowledge about the certificate, how can server side certicates be used to define the identity of the website? Just because the browser is able to check the validity of the certificate? That it was issued by a valid certification authority, has not expired, and the domain name is the same that the browser is trying to connect to? What if the domain name itself is wrong? What if the certificate has been bought by the fraudster? Unless the user is provided with the apriori knowledge about the public key of the certificate, and the user is able to match it against the one the browser has extracted during the SSL handshake - how can the user identify the website? Server side digital certificates at best provide an encrypted channel, however, one could have an encrypted channel with the fraudster as well, based on a very legitimate server side digital certificate!
Website fingerprints
Website Fingerprinting works this way,
1. Generate website fingerprints: The identity parameters of a website are used to generate a unique fingerprint for each website. The fingerprint for each website is unique and cannot be copied by a third party.
2. Creation of a website fingerprint database: The site fingerprints are stored in a central database. this database is used by legal website owners to prove its identity to its customers.
3. Customer tool for matching fingerprints: The customers are given a browser plug-in which allows them to verify the fingerprint for a trusted website and alerts them if they are on a fake website.
The process of authenticating the fingerprints is based on a secure protocol that mutually authenticates the website without transfer of data.
Benefits
Website owners
•Better monitoring: Incase www.xyz.com notices that content from his website has been duplicated on another website and his brand is being utilized for commercial purposes or otherwise, he can report the incident and use his registration with the NWIR to prove his case.
•Reducing loss of traffic: He/She can ask his customers to watch for the green band to make sure they are on the correct website, thus preventing loss of traffic.
•Lower cost of monitoring: The website owner can also be alerted whenever the user does not see a green band indicating that he may be on a phishing website, who can then report it to NWIR. The time to track down a phishing website and ban the same can be dramatically reduced with this technology.
•Better trust: Customers would feel more secure in transacting online if the web environment is secure. This would eventually benefit the website in terms of more business.
Web users
•Better web security: Web users can now add websites they trust to their safe list and watch for a green band every time they are on a trusted website. This practice can effectively eliminate all forms of phishing which essentially rely on an unsuspecting user giving up his login and passwords.
•Legal recourse: In case a victim falls to an online identity theft, he can rely on a history of no green bands with the website signatures captured and stored locally to figure out the phishing websites he/she may have visited. This history can be used as a legal document to prove that he was indeed a victim of online identity theft - which is currently almost impossible.
The role of the government
Ideally governments should have initiated such a project before allowing companies to set-up websites especially those involved in financial transaction. If there already is a shop act to start a shop or a company act to start a company, there must have been some legal framework to ensure that the companies comply with registering the identity of their websites with the government agency before going online. A central agency would have the authority to give legal sanction to websites, capture and store their identity, thus making it easier for the customers to differentiate between authentic and fake (duplicate) websites.
<references/>http://trusite.rel-id.com/research.php<references/>
Warren LeBlanc was the murderer and former friend of 14 year old Stefan Pakeerah in Leicester, England.
The murder
The murder took place on February 26, 2004. LeBlanc lured 14 year old Stefan Pakeerah to a park in Leicester to steal from him and ended up killing Pakeerah by stabbing him with a claw hammer. LeBlanc was 17 at the time.
Trial and imprisonment
LeBlanc pleaded guilty to the murder of Stefan Pakeerah. He was sentenced to life in prison. He will be eligible for parole within serving 13 years.
Video game obsession
Stefan's mother Giselle Pakeerah claimed that LeBlanc had been 'obsessed' with the video game, Manhunt. However, LeBlanc was not found to be in possession of the game. It was actually found to be owned by the victim, Pakeerah. The police denied any such link between the game and the murder, citing drug-related robbery as the motive. The presiding judge also placed sole responsibility with LeBlanc after giving him his sentence.
The murder
The murder took place on February 26, 2004. LeBlanc lured 14 year old Stefan Pakeerah to a park in Leicester to steal from him and ended up killing Pakeerah by stabbing him with a claw hammer. LeBlanc was 17 at the time.
Trial and imprisonment
LeBlanc pleaded guilty to the murder of Stefan Pakeerah. He was sentenced to life in prison. He will be eligible for parole within serving 13 years.
Video game obsession
Stefan's mother Giselle Pakeerah claimed that LeBlanc had been 'obsessed' with the video game, Manhunt. However, LeBlanc was not found to be in possession of the game. It was actually found to be owned by the victim, Pakeerah. The police denied any such link between the game and the murder, citing drug-related robbery as the motive. The presiding judge also placed sole responsibility with LeBlanc after giving him his sentence.