One Week Warning!
222 views
Skip to first unread message
Brad Chen
Apr 28, 2009, 4:47:07 PM4/28/09
to native-clie...@googlegroups.com
Attention Teams: Only one week left in the Native Client Security Contest. Send us your issues --- No time to loose!
Please remember that you must submit a final summary to guide the jury in evaluating your submitted issues. The summary is your chance to directly inform the jury as to the impact and technical merit of your team's work. For more details on the Summary please see section "X. Summary" of the contest Terms and Conditions.
The Native Client Engineering Team
Please remember that you must submit a final summary to guide the jury in evaluating your submitted issues. The summary is your chance to directly inform the jury as to the impact and technical merit of your team's work. For more details on the Summary please see section "X. Summary" of the contest Terms and Conditions.
The Native Client Engineering Team
---------- Forwarded message ----------
From: Brad Chen <brad...@google.com>
Date: Tue, Apr 21, 2009 at 11:20 AM
Subject: Security Contest - Only Two Weeks Left!
To: native-clie...@googlegroups.com
There are only two weeks left in the Native Client Security Contest and there's never been a better time to report bugs! So far we've seen twenty-four submitted issues from seven teams, so it's definitely not too late to be competitive. We've seen some great buffer overflows, information leaks and even a couple holes in the inner sandbox, but there probably are still exploitable bugs in the system. Here are some kinds of bugs we haven't seen:
Happy Hunting!
The Native Client Engineering Team
From: Brad Chen <brad...@google.com>
Date: Tue, Apr 21, 2009 at 11:20 AM
Subject: Security Contest - Only Two Weeks Left!
To: native-clie...@googlegroups.com
There are only two weeks left in the Native Client Security Contest and there's never been a better time to report bugs! So far we've seen twenty-four submitted issues from seven teams, so it's definitely not too late to be competitive. We've seen some great buffer overflows, information leaks and even a couple holes in the inner sandbox, but there probably are still exploitable bugs in the system. Here are some kinds of bugs we haven't seen:
- exploitable races in the service runtime
- attacks based on invalid IMC messages
- exploitable CPU errata
- scripting attacks that Native Client makes easier
Happy Hunting!
The Native Client Engineering Team
Reply all
Reply to author
Forward
0 new messages