Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google NativeClient Security Contest

Posted by kdawson on from the insert-favorite-salt-pun-here dept.

An anonymous reader writes "You may remember Google's NativeClient project, discussed here last December. Don't be fooled into calling this ActiveX 2.0 — rather than a model of trust and authentication, NaCl is designed to make dangerous code impossible by enforcing a set of a rules at load time that guarantee hostile code simply cannot execute (PDF). NaCl is still in heavy development, but the developers want to encourage low-level security experts to take a look at their design and code. To this end Google has opened the NativeClient Security Contest, and will award prizes topping out at $2^13 to top bug submitters. If you're familiar with low level security, memory segmentation, accurate disassembly of hostile code, code alignment, and related topics, do take a look. Mac, Linux, and Windows are all supported."

12 of 175 comments (clear)

  1. Any project named NaCl by iamacat · · Score: 5, Funny

    Simply has to be taken with a grain of salt!

    1. Re:Any project named NaCl by palegray.net · · Score: 4, Funny

      Just wait till the KDE project gets their hands on this concept; we'll be seeing a new SourceForge project for KCl any day now.

      --
      512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
    2. Re:Any project named NaCl by c0d3g33k · · Score: 4, Funny

      Good one. It made me CaCl.

    3. Re:Any project named NaCl by gringer · · Score: 4, Funny

      Q: Why did the bridge end up in police custody?
      A: It was charged with a salt

      Q: Why did the wire end up in jail?
      A: It was connected with a battery

      Q: How do you know the potassium did something wrong?
      A: They were inside a cell

      --
      Ask me about repetitive DNA
    4. Re:Any project named NaCl by The+Raven · · Score: 3, Funny

      A name like that would poison support for their project.

      --
      "I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
    5. Re:Any project named NaCl by MarkRose · · Score: 4, Funny

      PbF!! Yeah right it did.

      Will Slashdot receive the Nobel Prize in Chemistry for discovering the onomatopoeic bond?

      --
      Be relentless!
  2. Re:This is like the opening of a monster movie by cjfs · · Score: 4, Funny

    where the scientist is saying he's covered all the bases, and nothing can go wrong.

    If this is a monster movie, I'd hate to think what ActiveX was.

  3. Oops... by TheUni · · Score: 5, Funny

    ...guarantee hostile code simply cannot execute (PDF)

    Hah! Was that a jab at Adobe?

  4. Re:2^13? by cjfs · · Score: 4, Funny

    Admittedly, it's after past 1AM, so maybe my maths stopped working by now, but isn't 2^13 about 8000 dollars for the grand prize?

    I contacted Google and their reply confirms your approximate amount.

  5. It made me cackle too by tepples · · Score: 3, Funny

    It made me CaCl2.

    (Calcium takes two anions.)

    1. Re:It made me cackle too by SnowZero · · Score: 3, Funny

      It's easy to get a reaction from a chemical nazi.

  6. Re:2^13? by grcumb · · Score: 3, Funny

    ...you can can overflow...

    Looks like you already did.

    /me ducks and runs

    --
    Crumb's Corollary: Never bring a knife to a bun fight.