Cipher Issue 124, January 20, 2015, Editor's Letter

Dear Readers,

I recently bought a TV without realizing that it was "smart" --- meaning that it "connects to the Internet and sends personal data to companies." My watch, my car, my phone, and now, "et tu TV?"

If Stuxnet and the Sony hack have not convinced you that we need some great ideas to protect our privacy and security, the nothing will. Those great ideas will come from collaborations of many talented people, but by some measures, the diversity of pool of academic researchers in our field is decreasing. The GREPSEC workshop, in May, is a small step towards remedying that decrease, and perhaps it will turn out to attract some of the students who will eventually help pull us out of the spiral of connectedness and damage. Graduate students in minority demographic groups need to apply by February 28. See the events calendar in this issue for the pointers to more information for this and many other goings on.

The program for the Security and Privacy Symposium, the flagship conference of our sponsoring entity, the IEEE Computer Society's Technical Committee on Security and Privacy, will be announced in a few weeks from now. Dozens of papers covering cutting-edge research will comprise the program, and the conference will commence in mid-May. Watch the website via for information on the program and registration.

Our steady book reviewer, Richard Austin, likes a new book about using Python programs to root out (pun intended) network hackers.

If you have noticed a barrage of calls from people with heavy accents warning you about malware on your computer, you are not alone. If you have a bit of time to spare, advise them to change their passwords. reformat their hard drive, and reinstall the operating systems. You can brighten up the day of bored young foreigner.

Driving under the influence of outdated software and a self-signed certificate,

      Hilarie Orman