Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

+ - Hijacking Drones With Malware

Submitted by Anonymous Coward
An anonymous reader writes "A recent incident at the White House showed that small aerial vehicles (drones) present a specific security problem. Rahul Sasi, a security engineer at Citrix R&D, created MalDrone, the first backdoor malware for the AR drone ARM Linux system, to target Parrot AR Drones, but says it can be modified to target others as well. The malware can be silently installed on a drone, and be used to control the drone remotely and to conduct remote surveillance."

+ - Book review: Designing and Building a Security Operations Center

Submitted by benrothke
benrothke (2577567) writes "Title:Designing and Building a Security Operations Center

Author: David Nathans

Pages: 276

Publisher: Syngress

Rating: 8/10

Reviewer: Ben Rothke

ISBN: 978-0128008997

Summary: Good introduction to those looking to build their own security operations center





Many organizations are overwhelmed by the onslaught of security data from disparate systems, platforms and applications. They have numerous point solutions (anti-virus, firewalls, IDS/IPS, ERP, access control, IdM, single sign-on, etc.) that can create millions of daily log messages. In addition to directed attacks becoming more frequent and sophisticated, there are regulatory compliance issues that place increasing burden on security, systems and network administrators.



This creates a large amount of information and log data without a formal mechanism to deal with it. This has led to many organizations creating a security operations center (SOC). A SOC in its most basic form is the centralized team that deals with information security incidents and related issues.



In Designing and Building a Security Operations Center, author David Nathans provides the basics on how that can be done. An effective SOC provides the benefit of speed of response time to a security incident. Be it a DDoS attack or malware which can spread throughout a corporate network in minutes, and potentially knock out the network, every second counts in identifying these attacks and negating them before they can cause additional damage. Having a responsive SOC can make all the difference in how a firms deals with these security issues.



The book notes that the SOC is akin to an enterprise nervous systemthat can gather and normalize vast amounts of log and related data. This can provide continuous prevention, protection and detection by providing response capabilities against threats, remotely exploitable vulnerabilities and real-time incidents on the monitored network.



The books 11 chapters provide a start for anyone considering building out their own SOC. Topics include required infrastructure, organizational structure, staffing and daily operations, to training, metrics, outsourcing and more.



When building a SOC, the choices are for the most part doing it yourself (DIY) or using an outsourced managed security service provider (MSSP). The book focuses primarily on the DIY approach, while chapter 10 briefly details the issues and benefits of using a MSSP. The book provides the pros and cons of each approach. Some firms have a hybrid approach where they perform some SOC activities and outsource others. But the book doesn't details that approach.



The book provides a large amount of details on the many tasks needed to create an internal SOC. The truth is that many firms simply don't have the staff and budget needed to support an internal SOC. They also don't have the budget for an MSSP. With that, Mike Rothman of Securosis noted that these firms are "trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats without diving deep into raw log files".



One important topic the book does not cover is around SIM/SIEM/SEM software. SIEM software can provide a firm with real-time analysis of security alerts generated by network and security hardware, software and other applications.



Many benefits come from an effective SIEM tool being the backbone of the SOC. A SIEM tool consolidates all data and analyzes it intelligently and provides visualization into the environment. But selecting the appropriate SIEM and correctly deploying it is not a trivial endeavor.



Those looking for a good reference on SIEM should read: Security Information and Event Management (SIEM) Implementation, which I reviewed on Slashdot - http://books.slashdot.org/story/11/02/23/1328243/book-review-security-information-and-event-management-implementation. That book does provide an excellent overview of the topic and will be of value to those reading looking for answer around SIEM. Those looking for a solid introduction to the world of SIEM should definitely get a copy.



The book notes that the most important part of a SOC, and often the most overlooked, is that of the SOC analyst. And with that, the book writes how it's important to be cognizant of the fact of SOC analyst burnout. SOC analysts can burnout and it's important for an organization to have a plan to address this, including aspects of training, management opportunities and job rotation.



Building an in-house SOC takes significant planning an attention to detail and the book details a lot of the particulars that are required for an effective SOC design.



The implementation of a SOC will cost a significant amount of money and management will often want to have metrics to let them know what the SOC is doing. The book spends a brief amount of time on SOC metrics; which is a topic that warrants a book in its own right. There are many metrics that can be created to measure SOC efficacy. Effective SOC metrics will measure how quickly incidents are handled by the SOC, and how incident are identified, addressed and handled.



The downside to metrics is that they must be used judiciously. It's important not to measure base performance of a SOC analyst simply on the number of events analyzed or recommendations written. Metrics used in that manner are akin to help desk where analysts are only concerned about getting calls finished, in order to meet their calls completed metrics.



As important as a SOC is, this is surprisingly the first book written on the topic. At under 250 pages, the book provides an introduction to the topic, but is not a comprehensive work on the topic. There are areas in SOC management that the book doesn't cover, such as SOC documentation, creating and using SOC operation run books, and more.



