Soulskill - Slashdot User

Submission + - Apple posts $18B quarterly profit, highest ever by any company

Submitted by jmcbain on Tuesday January 27, 2015 @08:10PM

jmcbain writes: Today, Apple reported its financial results for the quarter ending December 31, 2014. It posted $18 billion in profit (on $74 billion in revenue), the largest quarterly profit by any company ever. The previous record was $16 billion by Russia’s Gazprom (the largest natural gas extractor in the world) in 2011. Imagine how much better Apple could be if they open-sourced their software.

Submission + - Book review: Designing and Building a Security Operations Center

Submitted by benrothke on Tuesday January 27, 2015 @08:02PM

benrothke writes: Title:Designing and Building a Security Operations Center

Author: David Nathans

Pages: 276

Publisher: Syngress

Rating: 8/10

Reviewer: Ben Rothke

ISBN: 978-0128008997

Summary: Good introduction to those looking to build their own security operations center

Many organizations are overwhelmed by the onslaught of security data from disparate systems, platforms and applications. They have numerous point solutions (anti-virus, firewalls, IDS/IPS, ERP, access control, IdM, single sign-on, etc.) that can create millions of daily log messages. In addition to directed attacks becoming more frequent and sophisticated, there are regulatory compliance issues that place increasing burden on security, systems and network administrators.

This creates a large amount of information and log data without a formal mechanism to deal with it. This has led to many organizations creating a security operations center (SOC). A SOC in its most basic form is the centralized team that deals with information security incidents and related issues.

In Designing and Building a Security Operations Center, author David Nathans provides the basics on how that can be done. An effective SOC provides the benefit of speed of response time to a security incident. Be it a DDoS attack or malware which can spread throughout a corporate network in minutes, and potentially knock out the network, every second counts in identifying these attacks and negating them before they can cause additional damage. Having a responsive SOC can make all the difference in how a firms deals with these security issues.

The book notes that the SOC is akin to an enterprise nervous systemthat can gather and normalize vast amounts of log and related data. This can provide continuous prevention, protection and detection by providing response capabilities against threats, remotely exploitable vulnerabilities and real-time incidents on the monitored network.

The books 11 chapters provide a start for anyone considering building out their own SOC. Topics include required infrastructure, organizational structure, staffing and daily operations, to training, metrics, outsourcing and more.

When building a SOC, the choices are for the most part doing it yourself (DIY) or using an outsourced managed security service provider (MSSP). The book focuses primarily on the DIY approach, while chapter 10 briefly details the issues and benefits of using a MSSP. The book provides the pros and cons of each approach. Some firms have a hybrid approach where they perform some SOC activities and outsource others. But the book doesn't details that approach.

The book provides a large amount of details on the many tasks needed to create an internal SOC. The truth is that many firms simply don't have the staff and budget needed to support an internal SOC. They also don't have the budget for an MSSP. With that, Mike Rothman of Securosis noted that these firms are "trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats without diving deep into raw log files".

One important topic the book does not cover is around SIM/SIEM/SEM software. SIEM software can provide a firm with real-time analysis of security alerts generated by network and security hardware, software and other applications.

Many benefits come from an effective SIEM tool being the backbone of the SOC. A SIEM tool consolidates all data and analyzes it intelligently and provides visualization into the environment. But selecting the appropriate SIEM and correctly deploying it is not a trivial endeavor.

Those looking for a good reference on SIEM should read: Security Information and Event Management (SIEM) Implementation, which I reviewed on Slashdot - http://books.slashdot.org/story/11/02/23/1328243/book-review-security-information-and-event-management-implementation. That book does provide an excellent overview of the topic and will be of value to those reading looking for answer around SIEM. Those looking for a solid introduction to the world of SIEM should definitely get a copy.

The book notes that the most important part of a SOC, and often the most overlooked, is that of the SOC analyst. And with that, the book writes how it's important to be cognizant of the fact of SOC analyst burnout. SOC analysts can burnout and it's important for an organization to have a plan to address this, including aspects of training, management opportunities and job rotation.

Building an in-house SOC takes significant planning an attention to detail and the book details a lot of the particulars that are required for an effective SOC design.

The implementation of a SOC will cost a significant amount of money and management will often want to have metrics to let them know what the SOC is doing. The book spends a brief amount of time on SOC metrics; which is a topic that warrants a book in its own right. There are many metrics that can be created to measure SOC efficacy. Effective SOC metrics will measure how quickly incidents are handled by the SOC, and how incident are identified, addressed and handled.

The downside to metrics is that they must be used judiciously. It's important not to measure base performance of a SOC analyst simply on the number of events analyzed or recommendations written. Metrics used in that manner are akin to help desk where analysts are only concerned about getting calls finished, in order to meet their calls completed metrics.

As important as a SOC is, this is surprisingly the first book written on the topic. At under 250 pages, the book provides an introduction to the topic, but is not a comprehensive work on the topic. There are areas in SOC management that the book doesn't cover, such as SOC documentation, creating and using SOC operation run books, and more.

