Mozilla And BlackBerry Collaborating On Bug Squishing Tech

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Firefox maker announces two open source security projects, one a fuzzing tool, the other a security testing platform

Firefox maker Mozilla and smartphone seller BlackBerry have teamed up to produce open source bug finding code and are planning on creating more fully-formed software soon.

The Peach fuzzing, or fault injection framework on which future technologies will be built is the focus of the collaboration, Mozilla said in a blog post yesterday.

BlackBerry Q5 Red 2Mozilla open source security drive

“Mozilla and BlackBerry are working together to advance the Peach fuzzing software for testing Web browsers. We will also collaborate on fuzzing techniques and approaches to jointly raise the security protections provided to our users,” Michael Coates, director of security assurance at the open source company, wrote.

Fuzzing sees software throw malformed data at specific applications to see if it is processed correctly. If it doesn’t, that’s a flaw, some of which can be serious if they can be exploited by hackers in some way.

Meanwhile, Mozilla has launched a free and open source security testing platform called Minion.

“The Minion testing platform takes a different approach to automated web security testing by focusing on correct and actionable results that don’t require a security professional to validate,” Coates added.

“Many security tools generate excessive amounts of data, including incorrectly identified issues that require many hours of specialized research by a security professional.

“Minion favours accuracy and simplicity and is designed so every developer, regardless of security expertise, can use this platform to increase the security of their applications.”

What do you know about Internet security? Find out with our quiz!