Notably missing are: * The kernel they ran the final event on * The code they used to measure scores
This prevents a lot of analysis. On Tue, Apr 11, 2017 at 2:33 AM, Chris Eagle <[email protected]> wrote: > I don't speak for DARPA. > > FWIW, various CGC final event data is available here: > > http://repo.cybergrandchallenge.com/cfe/ > > In particular, the score_data.json files contained in the round specific > tar files in cfe-submissions.tgz allow you to see which teams fielded > successful PoVs in each round. > > Video of the dev team's CGC related Shmoocon panel is here: > http://bit.ly/2p1LGcb > > Some summary stats: > > There were 82 challenge sets fielded during CFE. > Vulnerabilities were proven in 20 of them. > Unintended vulnerabilities were found in at least 5 of those 20. > The majority of flaws found were stack overflows. > In my opinion, there was only one legitimate, successful heap corruption > PoV. Keep in mind that all of the challenges used custom heap > implementations that the competitors had not seen before the final event. > > A browsable archive of CGC data will be available soon. > > Many papers are in various stages of publication by competitor teams and > DARPA's CGC team. These should shed a lot of light on what took place > during the final event. > > Regards, > > Chris > > On 4/3/2017 9:56 PM, Dan Guido wrote: > > Hey DailyDave, > > > > I wanted to share a keynote I delivered recently on the Cyber Grand > > Challenge and the broader advancements made in the field of automated > > bug finding as of late. Dave was asking on Twitter if anyone had > > released a detailed teardown of the CGC final event and I think my > > presentation is the closest thing to it. It's pretty light, and might > > be fun to watch on your way to Infiltrate. > > > > https://blog.trailofbits.com/2017/02/16/the-smart-fuzzer-revolution/ > > > > Of course, DARPA has not released the raw data from the final event > > yet so it's impossible to produce the analysis that I know Dave is > > looking for. Maybe soon? > > > > Have fun at Infiltrate everyone. I'll see you there! > > > > -Dan > > > > Our original conversation on Twitter: > > https://twitter.com/dguido/status/841705081988870145 > > _______________________________________________ > > Dailydave mailing list > > [email protected] > > https://lists.immunityinc.com/mailman/listinfo/dailydave > > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave >
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
