Month of bugs

Short description: Strategy used by security researchers

A month of bugs is a strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations.

Researchers have started such a project for software products where they believe corporations have shown themselves to be unresponsive and uncooperative to security alerts. Responsible disclosure is not working properly, and then find and disclose one security vulnerability each day for one month.

Examples

The original "Month of Bugs" was the Month of Browser Bugs (MoBB) run by security researcher H. D. Moore.^[1]

Subsequent similar projects include:

The Month of Kernel Bugs (MoKB) which published kernel bugs for Mac OS X (now macOS), Linux, FreeBSD, Solaris and Windows, as well as four wireless driver bugs.^[2]^[3]^[4]
The Month of Apple Bugs (MoAB) conducted by researchers Kevin Finisterre and LMH which published bugs related to Mac OS X.^[5]^[6]^[7]
The Month of PHP Bugs sponsored by the Hardened PHP team which published 44 PHP bugs.^[8]^[9]^[10]

References

↑ Kerner, Sean Michael (5 July 2006). "The Month of The Browser Bugs Begins". InternetNews.com. QuinStreet Inc.. http://www.internetnews.com/security/article.php/3618126.
↑ Mogull, Rich (6 November 2006). "Learn from 'Month of Kernel Bugs'". Gartner archive. Gartner Inc.. http://www.gartner.com/DisplayDocument?doc_cd=144700&ref=g_homelink.
↑ Naraine, Ryan (1 November 2006). "Month of Kernel Bugs Launches with Apple Wi-Fi Exploit". eWeek. Ziff Davis Enterprise Holdings Inc.. http://www.eweek.com/c/a/Security/Month-of-Kernel-Bugs-Launches-with-Apple-WiFi-Exploit/.
↑ Evers, Joris (2 November 2006). "Apple wireless flaw revealed". ZDNet. CBS Interactive. http://www.zdnet.co.uk/news/security-threats/2006/11/02/apple-wireless-flaw-revealed-39284508/.
↑ McMillan, Robert (20 December 2006). "Apple Bug-Hunt Begins". PC World. PCWorld Communications, Inc.. http://www.pcworld.com/article/128282/apple_bughunt_begins.html.
↑ Leyden, John (20 December 2006). "Month of Apple bugs planned for January". The Register. The Register. https://www.theregister.co.uk/2006/12/20/month_of_apple_bugs/.
↑ Naraine, Ryan (19 December 2006). "Coming in January: Month of Apple Bugs". eWeek Security Watch. Ziff Davis Enterprise Holdings Inc.. http://securitywatch.eweek.com/apple/coming_in_january_month_of_apple_bugs.html.
↑ Prince, Brian (3 March 2007). "Month of PHP Bugs Begins". eWeek. Ziff Davis Enterprise Holdings Inc.. http://www.eweek.com/c/a/Security/Month-of-PHP-Bugs-Begins/.
↑ Naraine, Ryan (1 March 2007). "Flaw trifecta kicks off Month of PHP bugs". ZDNet. CBS Interactive. http://www.zdnet.com/blog/security/flaw-trifecta-kicks-off-month-of-php-bugs/107.
↑ Naraine, Ryan (4 May 2007). "Controversial 'month of bugs' getting security results". ZDNet. CBS Interactive. http://www.zdnet.com/blog/security/controversial-month-of-bugs-getting-security-results/189?tag=mantle_skin;content.

External links

Month of Kernel Bugs (MoKB) archive
Kernel Fun: Month of the Kernel Bugs blog
Month of Apple Bugs (MoAB) archive
Apple Fun: Month of the Apple Buggs blog
Info-pull.com blog: A complementary blog from the hosts of MoKB and MoAB
The Month of PHP Security

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/Month of bugs. Read more

[MoBB-internetnews.com-1] Kerner, Sean Michael (5 July 2006). "The Month of The Browser Bugs Begins". InternetNews.com. QuinStreet Inc.. http://www.internetnews.com/security/article.php/3618126.

[MoKB-gartner-2] Mogull, Rich (6 November 2006). "Learn from 'Month of Kernel Bugs'". Gartner archive. Gartner Inc.. http://www.gartner.com/DisplayDocument?doc_cd=144700&ref=g_homelink.

[MoKB-eweek-3] Naraine, Ryan (1 November 2006). "Month of Kernel Bugs Launches with Apple Wi-Fi Exploit". eWeek. Ziff Davis Enterprise Holdings Inc.. http://www.eweek.com/c/a/Security/Month-of-Kernel-Bugs-Launches-with-Apple-WiFi-Exploit/.

[MoKB-zdnet-4] Evers, Joris (2 November 2006). "Apple wireless flaw revealed". ZDNet. CBS Interactive. http://www.zdnet.co.uk/news/security-threats/2006/11/02/apple-wireless-flaw-revealed-39284508/.

[MoAB-PCWorld-5] McMillan, Robert (20 December 2006). "Apple Bug-Hunt Begins". PC World. PCWorld Communications, Inc.. http://www.pcworld.com/article/128282/apple_bughunt_begins.html.

[MoAB-theregister-6] Leyden, John (20 December 2006). "Month of Apple bugs planned for January". The Register. The Register. https://www.theregister.co.uk/2006/12/20/month_of_apple_bugs/.

[MoAB-eweek-7] Naraine, Ryan (19 December 2006). "Coming in January: Month of Apple Bugs". eWeek Security Watch. Ziff Davis Enterprise Holdings Inc.. http://securitywatch.eweek.com/apple/coming_in_january_month_of_apple_bugs.html.

[MoPHPB-eweek-8] Prince, Brian (3 March 2007). "Month of PHP Bugs Begins". eWeek. Ziff Davis Enterprise Holdings Inc.. http://www.eweek.com/c/a/Security/Month-of-PHP-Bugs-Begins/.

[MoPHPB-zdnet-9] Naraine, Ryan (1 March 2007). "Flaw trifecta kicks off Month of PHP bugs". ZDNet. CBS Interactive. http://www.zdnet.com/blog/security/flaw-trifecta-kicks-off-month-of-php-bugs/107.

[MoPHPB-zdnet-result-10] Naraine, Ryan (4 May 2007). "Controversial 'month of bugs' getting security results". ZDNet. CBS Interactive. http://www.zdnet.com/blog/security/controversial-month-of-bugs-getting-security-results/189?tag=mantle_skin;content.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

Anonymous

Search

Month of bugs

Namespaces

More

Page actions

Contents

Examples

See also

References

Further reading

External links

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

Month of bugs

Examples

See also

References

Further reading

External links

Navigation

Wiki tools

Page tools

Other projects

Categories