Cipher Issue 142, January 30, 2018, Editor's Letter

Dear Readers,

To start off the new year, Sven Dietrich has graced us with a review of a book that takes an attacker's view of network protocols. Despite the plethora of advice about designing security from the beginning, all software has bugs, and none moreso than communication protocols.

Our news items for this issue have examples of the endless battles to make computing secure. For example, the world of operating system security was shaken by the discovery of side channel attacks on Intel and AMD processors that reveals supposedly protected information on shared servers and even web browsers. Spectre and Meltdown are interesting exploits, but it seems that the remedies slow down most operating systems, so we can expect some forthcoming design proposals for hardware that diminishes side channels without sacrificing speed.

As usual, the upcoming months are jam-packed with conferences for researchers to share their findings. Attend and listen or read the proceedings at your leisure, the security world is always changing. Be aware, be vigilant, and may your data be safe.

   Be careful taking risks with stocks,
   Through a financial institution.
   Lest you succumb,
   Defenses stunned,
   To speculative execution.

      Hilarie Orman