Become a fan of Slashdot on Facebook


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Pursuit of Slenderness May Mean No More Headphone Jack In iPhone 7 (

An intriguing rumor reported by PC Mag (and initially reported in this Japanese blog) holds that Apple may drop from its iPhone 7 the standard mini-jack plug on the phone, in favor of Bluetooth and Lightning connectors. From PC Mag's article: The big question is just how such a move might affect all the other headphones one can buy, as well as the other devices Apple makes. While we can envision some manufacturers making iPhone-exclusive variants of their headphones, we doubt that Apple's potential decision to chop out the headphone jack is going to suddenly make for a market full of Lightning-only headphones and earbuds. There are, after all, plenty of non-iPhone devices that still use the 3.5mm connection. And, of course, you could just pair any ol' pair of Bluetooth headphones or earbuds with the iPhone 7.

2 Planets Can Share the Same Orbit, In 3 Different Ways 23

StartsWithABang writes: One of the most important characteristics of a planet, at least according to the IAU definition, is that it clear its orbit of all other bodies. But if we allowed for a special caveat — the possibility of two similarly-sized objects sharing the same orbit — could we have a stable configuration where that occurred? Surprisingly, not only is the answer yes, but there are three ways to do it: to have one at the L4/L5 Lagrange point of the other, to have a close-orbiting binary planet, or to have orbit-swapping worlds, where they periodically change spots with one another. Unbelievably, our Solar System has a history of all three!

Comment Re:Yeah, but that just means... (Score 1) 124

Just basic literacy will help a lot. Most conflicts in the world involve illiterate soldiers on one or both sides. Modern war is very expensive, and very destructive. War almost never makes economic sense. Most countries have market economies, so if your neighbor has resources that you want, you don't need to take it by force, you can just buy it.

Bad for you, worse for the other guy. Don't underestimate how much the stronger player can abuse their position until they go one step too far.

Comment Re:Not replaced: serial and parallel ports. (Score 1) 172

That's because most (but not all) USB serial devices use +5/0v rather than +/-12V. Most but unfortunately not all of them are tolerant of +-12V. By the same token, some 12V serial devices will communicate with a TTL serial port and some won't.

Going by spec, it's the TTL level port's fault if they don't communicate, but it's so common these days we might as well consider TTL the standard and 12V operation is a bonus.

The TTL level ports started showing up well before USB was a thing.

Just to make it worse, there are now 3.3V "serial" ports in the wild and some of them do not tolerate TTL levels! That's not good, but at least they are implemented only as header pins on the board and not a 9 pin D.

Feed Google News Sci Tech: Formula E announces driverless car support series - ESPN (


Formula E announces driverless car support series
Inaugural Formula E champion Nelson Piquet has said that Formula One can learn from the approach that Formula E is taking into the sport of motor racing. The Pits. 36 Shares. Email print. comment. Formula E has announced a support series called...
Formula E is planning the first racing series for driverless carsEngadget
Electric series plans driverless championshipReuters
Formula E announces 300kph 'RoboRace'

all 140 news articles

Comment Re:Just don't IoT (Score 4, Insightful) 41


1: Ransomware is on the rise, with new vectors.
2: There is zero incentive (financial or otherwise) for IoT vendors to do anything but lip service to security. As a PHB told me a few years ago, "show me where purchasing a padlock, a card access reader, or a secure appliance has ever shown a financial gain for any company other than to Assa-Abloy or a lock maker." Of course, this is fallacious reasoning, but it is pretty common.
3: Testing is abbreviated at best. The goal is to get the IoT devices to market fast... worry about glitches, bugs, and security items later, or maybe fix them in the 2.0 version.
4: There are no IoT security standards, or architectures [1].
5: There is no assurance about security, other than maybe a pretty lock icon, or "protected by 256 bit AES"... generic drivel. When I buy a padlock, I can buy one with "Sold Secure", "Insurance lock rated", or other ratings that the lock passed some heavy testing. When I have an electrical appliance, it is UL listed. There is no body that can show security compliance for an IoT device. So, I have nothing but the word of an advertiser.

All and all, IoT devices are a win/win for tracking companies and blackhats... but for the people shelling out cash for the devices? Not much. I don't have any BlueTooth light bulbs, nor deadbolts accessible from the Internet. And I plan to keep it that way. In fact, if I were to pay for an expensive fridge, it would be a fridge that used propane or natural gas, so a power outage would only turn off the light inside, not affect cooling.

[1]: An example of a reasonably secure architecture would be devices that communicated via BlueTooth or Wi-Fi to a hardened hub appliance, which then communicated to the Internet. This way, there would be no direct access from the outside to IoT devices, and the hub appliance could be configured with IDS/IPS rules to block out a compromised appliance.


Pwned Barbies Spying On Children? Toytalk CEO Downplays Hacking Reports ( 41

McGruber writes: Earlier this year Mattel unveiled "Hello Barbie," a $74.99 wi-fi equipped interactive doll. Users press a button on Barbie's belt to start a conversation and the recorded audio is processed over the internet so that the doll can respond appropriately. The doll also remembers the user's likes and dislikes.

