BlackBerry Forums Support Community
              

Closed Thread
 
Thread Tools
Old 07-30-2013, 01:19 PM   #1
ZombieBerry
BlackBerry Extraordinaire
 
ZombieBerry's Avatar
 
Join Date: Sep 2010
Location: Toronto
Model: Priv
OS: 5.1.1
PIN: 2AB9C463
Carrier: WIND
Posts: 2,364
Default BlackBerry and Mozilla [Open Sourced Fuzzing]

Please Login to Remove!

'Peach' from BlackBerry, Mozilla fights bugs | Security & Privacy - CNET News

Nobody likes bugs in their peaches, but in computer security terms, the goal of the new "Peach" tool from BlackBerry and Mozilla is to fight back against the critters.
Peach is an open-source "fuzzing" tool, which automates tests designed to expose hidden security holes, so they can be fixed before people have been put at risk.
The tool represents a major effort by technology companies to get better security tools into the hands of developers.
"At a high level, what we're trying to do is test bad input into our browser that could cause something to go wrong," said Michael Coates, Mozilla's director of security assurance. "We want to keep users safer before things go wrong."

In a blog post announcing the tool, Mozilla says it has used Peach to successfully detect problems in the rapidly developing HTML5 technologies, including WebGL, WebRTC, image formats, audio and video formats, and fonts, in Firefox and Firefox OS.
For its part, BlackBerry relies on a mix of its own proprietary fuzzing tools and third-party ones to test how secure its products are. "[Peach] spans across multiple technologies," said Adrian Stone, who leads Research in Motion's security response team. "We employ fuzzing technology on a pretty wide scale at BlackBerry... not just for our mobile phones, but also the blackberry enterprise server."
The collaboration could indicate part of a change in computer security culture, as large companies invest more effort in sharing security research. But it also speaks to addressing the legitimate concerns of security experts that the Web-as-platform presents potential serious security risks.
Meanwhile, Mozilla has released a second open-source security tool for developers and security experts, called Minion. Its goal is to narrow down the volumes of data that security logs generate to a smaller, more accurate list. Think of it as showing you one of the five cable channels you always watch, instead of turning on the TV to one of 500 channels at random.
"Security tools now require a security professional to use them, and that's not a tenable future for the Web," said Coates. Minion, he said, is "trying to give users the right information."
He emphasized that Mozilla's goal is to put "usable security into the users hands." Laudable, to be sure, and necessary. So far, though, security has proven an elusive aim on the Web

Source: cnet.com

Download Links: Peach and HotFuzz
__________________
fere libenter homines id quod volunt credunt
Offline  
Old 07-30-2013, 03:22 PM   #2
fourstringfuror
BlackBerry Extraordinaire
 
fourstringfuror's Avatar
 
Join Date: Aug 2006
Location: Seattle
Model: Q10
OS: 10.3.1
Carrier: VZW
Posts: 1,058
Default Re: BlackBerry and Mozilla [Open Sourced Fuzzing]

So did Peach come before Fuzz, or vice versa?
__________________
"The price of liberty is eternal vigilance." -Thomas Jefferson
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

Similar Threads for: BlackBerry and Mozilla [Open Sourced Fuzzing]
Thread Thread Starter Forum Replies Last Post
Sent items synchronization issue between blackberry & mozilla thunderbird 2.0 venkb BES Admin Corner 3 12-20-2009 11:21 PM
Mozilla + Blackberry Desktop Manager cronos916 General Legacy Device Discussion 1 11-07-2006 10:04 PM


A50P800-4 FERRAZ SHAWMUT 500V 800AMP SEMICONDUCTOR FUSE NEW picture

A50P800-4 FERRAZ SHAWMUT 500V 800AMP SEMICONDUCTOR FUSE NEW

$312.00



FWP-250A BUSSMANN Semiconductor Fuse 200A 700V NEW picture

FWP-250A BUSSMANN Semiconductor Fuse 200A 700V NEW

$199.00



Peak, Atlas DCA55 Semiconductor Tester,  picture

Peak, Atlas DCA55 Semiconductor Tester,

$97.99



10x On Semiconductor BS170-D26Z MOSFET Transistor N Channel 500 mA, 60V, 1.2 ohm picture

10x On Semiconductor BS170-D26Z MOSFET Transistor N Channel 500 mA, 60V, 1.2 ohm

$8.75



Silicon Wafer Integrated Circuit CPU Chip Technology Semiconductor Lithography13 picture

Silicon Wafer Integrated Circuit CPU Chip Technology Semiconductor Lithography13

$58.99



Dual Range Transistor Diode Semiconductor & Passive Curve Tracer Tester/Tracker picture

Dual Range Transistor Diode Semiconductor & Passive Curve Tracer Tester/Tracker

$28.49







Copyright © 2004-2016 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.