back to article Linus Torvalds lauds fuzzing for improving Linux security

Linus Torvalds release notification for Linux 4.14's fifth release candidate contains an interesting aside: the Linux Lord says fuzzing is making a big difference to the open source operating system. Torvalds' announcement says Linux kernel 4.14 is coming along nicely, with this week's release candidate pleasingly small and “ …

  1. Anonymous Coward
    Anonymous Coward

    Nice.

    I can remember being a teen/school kid and wondering why they did not test those bugged games this way before poor teen/school kid me had to buy them to find it bugged and broken. ;)

    But of cause, the search space can be massive, so not always successful. Though it should find simple bugs that are often overlooked, such as illegal characters in the text fields (or in this case API calls?).

    Any extra tools for getting jobs done are nice.

    1. Teiwaz

      Re: Nice. bugged games nostalgia?

      But of cause, the search space can be massive, so not always successful. Though it should find simple bugs that are often overlooked

      I remember Match Day (on the Comodore 64) - used to see the top half of the goalie halfway down the pitch rather often - hard to overlook that bug.

  2. This post has been deleted by its author

  3. Lars Silver badge
    Happy

    "A new word for what in the 1960s we called "testing"."

    Rather a new tool called fuzzing to use in something still called testing, according to the Wiki anyway.

    "Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program.".

    1. Tom 7

      Is fuzzing really new?

      We used to use the librarian and scripts to attack anything in libraries with bucket load of made up data to see what things fell over.

      Alas GUIs caused problems for a few years until things stabilised enough to attack them sensibly.

    2. Anonymous Coward
      Joke

      So the only really new thing is...

      the marketing/name?

      Like "cloud" but for testing. ;)

    3. Ian Joyner Bronze badge

      >>Rather a new tool called fuzzing to use in something still called testing, according to the Wiki anyway.<<

      A new trendy name does not mean a new technique.

      “The fuzzing of programs with random inputs dates back to the 1950s”

      https://en.wikipedia.org/wiki/Fuzzing

  4. Lars Silver badge
    Joke

    By the way

    Asking Dimitry Yukov if he believes in fairies and Santa Claus is not being mean about Unicorns. A bit sceptic perhaps. Then again searching for "sceptic" I get this:

    "a person inclined to question or doubt accepted opinions."

    "an ancient or modern philosopher who denies the possibility of knowledge, or even rational belief, in some sphere."

    And searching for "skeptic" I get this:

    "a person who questions the validity or authenticity of something purporting to be factual. 2. a person who maintains a doubting attitude, as toward values, plans, statements, or the character of others. 3. a person who doubts the truth of a religion, especially Christianity, or of important elements of it.".

    (Wow, especially Christianity).

    This would all make me very sceptical was it not for my spellchecker who demands me to be skeptical.

    Quite frankly I think Linus should have gone with some nice swear word for less confusion and not risking being considered mean and breaking hearts.

    (And once again I realize I am retired).

    1. allthecoolshortnamesweretaken
  5. Anonymous Coward
    Anonymous Coward

    Unicorns

    "At least you didn't say anything mean about Unicorns."

    I suspect that his views on Unicorns may be similar to Father Jack's views on tea cups.

    https://www.youtube.com/watch?v=0anR6t56PX8

  6. Anonymous Coward
    Anonymous Coward

    Well if he doesn't like it why doesn't he write it himself?

    1. This post has been deleted by its author

    2. deavir

      Sometimes he does

      When he didn't like his choices of software management he took a few weeks off and wrote his own. It is called GIT and is very popular.

  7. Lars Silver badge

    @AC

    I don't think you got what he was writing about, in other words, you did not read it.

  8. EnviableOne

    Now whos waiting for the linus tirade at whoever wrote the WPA supplicant .....

    1. herman

      "Now whos waiting for the linus tirade at whoever wrote the WPA supplicant ....." - On security matters, Theo De Raadt's rants tend to be better.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like