Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 27 Mar 2015 01:40:44 +0300
From: Alexander Cherepanov <ch3root@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Advice on proposal: John the Ripper jumbo robustness

On 2015-03-17 18:43, Kai Zhao wrote:
> Hi there, below is the link of my proposal on the project: John the Ripper
> jumbo robustness
> improvements
>
> http://www.google-melange.com/gsoc/proposal/public/google/gsoc2015/zhaokai/5629499534213120

[skip]

> I would appreciate it if you can give me some advice on this proposal.

I've take a look at your updated proposal. Here are some thoughts:

-  I don't think that "Test with increased LINE_BUFFER_SIZE" is worth to 
be a separate item -- just always fuzz with increased LINE_BUFFER_SIZE 
(unless it degrades performance);

- perhaps add General cleaning and hardening builds instead;

- fuzzing in the first item of your timeline is with AFL? If so it's 
better to mention it (as opposed to custom fuzzer);

- if put a custom fuzzer after AFL and propose to spend a lot of time on 
it I think it's better explain what do you think about and why custom 
fuzzer will be better. The idea was to switch from the existing custom 
fuzzer to AFL. It could very well be that a more advanced custom fuzzer 
will be much better but this idea will benefit from some explanation;

- maybe adjust dates to better match gsoc timeline (e.g. "29 August" in 
your proposal vs. "28 August" in [1]);

- probably mention that the project will benefit from availability of 
GPUs (improving the robustness of GPU formats).

[1] https://www.google-melange.com/gsoc/events/google/gsoc2015

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