But even with those missing areas, Designing and Building a Security Operations Centeris a good reference to start with. A SOC is a security component most organizations are in dire need of, and the book is a good way to get them started on that effort.





Reviewed by Ben Rothke"
Science

Graphene: Reversible Method of Magnetic Doping Paves Way For Semiconductor Use 38

Posted by Soulskill
from the nano-baby-steps dept.
concertina226 writes: A team of physicists at University of California, Riverside have discovered how to induce magnetism in graphene in a way that still preserves the material's electronic properties, which paves the way for graphene to be used as a semiconductor.

The researchers grew a sheet of yttrium iron garnet using laser molecular beam epitaxy in a laboratory (abstract). Magnetic substances like iron are known to disrupt graphene's electrical conduction properties, but yttrium iron garnet works well as it is an electric insulator.

When a graphene sheet was placed on top of an atomically smooth sheet of yttrium iron garnet, the graphene borrowed the magnetic properties from the yttrium iron garnet and became magnetized without the need for doping.
Science

New Micro-Ring Resonator Creates Quantum Entanglement On a Silicon Chip 54

Posted by Soulskill
from the approaching-technobabble-territory dept.
Zothecula writes: The quantum entanglement of particles, such as photons, is a prerequisite for the new and future technologies of quantum computing, telecommunications, and cyber security. Real-world applications that take advantage of this technology, however, will not be fully realized until devices that produce such quantum states leave the realms of the laboratory and are made both small and energy efficient enough to be embedded in electronic equipment. In this vein, European scientists (abstract) have created and installed a tiny "ring-resonator" on a microchip that is claimed to produce copious numbers of entangled photons while using very little power to do so.

+ - New Micro-Ring Resonator Creates Quantum Entanglement on a Silicon Chip ->

Submitted by Zothecula
Zothecula (1870348) writes "The quantum entanglement of particles, such as photons, is a prerequisite for the new and future technologies of quantum computing, telecommunications, and cyber security. Real-world applications that take advantage of this technology, however, will not be fully realized until devices that produce such quantum states leave the realms of the laboratory and are made both small and energy efficient enough to be embedded in electronic equipment. In this vein, European scientists have created and installed a tiny "ring-resonator" on a microchip that is claimed to produce copious numbers of entangled photons while using very little power to do so."
Link to Original Source
Security

Why Screen Lockers On X11 Cannot Be Secure 352

Posted by Soulskill
from the targeted-for-improvement dept.
jones_supa writes: One thing we all remember from Windows NT is the security feature requiring the user to press CTRL-ALT-DEL to unlock the workstation (this can still be enabled with a policy setting). The motivation was to make it impossible for other programs to mimic a lock screen, as they couldn't react to the special key combination. Martin Gräßlin from the KDE team takes a look at the lock screen security on X11. On a protocol level, X11 doesn't know anything of screen lockers. Also the X server doesn't know that the screen is locked as it doesn't understand the concept. This means the screen locker can only use the core functionality available to emulate screen locking. That in turn also means that any other client can do the same and prevent the screen locker from working (for example opening a context menu on any window prevents the screen locker from activating). That's quite a bummer: any process connected to the X server can block the screen locker, and even more it could fake your screen locker.
Encryption

Justice Department: Default Encryption Has Created a 'Zone of Lawlessness' 407

Posted by Soulskill
from the what-would-you-call-this-zone-that's-allegedly-associated-with-danger? dept.
Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.

"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.

+ - Justice Department: Default Encryption Has Created a 'Zone of Lawlessness'

Submitted by Jason Koebler
Jason Koebler (3528235) writes "Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is “very concerned” by the Google’s and Apple’s decision to automatically encrypt all data on Android and iOS devices.
“We understand the value of encryption and the importance of security,” she said. “But we’re very concerned they not lead to the creation of what I would call a ‘zone of lawlessness,’ where there’s evidence that we could have lawful access through a court order that we’re prohibited from getting because of a company’s technological choices.”"
Handhelds

The iPad Is 5 Years Old This Week, But You Still Don't Need One 278

Posted by Soulskill
from the interactive-chopping-boards dept.
HughPickens.com writes: Five years ago, Steve Jobs introduced the iPad and insisted that it would do many things better than either a laptop or a smartphone. Will Oremus writes at Future Tense that by most standards, the iPad has been a success, and the tablet has indeed emerged as a third category of computing device. But there's another way of looking at the iPad. According to Oremus, Jobs was right to leave out the productivity features and go big on the simple tactile pleasure of holding the Internet in your hands.

But for all its popularity and appeal, the iPad never has quite cleared the bar Jobs set for it, which was to be "far better" at some key tasks than a laptop or a smartphone. The iPad may have been "far better" when it was first released, but smartphones have come a long way. The iPhone 6 and 6 Plus and their Android equivalents are now convenient enough for most mobile computing tasks that there's no need to carry around a tablet as well. That helps explain why iPad sales have plateaued, rather than continuing to ascend to the stratospheric levels of the iPhone. "The iPad remains an impressive machine. But it also remains a luxury item rather than a necessity," concludes Oremus. "Again, by most standards, it is a major success. Just not by the high standards that Jobs himself set for it five years ago."