Now Security Researcher Matt Jakubowski claims that he has managed to hack the Hello Barbie system to extract wi-fi network names, account IDs and MP3 files, which could be used to track down someone's home. "You can take that information and find out a person's house or business. It's just a matter of time until we are able to replace their servers with ours and have her say anything we want," Jakubowski warned. Mattel partnered with ToyTalk to develop "Hello Barbie." ToyTalk CEO Oren Jacob said: "An enthusiastic researcher has reported finding some device data and called that a hack. While the path that the researcher used to find that data is not obvious and not user-friendly, it is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge." A petition by the Campaign for a Commercial-Free Childhood asking Mattel to drop the doll has already been signed by over 6,000 people.

NOTE: The original reporting of this hack appears to have been this NBC-Chicago newscast.

Submission + - Book review: Security Operations Center

benrothke writes: ol{margin:0;padding:0}.c1{orphans:2;widows:2;text-align:justify;direction:ltr}.c6{orphans:2;widows:2;direction:ltr;height:11pt}.c5{background-color:#ffffff;max-width:468pt;padding:72pt 72pt 72pt 72pt}.c4{color:#1155cc;text-decoration:underline}.c0{color:inherit;text-decoration:inherit}.c2{font-size:12pt;font-style:italic}.c3{font-size:12pt}.title{padding-top:0pt;color:#000000;font-size:26pt;padding-bottom:3pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}.subtitle{padding-top:0pt;color:#666666;font-size:15pt;padding-bottom:16pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}li{color:#000000;font-size:11pt;font-family:"Arial"}p{margin:0;color:#000000;font-size:11pt;font-family:"Arial"}h1{padding-top:20pt;color:#000000;font-size:20pt;padding-bottom:6pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h2{padding-top:18pt;color:#000000;font-size:16pt;padding-bottom:6pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h3{padding-top:16pt;color:#434343;font-size:14pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h4{padding-top:14pt;color:#666666;font-size:12pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h5{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;orphans:2;widows:2;text-align:left}h6{padding-top:12pt;color:#666666;font-size:11pt;padding-bottom:4pt;font-family:"Arial";line-height:1.15;page-break-after:avoid;font-style:italic;orphans:2;widows:2;text-align:left}

Title:Security Operations Center: Building, Operating, and Maintaining your SOC

Author: Joseph Muniz, Gary McIntyre, Nadhem AlFardan

Pages: 448

Publisher: Cisco Press

Rating: 10/10

Reviewer: Ben Rothke

ISBN: 978-0134052014

Summary: Indispensable guide for those designing and deploying a SOC

Large enterprises have numerous information security challenges. Aside from the external threats; there's the onslaught of security data from disparate systems, platforms and applications. Getting a handle on the security output from numerous point solutions (anti-virus, routers/switches, firewalls, IDS/IPS, ERP, access control, identity management, single sign on and others), often generating tens of millions of messages and alerts daily is not a trivial endeavor. As attacks becoming more frequent and sophisticated and with regulatory compliance issues placing an increasing burden, there needs to be a better way to manage all of this.

Getting the raw hardware, software and people to create a SOC is not that difficult. The challenge, and it's a big challenge, is integrating those 3 components to ensure that a formal SOC can operate effectively. In Security Operations Center: Building, Operating, and Maintaining your SOC, authors Joseph Muniz, Gary McIntyre and Nadhem AlFardan have written an indispensable reference on the topic. The authors have significant SOC development experience, and provide the reader with a detailed plan on all the steps involved in creating a SOC.

As Mike Rothman notedabout managed services providers, and something that is relevant to a SOC, you should have no illusions about the amount of effort required to get a SOC up and running, or what it takes to keep one current and useful. Many organizations have neither the time nor the resources to implement a SOC, but do, and are then trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats that the SOC had the potentialto provide them with, had they done it right. Those considering deploying a SOC and not wanting to be in the hamster wheel of pain will need this book.

The authors have done a great job in covering every phase and many details required to build out a SOC. After going through the book, some readers will likely reconsider deploying an internal SOC given the difficulties and challenges involved. This is especially true since SOC design and deployment is something not many people have experience with.

The book is written for an organization that is serious about building an enterprise SOC. The authors spend much of the book focusing on the myriad requirements for creation of a SOC. They constantly reiterate about details that need to be determined before moving forward.

Chapter 4 on SOC strategy is important as the way in which a firm determines their strategy will affect every aspect of the outcome. The authors wisely note that an inadequate or inaccurate SOC strategy, and the ensuing capabilities assessment exercises would produce a SOC strategy that does not properly address the actual requirements of the organization.

Ultimately, failing to adequately plan and design is a guarantee for SOC failure. That in turn will affect and impact deployment timelines, budgets and cause frustration, dissatisfaction and friction between the different teams involved in the SOC program.

