Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google NativeClient Security Contest

Posted by kdawson on from the insert-favorite-salt-pun-here dept.

An anonymous reader writes "You may remember Google's NativeClient project, discussed here last December. Don't be fooled into calling this ActiveX 2.0 — rather than a model of trust and authentication, NaCl is designed to make dangerous code impossible by enforcing a set of a rules at load time that guarantee hostile code simply cannot execute (PDF). NaCl is still in heavy development, but the developers want to encourage low-level security experts to take a look at their design and code. To this end Google has opened the NativeClient Security Contest, and will award prizes topping out at $2^13 to top bug submitters. If you're familiar with low level security, memory segmentation, accurate disassembly of hostile code, code alignment, and related topics, do take a look. Mac, Linux, and Windows are all supported."

2 of 175 comments (clear)

  1. The code logic is amazing by Anonymous Coward · · Score: -1, Offtopic

    At runtime, it queries the code asking "Are you hostile?" If the answer is yes, it stops it cold, and if the answer is no, it runs. Truly an amazing achievement by Google here.

  2. Re:Any project named NaCl by Anonymous Coward · · Score: -1, Offtopic

    if you want to make more money try out CodeGate http://beist.org/codegate2009.txt