+ - We May Have Jupiter To Thank For the Nitrogen In Earth's Atmosphere->

Submitted by Anonymous Coward
An anonymous reader writes "Nitrogen makes up about 78% of the Earth's atmosphere. It's also the 4th most abundant element in the human body. But where did all the nitrogen on Earth come from? Scientists aren't sure, but they have a new theory. Back when the solar system was just a protoplanetary disk, the ice orbiting the early Sun included ammonia, which has a nitrogen atom and three hydrogen atoms. But there needed to be a way for the nitrogen to get to the developing Earth. That's where Jupiter comes in. During its theorized Grand Tack, where it plunged into the center of the solar system and then retreated outward again, it created shock waves in the dust and ice cloud surrounding the sun. These shock waves caused gentle heating of the ammonia ice, which allowed it to react with chromium-bearing metal to form a mineral called carlsbergite. New research (abstract) suggests this mineral was then present when the Earth's accretion happened."
Link to Original Source

+ - The iPad Is 5 Years Old This Week But You Still Don't Need One

Submitted by HughPickens.com
HughPickens.com (3830033) writes "Will Oremus writes at Future Tense that five years ago Steve Jobs introduced the iPad and insisted that it would do several things better than either a laptop or a smartphone: browse the web, send email, watch videos, enjoy your music collection, play games, read ebooks. By most standards, the iPad has been a success, and the tablet has indeed emerged as a third category of computing device but there's another way of looking at the iPad. According to Oremus, Jobs was right to leave out the productivity features and go big on the simple tactile pleasure of holding the Internet in your hands. But for all its popularity and appeal, the iPad never has quite cleared the bar Jobs set for it, which was to be “far better” at some key tasks than a laptop or a smartphone. The iPad may have been "far better" when it was first released but smartphones have come a long way. The iPhone 6 and 6 Plus and their Android equivalents are now convenient enough for most mobile computing tasks that there’s no need to carry around a tablet as well. That helps explain why iPad sales have plateaued, rather than continuing to ascend to the stratospheric levels of the iPhone. "The iPad remains an impressive machine. But it also remains a luxury item rather than a necessity," concludes Oremus. "Again, by most standards, it is a major success. Just not by the high standards that Jobs himself set for it five years ago.""
Censorship

Facebook Censoring Images of the Prophet Muhammad In Turkey 226

Posted by Soulskill
from the a-picture-is-worth-a-thousand-complaints dept.
An anonymous reader writes: Immediately following the Charlie Hebdo attack, Mark Zuckerberg said, "... this is what we all need to reject — a group of extremists trying to silence the voices and opinions of everyone else around the world. I won't let that happen on Facebook. I'm committed to building a service where you can speak freely without fear of violence." Now, Facebook has begun censoring images of the prophet Muhammad in Turkey. According to the Washington post, "It's an illustration, perhaps, of how extremely complicated and nuanced issues of online speech really are. It's also conclusive proof of what many tech critics said of Zuckerberg's free-speech declaration at the time: Sweeping promises are all well and good, but Facebook's record doesn't entirely back it up." To be fair to Zuckerberg and Facebook, the company must obey the law of any country in which it operates. But it stands in stark contrast to the principles espoused by its founder.

+ - Facebook Censoring Images of the Prophet Muhammad In Turkey->

Submitted by Anonymous Coward
An anonymous reader writes "Immediately following the Charlie Hebdo attack, Mark Zuckerberg said, "... this is what we all need to reject — a group of extremists trying to silence the voices and opinions of everyone else around the world. I won't let that happen on Facebook. I'm committed to building a service where you can speak freely without fear of violence." Now, Facebook has begun censoring images of the prophet Muhammad in Turkey. According to the Washington post, "It’s an illustration, perhaps, of how extremely complicated and nuanced issues of online speech really are. It’s also conclusive proof of what many tech critics said of Zuckerberg’s free-speech declaration at the time: Sweeping promises are all well and good, but Facebook’s record doesn't entirely back it up." To be fair to Zuckerberg and Facebook, the company must obey the law of any country in which it operates. But it stands in stark contrast to the principles espoused by its founder."
Link to Original Source
Bug

Security-Focused BlackPhone Was Vulnerable To Simple Text Message Bug 46

Posted by Soulskill
from the nobody's-perfect dept.
mask.of.sanity sends this report from El Reg: The maker of BlackPhone – a mobile marketed as offering unusually high levels of security – has patched a critical vulnerability that allows hackers to run malicious code on the handsets. Attackers need little more than a phone number to send a message that can compromise the devices via the Silent Text application.

The impact of the flaw is troubling because BlackPhone attracts what hackers see as high-value victims: those willing to invest AU$765 (£415, $630) in a phone that claims to put security above form and features may well have valuable calls and texts to hide from eavesdroppers.

You might have mail.

Working...