Google details Chrome browser security-testing technology

'ClusterFuzz' is an industrial-strength system the company uses to check for holes in the browser

By Juan Carlos Perez

April 26, 2012 03:34 PM ET

IDG News Service - Since late last year, Google has been using an industrial-strength testing system to identify, analyze and fix security holes in its Chrome browser, helping it significantly cut down on the number of vulnerabilities that slip through to the most recent version product in production.

Google calls the system ClusterFuzz. It's made up of "several hundred" virtual machines loaded with about 6,000 Chrome instances, subjecting them to about 50 million test cases every day, the company said Thursday.

The system's capacity is projected to quadruple in the coming weeks. Since its full deployment late last year, ClusterFuzz has flagged 95 unique vulnerabilities, 44 of which were fixed before making it into the most recent stable release of the browser, according to a Google blog post.

In addition to benefiting users of the product, the detections also help open-source software used by Chrome like WebKit and FFmpeg, because Google submits vulnerability reports to their project teams.

In addition to running the tests and detecting browser crashes, ClusterFuzz is also used to manage the distribution of test cases, analyze the crashes to determine if they involve a security hole that can be exploited, and verify if a vulnerability has been properly fixed.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

Comments ()

Today's Top Stories

Additional Resources

WHITE PAPER

How Cloud Communications Reduce Costs and Increase Productivity

Small and midsize businesses are moving to the cloud to host their communications capabilities. Learn how enterprise-quality phone benefits, online management, conferencing, auto attendant, and ease of use are built into a system that is half the cost of a PBX.

Read now.

Free Insider Guide

IT Certification Study Tips: Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.

Desktop Apps Resources

Harness IT -- An Introduction to Business Intelligence Solutions Learn the key selection criteria required to provide your organization with the capability to address structured data, unstructured data and mobile demands so...
Business Intelligence Shows its Smarts Today's Business Intelligence (BI) tools provide a new way to think about data with self-service capabilities and user-friendly analytics that can be used...
Proactive Planning for Big Data Big data is less about the terabytes and more about the query tools and business intelligence needed to make sense of massive amounts...
Inquiry Spotlight: Consumer-Facing Identity The challenges of consumer-facing identity management, access management, and authentication differ in ways subtle and dramatic from those of the employee-facing variety.

Becoming An Analytics Driven Organization Join us on Tuesday, June 18, 2013, 11:00 AM EDT and learn how your agency can create an analytics culture that will enable...
3 Reasons Why Sepaton is the World's Fastest Backup Solution Leading analyst, Storage Switzerland learns how Sepaton backs up and deduplicates massive data volumes while maintaining the industry's fastest performance - all in...

All Desktop Apps White Papers

Webcasts

New newsletter: Consumerization of IT

Our weekly newsletter will cover a wide range of topics and trends related to consumerization. Stay up to date with news, reviews and in-depth coverage of BYOD, smartphones, tablets, MDM, cloud, social and how consumerization affects IT. Subscribe now!

IT Jobs

See All Jobs Post a job for $295

Jobs by SimplyHired

Desktop Apps White Papers | All Desktop Apps White Papers