back to article And you thought Fuzzilli was a pasta... Google offers up $50k in cloud credits to fuzz the hell out of JavaScript engines

Google is offering bug hunters thousands of dollars worth of compute time on its cloud to hammer away at JavaScript engines and uncover new security flaws in the software. The Mountain View ads giant said it will hand folks each up to $5,000 in Google Compute Engine (GCE) credits to conduct fuzzing tests on JS interpreters, …

  1. chuckufarley

    Why spend money...

    ...on something 4chan already knows?

  2. Dinanziame Silver badge
    Paris Hilton

    Maybe I'm too old, but I'd have thought finding security vulnerabilities in anything Javascript-related would be like shooting fish in a barrel. Apparently, not so.

  3. alain williams Silver badge

    Javascript security flaws ...

    You could start by pointing out that loading any javascript from google-analytics.com results is a loss of privacy about the person who is web browsing.

    1. Claverhouse Silver badge

      Re: Javascript security flaws ...

      I have google-analytics.com in my Steve Black Hosts file just in case.

  4. LDS Silver badge
    Devil

    "relatively slow processing of input."

    What, wasn't JS as efficient as natively compiled code?

    1. RM Myers Silver badge
      Unhappy

      Re: "relatively slow processing of input."

      I've seen some incredibly slow natively compiled code. It doesn't matter how fast the machines get, poorly designed and programmed software can still bring it to its knees. Maybe JS is as efficient as poor quality natively compiled code.

  5. Rol Silver badge

    Babellian task

    Many flaws have been found by people just mucking around, in the same way kids find every nook and cranny in a game by messing and not doing as the game strategy suggests.

    I remember a lovely flaw being found in just this manner in Commodore basic on their CBM PET, where the remark statement could be utilised to create some very interesting and non-intuitive results. Now harking back to those days, when I was poring over the ins and outs of Boolean, half adders and the like, a rather tedious and mind numbing task was to create truth tables, which basically shown the output for every combination of inputs, and thus prove the logic worked.

    Truth tables for something as simple as an half adder circuit, were...simple, but that is where this Herculean task starts - to find the flaws, you do a truth table for the entire program.

    Think tower of Babel, except most of the books are word perfect and the madness of finding badly written books can be heaved over to a suitably crafted program that runs for not quite an eternity.

  6. Snowy Silver badge
    Facepalm

    If you think...

    Fuzzilli was a pasta you need to learn how to spell better, the pasta is spelt Fusilli!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021