from lwn.net..in a discussion of "fuzzing" = = = ..Dan Kaminsky briefly talked about data format fuzzing in his "Black Ops 2006" presentation. He presented some ideas from his research into automated recognition of formats for the purposes of fuzzing them. Just feeding a random stream of bytes into a program meant to read a specific format is less likely to cause it to fail. With some rudimentary understanding of the format and fuzzing within that framework, much more interesting program failures can be provoked. Dan's slides are available here, unfortunately in PowerPoint format, but readable by OpenOffice.org. = = =
The _here_ was a link to http://www.doxpara.com/slides/dmk_blackops2006.ppt The presentation content is remarkably rich in content (I just wish I understood it <grin>) <subject of this email refers to:> I did think his example of a names-based, human-recognizable text alternative to hex-code sha1 fingerprints was especially interesting .. check out slides #28-29. Regards, ..jim -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
