Cipher Issue 106, January 25, 2011, Editor's Letter

This month marks the start of the terms of office for the new chairs of the Technical Committee on Security and Privacy. Sven Dietrich moves from Vice Chair to Chair, and Patrick McDaniel is the new Vice Chair. They will guide the sponsored conferences through the transitionary period of rapid growth that seems to be sweeping the security research community.

Richard Austin contributed two reviews of interesting books this month. One is a timely look at Web security (one suspects that the topic will remain timely for all forseeable time!), and the other is a sociological look at trust by the wide-thinking Bruce Schneier.

We note an item about an untimely security error that mimicked a security breach. Since the early 1990's, Internet security gurus have been working on strengthening the Domain Name System. In an amazing feat of persistence, they have begun to achieve results. However, when a government agency failed to update their security information properly, many security-aware users drew wrong conclusions about the source of the problem. It's an interesting lesson about "secure/not secure" judgments.

I have begun to notice a digital divide that separates the generations in a way that is related to security. Many baby boomers are more conservative about Internet use than their children or their elderly parents. Those who used the Internet gingerly or not at all when it was a novelty have retained a deep distrust of online transactions and fears of identity theft, whereas those who have been introduced to it recently believe that with a reasonable degree of caution they can enjoy the benefits of Facebook, Skype, and streaming entertainment. I commend to you the satirical and provocative video by The Onion about Facebook and the CIA (

Two trust policies diverged in the Web, and I -
I took the one less verified,
And that has made all the difference.
      (apologies to Robert Frost)

      Hilarie Orman