The deadline for submitting papers to the premier security and privacy research conference is coming up soon: November 14. The IEEE Computer Society's Security and Privacy Symposium accepts the best research papers on all aspects of the field, and this year, again, will have consider "Systemization of Knowledge" papers. Get the latex macros running and put your best work up for review!
Also, watch our ieee-security.org website for announcements of the workshops that will accompany the Symposium.
This month Richard Austin has chosen a book about penetration testing, for his usual insightful review. When Cipher first covered this topic, many years ago, I was unfamiliar with the shortened term "pen testing", and I thought it was some kind of polygraph. I think this might be the first Cipher review of a book authored by a woman.
Our news articles are taken from mainstream media, and apparently the New York Times articles are no longer readable by non-subscribers. We'll try to avoid them, or provide alternative sources for each topic. This time we have notes about Home Depot and secrecy of mobile device data. The latter reminds me that with great secrecy comes great responsibility; I recently met someone who had made a major change in cellphones, and in wiping the data from his old phone, lost his Bitcoins. That's putting a real price on secrecy!
For a couple of months I've been wearing a smart watch, and it has proven itself as an enjoyable toy. It does some useful things, though I sometimes find myself disconcerted by the close association between my cell phone, my watch, and my car. They definitely know too much about me, and they whine pitiously when I deny them GPS information. If they offered me more eye candy I think I'd be less resistant, but I can see where this is headed. Brave new world that hath such wondrous pixels.My Android watch, by a virus may sicken, but it keeps on tickin'