Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
Register Now for ApacheCon North America 2014 - April 7-9 in Denver, CO. Registration fees increase on March 15th, so don’t delay!
View analytic
Monday, April 7 • 3:00pm - 3:50pm
Fuzzing Apache OpenOffice: An Approach to Automated Black-box Security Testing

Sign up or log in to save this to your schedule and see who's attending!

Fuzzing or Fuzz Testing is an automated testing approach where random data is given as input to software in hopes of provoking a fault or other adverse side-effects.   Fuzzing is especially useful for testing an application's exposure to tainted user input, e.g., document files, historically a popular vector for attacking desktop editors.

In this session Rob Weir will introduce the theory of fuzzing, review the history of its application to OpenOffice, describe in detail our current fuzzing environment and discuss some of the issues discovered by this technique.  Rob will also suggest some future paths for making fuzzing even more effective with OpenOffice.

Speakers
avatar for Rob Weir

Rob Weir

Senior Technical Staff Member, IBM
Rob is a 23 year veteran of IBM where he works on strategy related to user productivity, including office editors. He is a PMC member of the Apache OpenOffice project and the ODF Toolkit Podling, and Chairs the OASIS Open Document Format Technical Committee. Rob has spoken at LinuxTag, KDE aKademy, the OASIS Symposium, and numerous OOoCons and ODF Plugfests.


Monday April 7, 2014 3:00pm - 3:50pm
Blake

Attendees (10)