Skip to Content

So Many Bugs, So Little Time

Tools that find serious bugs automatically could lead to safer, more stable software.
July 27, 2010

Several talks at the Black Hat security conference this week in Las Vegas will focus on tools that could make software safer by automatically searching for bugs–and pinpointing the ones that could be most dangerous.

Bug hunting used to be a painstaking process. Researchers found one at a time, figured out what caused it and what dangers it posed, and revealed it, to a software vendor or publicly, so that it could be fixed. But in recent years, popular software has improved, and bugs aren’t so easy to find. On top of that, commercial programs are increasingly large and complex, making it time-consuming to manually search for potential bugs. However, new software tools are helping to automate the process, which may mean programs that work more reliably and are safer for users.

The development of a technique known as “fuzzing” has led to a shift in the way software bugs are discovered. Fuzzing involves repeatedly feeding randomly altered input into a program, causing the program to crash. Those inputs that caused it to crash could reveal an important bug.

Charlie Miller, a security researcher with Baltimore-based Independent Security Evaluators will discuss fuzzing at Black Hat, a conference that brings together researchers from government, academia, industry, and the hacking underground. Miller explains that only some of the crashes caused through fuzzing have major security implications. The work required to identify important crashes is compounded by a new, more intensive approach called “industrial fuzzing.” Researchers are now turning to new tools to help quickly sort through these bugs.

Ben Nagy, a senior security researcher with the Singapore-based COSEINC, is one of the researchers credited with inventing industrial fuzzing. He is developing a tool that could help researchers figure out precisely where a program has gone wrong after a crash occurs. He’s been working with colleagues to mine data on hundreds of thousands of crashes, in search of patterns that can be used to reliably predict the cause of a crash.

Miller will also present a possible solution for analyzing crashes–a platform known as BitBlaze, created by researchers at the University of California, Berkeley, including Dawn Song. BitBlaze is a set of tools that can follow exactly what’s happening within a program, making it easier to analyze the potential security flaws found through industrial fuzzing. Miller says BitBlaze can trace the path of a single byte of information, and track every instruction the program executes and find where it differed from normal function.

Miller used BitBlaze to analyze crashes involving both Adobe Reader and Open Office. Before using the software, he says he spent up to a week analyzing the cause of some software crashes. With BitBlaze, Miller says he can analyze some crashes almost instantly, while others take up to a day.

If industrial fuzzing turns out to work on all types of software, it could change the way companies test to make sure their code functions and is secure, says Vincenzo Iozzo, an engineer for Zynamics, a security company based in Bochum, Germany. Instead of hiring experts to review software by hand, software companies could automate the review process, Iozzo says. However, this simply shifts the problem to analyzing the bugs and figuring out how to fix them. “There is no way to be 100 percent sure that a bug is exploitable or not without human intervention,” he says.

Keep Reading

Most Popular

The Steiner tree problem:  Connect a set of points with line segments of minimum total length.
The Steiner tree problem:  Connect a set of points with line segments of minimum total length.

The 50-year-old problem that eludes theoretical computer science

A solution to P vs NP could unlock countless computational problems—or keep them forever out of reach.

section of Rima Sharp captured by the LRO
section of Rima Sharp captured by the LRO

The moon didn’t die as early as we thought

Samples from China’s lunar lander could change everything we know about the moon’s volcanic record.

conceptual illustration of a heart with an arrow going in on one side and a cursor coming out on the other
conceptual illustration of a heart with an arrow going in on one side and a cursor coming out on the other

Forget dating apps: Here’s how the net’s newest matchmakers help you find love

Fed up with apps, people looking for romance are finding inspiration on Twitter, TikTok—and even email newsletters.

ASML machine
ASML machine

Inside the machine that saved Moore’s Law

The Dutch firm ASML spent $9 billion and 17 years developing a way to keep making denser computer chips.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.