Month of Bugs
   HOME

TheInfoList



Click Here for Items Related To - Month of Bugs
OR:
Month of Bugs on:   [Wikipedia]   [Google]   [Amazon]

A month of bugs is a strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations. Researchers have started such a project for software products where they believe corporations have shown themselves to be unresponsive and uncooperative to security alerts.
Responsible disclosure In computer security, coordinated vulnerability disclosure, or "CVD" (formerly known as responsible disclosure) is a vulnerability disclosure model in which a vulnerability or an issue is disclosed to the public only after the responsible partie ...
is not working properly, and then find and disclose one
security vulnerability Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by ...
each day for one month.


Examples

The original "Month of Bugs" was the ''Month of Browser Bugs'' (MoBB) run by security researcher HD Moore. Subsequent similar projects include: * The ''Month of Kernel Bugs'' (MoKB) which published
kernel Kernel may refer to: Computing * Kernel (operating system), the central component of most operating systems * Kernel (image processing), a matrix used for image convolution * Compute kernel, in GPGPU programming * Kernel method, in machine learn ...
bugs for
Mac OS X macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and la ...
,
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, w ...
, FreeBSD, Solaris and
Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ser ...
, as well as four
wireless Wireless communication (or just wireless, when the context allows) is the transfer of information between two or more points without the use of an electrical conductor, optical fiber or other continuous guided medium for the transfer. The most ...
driver bugs. * The ''Month of Apple Bugs'' (MoAB) conducted by researchers Kevin Finisterre and LMH which published bugs related to Mac OS X. * The ''Month of PHP Bugs'' sponsored by the Hardened PHP team which published 44 PHP bugs.


See also

*
Fuzz testing Fuzz may refer to: * Fuzz (film), ''Fuzz'' (film), a 1972 American comedy * ''Fuzz: When Nature Breaks the Law'', a nonfiction book by Mary Roach * The fuzz, a List of slang terms for police officers, slang term for police officers Music * Fuzz ...
*
Metasploit Project The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7. I ...
* Vulnerability disclosure


References


Further reading

* {{refend


External links


Month of Kernel Bugs (MoKB) archive

Kernel Fun
''Month of the Kernel Bugs'' blog
Month of Apple Bugs (MoAB) archive

Apple Fun
''Month of the Apple Buggs'' blog
Info-pull.com blog
A complementary blog from the hosts of ''MoKB'' and ''MoAB''
The Month of PHP Security
Security compliance Software testing