Dear Readers,
We are pleased to have two book reviews this month, one from our current book review editor, Sven Dietrich, and another from the former long-time holder of that post, Richard Austin. Their reviewed books are about the timely topics of FPGA and microcontroller security, respectively.
We are already in the middle of the deadline schedule for papers for the 2025 S&P conference next May. In fact, May through June/July could be called the TCSP conference grand tour: HOST, S&P, Euro S&P, CSF. The second deadline for S&P papers is November 14. Meanwhile, the paper registration deadline for EuroS&P next year in Venice is imminent: October 14. If an author would like to have a full tour of the security research landscape, then the next event would be Computer Security Foundations in Santa Cruz, CA, next June (or perhaps July). Note that the paper submission deadline is October 1 for CSF.
There has been little news of cybersecurity in the mainstream media of late, and we suspect that the US election news has overshadowed such petty things as ransomware attacks. That is, until the news from Lebanon. The shocking explosions of electronic devices brings home the dangers of our electronic world and our dependence on personal appliances. Just as terrorism changed the air travel experience everywhere, this recent event may change the way we vet and accept all electronics that are close to us. Yet another Pandora's box, opened and unclosable.
Deep in (Kernel) MemoryHilarie Orman
Deep in the kernel, the memory internal,
Should hold its state, and never fumble,
Deep in the kernel, the errors infernal,
Corrupt the tables, pages go jumble.
Deep in the kernel, when locks are eternal,
Reboots make consistency tumble.
Deep in the kernel, if syscalls return null,
Refresh the RAM, don't wait to stumble.
Deep in the kernel, when look-ups become slow,
Keep tables shallow, shallow, shallow.
(With apologies to Tom Jones)