The author's expertise is evident in every chapter, and their real-world expertise quite obvious in chapter 5 on facilities, which is an area often neglected in SOC design. The significant issue is that if the facility in which the SOC team operates out of does meet certain baseline requirements, the SOC effectiveness will be significantly and often detrimentally impacted. The chapter details many overlooked topics such as: acoustics, lighting, ergonomics, and more.

Staffing a SOC is another challenge, and the book dedicates chapter 8 to that. The SOC is only as good as the people inside it, and the SOC staff requires a blend of skills. If the organization wants their SOC to operate 24x7, it will obviously require a lot more manpower of these hard to find SOC analysts.

Another helpful aspect is found in chapter 10 which has a number of checklists you can use to verify that all the required pieces are in place prior to a go live data, or be able to identify area that many not be completed as expected.

With Muniz and AlFardan being Cisco employees and this being a Cisco Press title, the book has a strong emphasis towards Cisco hardware and software. Nonetheless, the book is still quite useful even for those who won't be using Cisco products.

Building a SOC is an arduous process which takes a huge amount of planning and of work. This work must be executed by people from different teams and departments, all working together. Based on these challenges, far too many SOC deployments fail. But for anyone who is serious about building out a SOC, this book should be a part of that effort.

The reason far too many, perhaps most SOC deployments fail is that firms makes the mistake of obsessing on the hardware and software, without adequately considering the security operations functions. The authors make it eminently clear that such an approach won't work, and provide you with the expert guidance to obviate that.

For anyone considering building a SOC, or wants to understand all of the details involved in building one, Security Operations Center: Building, Operating, and Maintaining your SOC, is an absolute must read.

Reviewed by Ben Rothke

Comment Re:Not replaced: serial and parallel ports. (Score 1) 172

It may be excessive in some sense, but USB serial has absolutely replaced serial ports on desktop and laptop machines. I can get all the serial ports I want by plugging in inexpensive USB serial devices. The microcontroller in the device may be excessive, but no more so than the glue logic for a PCI device would be just to transmit at 115,200 bpx MAX.

I agree completely on the parallel port. The only remaining use I have for a parallel port is as poor man's GPIO lines. Unfortunately, for reasons that elude me, the standard for USB parallel ports doesn't accommodate that at all.

Comment The China Syndrome movie didn't kill nukes. (Score 1) 268

And it sure has hell wasn't Greenpeace or the Clamshell Alliance.

It was the 1980s oil glut that did the deed. That was especially devastating following on the heels of the 1970s oil crisis, because so many companies who entered the alternative energy business in the late 70s only to have the floor cut out from under them in 1980. I had a good friend who quit his job at a software company in 1980 to go to work for a company developing a seasonal thermal energy storage scheme. He was an accountant and according to him the numbers were solid as long as oil prices were north of $100/bbl. That was in May of 1980 when oil was trading at $114/bbl. 13 months later the price of oil had fallen to $60/bbl. For the next five years the Saudis tried to prop up falling oil prices by cutting back production, but in '85 they gave up, opened the spigots, and oil prices dropped to $23/bbl.

The economic reaction was entirely what you'd predict with oil prices at a 40 year low. The development of new energy technologies stalled. Cars got bigger again and SUVs of unprecedented size and low fuel economy became wildly popular. And new nuclear plant starts dried up. Oh, the industry pointed the finger at the big, bad environmental movement, which is laughable because so far as I know they only nuclear power plant ever canceled due to protests was the monumentally stupidly sited Bodega Bay in 1964. Imagine for a moment the Clams and all those guys didn't exist; it wouldn't have mattered in the least. Nobody is going to invest in new nuclear power plants when oil is priced at $18/bbl. But it sounds better to say that the Greens have put you out of business than to say the prices you used in your revenue projections were off by an order of magnitude.

Feed Google News Sci Tech: Apple's next iPhone reportedly ditches the headphone jack - Engadget (


Apple's next iPhone reportedly ditches the headphone jack
Apple's quest for ever-thinner, ever-smarter devices may produce another casualty: your iPhone's headphone jack. A rumor at MacOtakara claims that the next iPhone might drop the 3.5mm port and use the Lightning port for audio instead. The move would ...
Rumor: Apple to Kill Headphone Jack in iPhone 7PC Magazine
Apple To Abandon Headphone Jack? New Leak Reveals Massive GambleForbes
To make a thinner 'iPhone 7,' Apple could remove the headphone jackAppAdvice
Apple Insider-Tech Insider (blog)-Patently Apple
all 75 news articles


Swarm Robotics Breakthrough Brings Pheromone Communication To AI ( 22

An anonymous reader writes: Computer scientists at the University of Lincoln have invented a reliable, low-cost system which replicates in robots the pheromone-based communication behind insect swarms. Using off-the-shelf equipment including an LCD screen and a USB camera, the team has proposed what they call COS-phi, or Communication System via Pheromone. The artificial pheromone trails are traced visually onto the screen. As soon as a bot picks up on the path, it is forced to follow the leader.

Machines take me by surprise with great frequency. - Alan Turing