[Cryptography] Super-computer project wanted

Christian Gagneraud chgans at gna.org
Wed Jul 15 15:46:58 PDT 2015


On 15/07/15 11:42, Christian Gagneraud wrote:
> On 15/07/15 08:44, grarpamp wrote:
>>>>> dave at horsfall.org
>>>>> So, is there anything that could benefit from a few parallel
>> teraflops here and there?
>>
>> On Tue, Jul 14, 2015 at 12:27 PM, Ray Dillinger <bear at sonic.net> wrote:
>>> Or you could apply static code analysis software to huge
>>> masses of existing operating system, device driver, plugin,
>>> email-client or god-help-us browser code in wide use and
>>> see if you can't spot instances of dangerous vulnerabilities
>>> like buffer overflows.  A list of known errors would be
>>> very helpful in getting code up to 'bulletproof' reliability
>>> and no one runs ALL the possible static analysis we know
>>> about on large bodies of code because it takes too long on
>>> regular computers.
>>
>> This, and fuzzing... of all the opensource OS's and all the
>> ported packages they supply. And dump all of github in it
>> for fun.
>
> FYI, the AFL fuzzer already have an impressing trophy case:
> See "The bug-o-rama trophy case" at http://lcamtuf.coredump.cx/afl/

And here is a blog post about the future of the Linux Trinity fuzzer, 
used by Hacking Team to fuzz Android IOCTL.

"I’m done enabling assholes."

http://codemonkey.org.uk/2015/07/12/future-trinity/


Chris

>
>> It takes too long, too much developer time, a different
>> skillset, opensource test suites may not yet cover some
>> areas that commercial ones do, etc.
>>
>> Ripe for development of an open perpetual audit project.
>>
>> That, and printing your own open and trusted chips, in your own
>> open and trusted fab, are possible now. It's big picture, grand slam,
>> full circle headiness, but it is doable. People just have to get
>> together and kick it off.
>>
>




More information about the cypherpunks mailing list