Google NativeClient Security Contest

An anonymous reader writes "You may remember Google's NativeClient project, discussed here last December. Don't be fooled into calling this ActiveX 2.0 — rather than a model of trust and authentication, NaCl is designed to make dangerous code impossible by enforcing a set of a rules at load time that guarantee hostile code simply cannot execute (PDF). NaCl is still in heavy development, but the developers want to encourage low-level security experts to take a look at their design and code. To this end Google has opened the NativeClient Security Contest, and will award prizes topping out at $2^13 to top bug submitters. If you're familiar with low level security, memory segmentation, accurate disassembly of hostile code, code alignment, and related topics, do take a look. Mac, Linux, and Windows are all supported."

Re:gee - sounds exactly like...

[ozphx]

Is .NET open source?

Yes. Google for Rotor moar.

Has .NET been vetted by experts in the way open source projects like this will be?

Yes. By paid experts, a year of running as "Terrarium" and also being vetted by black-hats as its been a default-enabled part of IE for a few years now.

Is .NET likely to ever be cross platform?

Yes. Google for Mono. Most shit I've written works under Mono.

Is .NET for running x86 code?

Google for JIT.

In fact, just google moar.