But even with those missing areas, Designing and Building a Security Operations Centeris a good reference to start with. A SOC is a security component most organizations are in dire need of, and the book is a good way to get them started on that effort.

Reviewed by Ben Rothke

Submission + - Embedded Linux Conference Hijacked by Drones (linuxgizmos.com)

Submitted by __aajbyc7391 on Tuesday January 27, 2015 @07:25PM

__aajbyc7391 writes: The Linux Foundation has released the full agenda for its annual North American Embedded Linux Conference + Android Builders Summit, which takes place Mar. 23-25 in San Jose, Calif. The ELC, which this year is titled Drones, Things, and Automobiles, increasingly reflects new opportunities for Linux in areas such as drones, robots, automotive computers, IoT gizmos, 3D sensing, modular phones, and much more. For those worried that ELC is skimping on the basics as it explores the more colorful sides of Linux, worry not, as there are still plenty of sessions on booting, trace analysis, NAND support, PHY frameworks, power management, defragmenting, systemd, device tree, and toolchain.

Submission + - Comcast Pays Overdue Fees, Free Stuff For Time-Warner Merger Approval

Submitted by WheezyJoe on Tuesday January 27, 2015 @06:31PM

WheezyJoe writes: In seeking more support for its mega-merger with Time-Warner Cable, Comcast has been going across the country giving local governments a chance to ask for favors in exchange for approving a franchise transfer. In Minneapolis, this turned up an unpaid bill of $40,000 in overdue franchise fees, so Comcast will have to pay the city money it already owed in order to get the franchise transfer. Comcast will also throw in $50,000 worth of free service and equipment.

"Thirty Minneapolis city buildings will get free basic cable for the next seven years as part of a package of concessions the city wrung out of Comcast in exchange for blessing its proposed merger with fellow cable giant Time Warner," Minnesota Public Radio reported. "Comcast has also agreed to pay Minneapolis $40,000 in overdue franchise fees after an audit found it underpaid the city for its use of the public right of way over the last three years." The article notes that getting any kind of refund out of a cable company is not easy.

Part of the deal with Minneapolis involves the spinoff of a new cable company called GreatLand Connections that will serve 2.5 million customers in the Midwest and Southeast, including Minnesota. After the deal, Comcast's franchises in those areas would be transferred to GreatLand. Such goodwill concessions may seem impressive as Comcast seeks to foster goodwill, but one wonders how Comcast/TimeWarner will behave after the merger.

Submission + - FCC calls blocking of personal Wi-Fi hotspots "disturbing trend" (networkworld.com)

Submitted by alphadogg on Tuesday January 27, 2015 @06:29PM

alphadogg writes: The FCC on Tuesday warned http://transition.fcc.gov/Dail... that it will no longer tolerate hotels, convention centers or others intentionally interfering with personal Wi-Fi hotspots. This issue grabbed headlines last fall when Marriott International was fined $600K for blocking customer Wi-Fi hotspots, presumably to encourage the guests to pay for pricey Internet access from the hotel.

Submission + - Engineers Develop 'Ultrarope" For World's Highest Elevator 1

Submitted by HughPickens.com on Tuesday January 27, 2015 @05:37PM

HughPickens.com writes: Halfway up the Shard, London’s tallest skyscraper, you are asked to step out of the elevator at the transfer floor or “sky lobby,” a necessary inconvenience in order to reach the upper half of the building, and a symptom of the limits of elevators today. To ascend a mile-high (1.6km) tower using the same technology could necessitate changing elevators as many as 10 times because elevators traveling distances of more than 500m [1,640 ft] have not been feasible because the weight of the steel cables themselves becomes so great. Now BBC reports that after nine years of rigorous testing, Kone has released Ultrarope — a material composed of carbon-fiber covered in a friction-proof coating that weighs a seventh of the steel cables, making elevators of up to 1km (0.6 miles) in height feasible to build. Kone's creation was chosen to be installed in what's destined to become the world's tallest building, the Kingdom Tower in Jeddah, Saudi Arabia. When completed in 2020, the tower will stand a full kilometer in height, and will boast the world's tallest elevator at 660m (2,165ft). A 1km-tall tower may seem staggering, but is this the buildable limit? Most probably not, according to Dr Sang Dae Kim. “With Kingdom Tower we now have a design that reaches around 1 km in height. Later on, someone will push for 1 mile, and then 2 km,” says Kim adding that, technically speaking, a 2 km might be possible at the current time. “At this point in time we can build a tower that is 1 km, maybe 2 km. Any higher than that and we will have to do a lot of homework.”

Submission + - YouTube Ditches Flash For HTML5 Video By Default

Submitted by Anonymous Coward on Tuesday January 27, 2015 @04:20PM

An anonymous reader writes: YouTube today announced it has finally stopped using Adobe Flash by default. The site now uses its HTML5 video player by default in Google’s Chrome, Microsoft’s IE11, Apple’s Safari 8, and in beta versions of Mozilla’s Firefox browser. At the same time, YouTube is now also defaulting to its HTML5 player on the web. In fact, the company is deprecating the “old style” Flash object embeds and its Flash API, pointing users to the iframe API instead, since the latter can adapt depending on the device and browser you’re using.

