Confirm
529
edits
Changes
Created page with "= Winter Of Security 2015 = 500px The Winter of Security (MWOS) is Mozilla's program to involve students with Securit..."
= Winter Of Security 2015 =
[[File:WinterOfSecurity_logo_light_horizontal.png|right|500px]]
The Winter of Security (MWOS) is Mozilla's program to involve students with Security projects. Students who have to perform a semester project as part of their university curriculum can apply to one of the MWOS project. Projects are guided by a Mozilla Adviser, and a University Professor. Students are graded by their University, based on success criteria identified at the beginning of the project. Mozilla Advisers allocate up to 2 hours each week to their students, typically on video-conference, to discuss progress and roadblocks.
Projects are focused on building security tools, and students are expected to write code which must be released as Open Source. Universities are free to specify their own requirements to projects, such as written reports. Mozilla does not influence the way grades are allocated, but advisers will provide any information professors need in order to grade their students.
Note on language: English is required for code comments and documentation, but not for interactions between students and advisers. Advisers who speak the same language as their students are encouraged to interact in that language.
== Selection process ==
Projects are assigned to groups of students. Groups are defined by the universities, and can be of any size between 1 and 4 students. The selection process is open to all students in undergraduate/license and graduate/master programs. A group applies to up to 3 projects by submitting an application that contains:
* the names of the projects the team is applying to
* team introduction and motivation (max 1000 characters)
* presentation of the university program (max 500 characters)
* short description of each team member (skills, interest, ...) (max 500 character for each team member)
* links to relevant resources (university website, resumes, ...)
'''UPDATE: Application to the 2015 edition of Mozilla Winter of Security is not open yet.'''
== Timeline ==
The application deadline is July 31st, 2015. We will take a few weeks to review all applications and inform the candidates by middle of August.
The students and their professor can decide on the timeline, and make sure that it fits well with other classes.
Ideally, projects should not take more than 6 months from start to finish.
Mozilla advisors will be available weekly on video (Vidyo, Google Hangout or Skype) to discuss progress and roadblocks, and provide help. Professors can set intermediary deadlines if needed, and have complete control over the grading of their students.
== Student projects ==
=== Masche: Kernel memory scanning for threats and vulnerabilities ===
* Mozilla Advisor: [https://mozillians.org/en-US/u/jvehent/ Julien Vehent]
* difficulty: high
* language: english or french
The [https://github.com/mozilla/masche Masche] project is a cross-platform memory scanning library written in Go for use in [http://mig.mozilla.org Mozilla InvestiGator (MIG)]. Masche was built by a team of students during MWoS 2014 ([https://air.mozilla.org/mwos-2014-masche-2/ watch presentation]) and is now used across Mozilla's infrastructure to scan userland memory space on servers. The goal of this year's project is to add kernel memory scanning to the Masche library for all 3 major OSes (Linux, Windows & MacOS). The team will be tasked with implementing kernel drivers that can be used to acquire memory that is normally not accessible to userland processes (see [https://github.com/504ensicsLabs/LiME LiME] for an example of such driver).
This is a difficult project that will require strong skills in C programming and operating systems architecture. Candidates should demonstrate current knowledge and projects or code that relate to kernel programming in their application.
=== PROJECT: TITLE ===
* Mozilla Advisor: NAME
* difficulty: low/medium/high
* language:
DESCRIPTION
== FAQ ==
* What is meant by "Presentation of the University program" in the application form?
We would like to see what kind of degree your are currently pursuing (e.g. Bachelor of Science in Computer Science or Master of Science in IT Security, ..), as well as a description of the University itself. This is another data point that gives us more information about the applicants' chances to successfully complete a project.
* Can students apply to multiple projects?
Yes. Students can apply to one or more projects. Students cannot apply twice for the same project, even if their team compositions varies.
* What criteria will you use to select the candidates?
The skills and passion of the team members are key points. The size of the team may play in the favor of applicants, but is not a requirement. A single candidate who can show a portfolio of successful projects will have the same chances as larger teams.
Commitment from the University is a strong requirement. Students need to demonstrate that their professors support them, and will give them time to work on the projects. The ideal situation is for a team to pick a MWoS project as their final thesis, and work on the project for a full semester. Not all students will be able to do so, and we will evaluate all applications with the same level of scrutiny.
* Can I still work on Mozilla projects if I am not selected for MWoS?
Yes! We continuously have projects that are available for students to grab! Take a look at the [[Security/Mentorship|Mentorship]] program, and reach out to us in the #security IRC channel if you are interested.
