[fuzzing] Commercial Fuzzer and Open-source Fuzzer comparison
Ari Takanen
ari.takanen at codenomicon.com
Tue Jul 7 11:13:41 UTC 2009
I completely agree. And they keep on finding problems unless people
see the problem with them, and upgrade to something more effective.
Use of 10 bad fuzzers will result in each of them finding new issues
that the others cannot find. The problem is that as long as someone is
using one bad fuzzer, they rarely look at anything else.
Maybe I shoud have said: "It is sad to see that so many companies
depend on those dumb fuzzers, and do not even know the quality of the
fuzzing they do."
/Ari
On Tue, Jul 07, 2009 at 12:31:13PM +0200, Thierry Zoller wrote:
>
> >It is sad to see that those dumb fuzzers are still widely
> >used.
> I digress, it's sad to see those dumb fuzzers are still finding
> bugs, after the product went live. That's sad.
>
> --
> http://blog.zoller.lu
> Thierry Zoller
--
-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-
Ari Takanen Codenomicon Ltd.
ari.takanen at codenomicon.com Tutkijantie 4E
tel: +358-40 50 67678 FI-90570 Oulu
http://www.codenomicon.com Finland
PGP: http://www.codenomicon.com/codenomicon-key.asc
-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-
More information about the fuzzing
mailing list