Cipher Issue 115, July 17, 2013, Editor's Letter

Dear Readers,

The news: Snowden, NSA. The end of privacy. The question is, did we ever have privacy? We have known for a long time that the technology for surveillance was ready, that the capability existed, and post 9/11 the US government told us that it would use all means possible to thwart enemies. We have secret courts. Against that backdrop, how could we expect anything other than what Snowden has revealed? The debate about this will continue for a long time, but this genie is not going back in the bottle anytime soon.

We also note that surveillance is a double-edged sword, and Susan Landau's book, Surveillance or Security? points out many of them. The risk of network technicians blowing the whole operation wide open seems to be the one the public has seen in recent cases, but one wonders about undetected misuses.

Switching to more local news, we note that the Computer Society is moving towards publication policies that are in keeping with open access concepts, and we expect to see the proceedings of the 2012 Security and Privacy Symposium online at the Society's Digital Library by summer's end. Less pleasant are new IEEE policies" affecting events that seek "in cooperation with" or "technical co-sponsorship" status. This is now a more complicated application procedure, and events that do not choose to publish their proceedings through IEEE must now pay a $500 fee.

This month we have a book review about Linux malware and incident response. The Unix/Linux lineage is a long and distinguished one, but it has not been used as widely as Microsoft's Windows or Apple's MACOS. Apparently Linux is now going mainstream, and it is time to learn about the log files other artifacts that help track the path of malware.

What if they had arrested Paul Revere and his horse for revealing state secrets?

      Hilarie Orman