The theme of this Cipher issue is the security of software - writing it securely, fighting the bad code. That seems to be the main concern today, though spam email is probably the computer topic that causes the most world-wide wrath. Robert Bruen has three book reviews on these topics, and he also invites new reviewers to contribute.

This past week I attended the IETF meetings in Minneapolis, where participants noted a significant milestone: the IP Security working group held its last meeting. This effort to standardize the means of securing IP packets, the lingua franca of the Internet, has been running for about a decade. Its conclusion does not mark a highpoint in Internet security, but it does show that in some cases, given enough engineers, security *can* be retrofitted.

I also attended a meeting of DARPA's new IPTO organization and heard about its focus on cognitive systems, including a new program aimed at robust systems founded on cognitive immunity. The artificial intelligence community seemed much amused by the analogy to the movie "Groundhog Day", and several speakers referred to this phenomenon of having to go back and repeat their examination of old concepts, trying to make them work in a world with greater computing power and a finer sense of what problems are much harder than they seemed 30 years ago. I kept thinking that to work in the computer security arena is to accept Groundhog Day as a permanent state of mind.

As always, I am grateful to our Cipher contributers, but would like to be grateful to more of you. If you attend a conference, a workshop, or other security related meeting, think of writing up a review for Cipher. If something in a publication seems noteworthy, send it in and I'll see that others get to enjoy it, too.

Hilarie Orman
Cipher Editor
cipher-editor @ ieee-security.org