== Media ==
[[File:WinterOfSecurity_logo_light_horizontal.png|400px]]
[[File:WinterOfSecurity_logo_dark_horizontal.png|400px]]
[[File:WinterOfSecurity_logo_light_vertical.png|300px]]
[[File:WinterOfSecurity_logo_dark_vertical2.png|300px]]
[[File:WinterOfSecurity_logo_light_horizontal.png|right|500px]]
The Winter of Security (MWOS) is Mozilla's program to involve students with Security projects. Students who have to perform a semester project as part of their university curriculum can apply to one of the MWOS project. Projects are guided by a Mozilla Adviser, and a University Professor. Students are graded by their University, based on success criteria identified at the beginning of the project. Mozilla Advisers allocate up to 2 hours each week to their students, typically on video-conference, to discuss progress and roadblocks.
Projects are focused on building security tools, and students are expected to write code which must be released as Open Source. Universities are free to specify their own requirements to projects, such as written reports. Mozilla does not influence the way grades are allocated, but advisers will provide any information professors need in order to grade their students.
Note on language: English is required for code comments and documentation, but not for interactions between students and advisers. Advisers who speak the same language as their students are encouraged to interact in that language.
== Selection process ==
Projects are assigned to groups of students. Groups are defined by the universities, and can be of any size between 1 and 4 students. The selection process is open to all students in undergraduate/license and graduate/master programs. A group applies to up to 3 projects by submitting an application that contains:
* the names of the projects the team is applying to
* team introduction and motivation (max 1000 characters)
* presentation of the university program (max 500 characters)
* short description of each team member (skills, interest, ...) (max 500 character for each team member)
* links to relevant resources (university website, resumes, ...)
'''UPDATE: Application to the 2015 edition of Mozilla Winter of Security is not open yet.'''
== Timeline ==
The application deadline is July 31st, 2015. We will take a few weeks to review all applications and inform the candidates by middle of August.
The students and their professor can decide on the timeline, and make sure that it fits well with other classes.
Ideally, projects should not take more than 6 months from start to finish.
Mozilla advisors will be available weekly on video (Vidyo, Google Hangout or Skype) to discuss progress and roadblocks, and provide help. Professors can set intermediary deadlines if needed, and have complete control over the grading of their students.
== Student projects ==
=== Masche: Kernel memory scanning for threats and vulnerabilities ===
* Mozilla Advisor: [https://mozillians.org/en-US/u/jvehent/ Julien Vehent]
* difficulty: high
* language: english or french
The [https://github.com/mozilla/masche Masche] project is a cross-platform memory scanning library written in Go for use in [http://mig.mozilla.org Mozilla InvestiGator (MIG)]. Masche was built by a team of students during MWoS 2014 ([https://air.mozilla.org/mwos-2014-masche-2/ watch presentation]) and is now used across Mozilla's infrastructure to scan userland memory space on servers. The goal of this year's project is to add kernel memory scanning to the Masche library for all 3 major OSes (Linux, Windows & MacOS). The team will be tasked with implementing kernel drivers that can be used to acquire memory that is normally not accessible to userland processes (see [https://github.com/504ensicsLabs/LiME LiME] for an example of such driver).
This is a difficult project that will require strong skills in C programming and operating systems architecture. Candidates should demonstrate current knowledge and projects or code that relate to kernel programming in their application.
=== PROJECT: TITLE ===
* Mozilla Advisor: NAME
* difficulty: low/medium/high
* language:
DESCRIPTION
== FAQ ==
* What is meant by "Presentation of the University program" in the application form?
We would like to see what kind of degree your are currently pursuing (e.g. Bachelor of Science in Computer Science or Master of Science in IT Security, ..), as well as a description of the University itself. This is another data point that gives us more information about the applicants' chances to successfully complete a project.
* Can students apply to multiple projects?
Yes. Students can apply to one or more projects. Students cannot apply twice for the same project, even if their team compositions varies.
* What criteria will you use to select the candidates?
The skills and passion of the team members are key points. The size of the team may play in the favor of applicants, but is not a requirement. A single candidate who can show a portfolio of successful projects will have the same chances as larger teams.
Commitment from the University is a strong requirement. Students need to demonstrate that their professors support them, and will give them time to work on the projects. The ideal situation is for a team to pick a MWoS project as their final thesis, and work on the project for a full semester. Not all students will be able to do so, and we will evaluate all applications with the same level of scrutiny.
* Can I still work on Mozilla projects if I am not selected for MWoS?
Yes! We continuously have projects that are available for students to grab! Take a look at the [[Security/Mentorship|Mentorship]] program, and reach out to us in the #security IRC channel if you are interested.
== Media ==
[[File:WinterOfSecurity_logo_light_horizontal.png|400px]]
[[File:WinterOfSecurity_logo_dark_horizontal.png|400px]]
[[File:WinterOfSecurity_logo_light_vertical.png|300px]]
[[File:WinterOfSecurity_logo_dark_vertical2.png|300px]]