Submission + - Serious Network Function Vulnerability Found In Glibc 1

Submitted by Anonymous Coward on Tuesday January 27, 2015 @02:54PM

An anonymous reader writes: A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors.

Submission + - Inside the Largest Virtual Psychology Lab in the World (medium.com)

Submitted by bearhuntz on Tuesday January 27, 2015 @02:17PM

bearhuntz writes: How Riot Games is using League of Legends as a psychology lab to run scientific experiments and reduce "bad" player behavior.

Submission + - Game Hack-A-Thon Attracts Multiple Teams At 480 Sites Worldwide

Submitted by BarbaraHudson on Tuesday January 27, 2015 @12:45PM

BarbaraHudson writes: Students at Michigan State University participated in the Global Game Jam this past weekend. The event is a worldwide 48-hour hack-a-thon dedicated to inspiring creativity and building a working game from scratch in one weekend. Sponsored by companies like Intel, Microsoft and Facebook it is the largest event of its kind.

All games entered for GGJ are released under a Creative Commons, share, alter, no sell license.

Members of the Spartasoft club and other eager gamers gathered on Friday afternoon in Communication Arts and Sciences Building in preparation for the event. Although the club is focused on game development, not everyone participating was a computer programmer. Artists and graphic designers were present to help create characters and models for the games.

The goal of Global Game Jam is to a stir up a global creative buzz in games while at the same time exploring the process of development.

Submission + - Kepler Discovers Solar System's Ancient 'Twin' (discovery.com)

Submitted by astroengine on Tuesday January 27, 2015 @12:40PM

astroengine writes: Astronomers have found a star system that bears striking resemblance to our inner solar system. It’s a sun-like star that plays host to a system of five small exoplanets — from the size of Mercury to the size of Venus. But there’s something very alien about this compact ‘solar system’; it formed when the universe was only 20 percent the age it is now, making making it the most ancient star system playing host to terrestrial sized worlds discovered to date.

Submission + - Latest Windows 10 Preview Build Brings Unexpectedly Large Number of Enhancements

Submitted by Deathspawner on Tuesday January 27, 2015 @12:15PM

Deathspawner writes: Following its huge Windows 10 event last Wednesday, Microsoft released a brand-new preview build to the public, versioned 9926. We were told that it'd give us Cortana, Microsoft's AI assistant, as well as a revamped Start menu and updated notifications pane. But as it turns out, that's not even close to summing up all that's new with this build. In fact, 9926 is easily the most substantial update rolled out so far in the beta program, with some UI elements and integral Windows features seeing their first overhaul in multiple generations.

Submission + - 404 - Plane Not Found: Lizard Squad Hacks Malaysia Airlines (bloombergview.com)

Submitted by Anonymous Coward on Tuesday January 27, 2015 @10:33AM

An anonymous reader writes: Lizard Squad, the hacking collaborative that went after Playstation, XBox, and the North Korean Internet last year, made Malaysia Airlines its target this week. Bloomberg links to images of the hacks (including the rather heartless 404 jab on its home page) and columnist Adam Minter wonders why Malaysia Airlines, which has had so much bad press in the past 12 months, was worthy of Lizard Squads ire. In apparent answer, @LizardMafia (the org's reputed Twitter handle) messaged Mr. Minter this AM:

"More to come soon. Side Note: We're still organizing the @MAS email dump, stay tuned for that" https://twitter.com/AdamMinter... Perhaps Lizard Squad found something in the Malaysia Airlines emails that explain what has made it so "exemplary".

Submission + - Opera founder unveils feature-rich Vivaldi power browser. (gigaom.com)

Submitted by cdysthe on Tuesday January 27, 2015 @09:29AM

cdysthe writes: Almost two years ago, the Norwegian browser firm Opera ripped out the guts of its product and adopted the more standard WebKit and Chromium technologies, essentially making it more like rivals Chrome and Safari. But it wasn’t just Opera’s innards that changed; the browser also became more streamlined and perhaps less geeky.

Many Opera fans were deeply displeased at the loss of what they saw as key differentiating functionality. So now Jon von Tetzchner, the man who founded Opera and who would probably never have allowed those drastic feature changes, is back to serve this hard core with a new browser called Vivaldi.

Submission + - EFF Unveils Plan For Ending Mass Surveillance (eff.org) 1

Submitted by Anonymous Coward on Monday January 26, 2015 @10:30PM

An anonymous reader writes: The Electronic Frontier Foundation has published a detailed, global strategy for ridding ourselves of mass surveillance. They stress that this must be an international effort — while citizens of many countries can vote against politicians who support surveillance, there are also many countries where the citizens have to resort to other methods. The central part of the EFF's plan is: encryption, encryption, encryption. They say we need to build new secure communications tools, pressure existing tech companies to make their products secure against everyone, and get ordinary internet-goers to recognize that encryption is a fundamental part of communication in the surveillance age. They also advocate fighting for transparency and against overreach on a national level. "[T]he more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data." The EFF references a document created to apply the principles of human rights to communications surveillance, which they say are "our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate."

Slashdot Top Deals