Cipher Issue 121, July 22, 2014, Editor's Letter

Dear Readers,

Retail data breaches and certificate authority compromises were the excitement of winter, but the summer doldrums bring privacy concerns. Internet search engine companies are trying to navigate the new thicket of privacy rights guaranteed to EU members, but a tangle of jurisdictional regulations make this a daunting task. In the research world, a paper about how users of the anonymous network Tor can be identified was withdrawn from the Black Hat conference by the authors, perhaps because their research constitutes privacy violations. Is the notion of privacy itself an artifact of faulty technology --- the poor memory of human beings and the inconvenience of paper? Should we all move to the cloud and share ourselves in toto?

I don't know the answers to these questions, all I know is that I bought a new car and it immediately asked for access to my contact lists and text messages. Such a busy body.

Richard Austin, our constant reader and faithful reviewer, comments on a new book about threat modeling and how to think about security design. Read this book and trudge onward and upward with the everlasting battle to get ourselves secure

Don't hide your Wifi under a bushel, hide it under a password,

      Hilarie Orman