Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hack PySyft #2421

Open
iamtrask opened this issue Jul 31, 2019 · 5 comments

Comments

@iamtrask
Copy link
Member

commented Jul 31, 2019

Some day, when PySyft is deployed in production around the world, someone evil is going to try to hack PySyft and steal personal data.

This Issue is where we try to do it first.

To help get you started, I've created a directory of hacking challenges, each of which create a scenario where you are to try to steal data.

https://github.com/OpenMined/PySyft/tree/dev/examples/pen_testing/

Good luck, and if you find any exploits, please do create a Github Issue and link to it in the comments below.

Also, if you would like to design your own hacking scenarios (and make the case as for why our existing hacking scenarios don't cover them), that's cool too.

@amit-rastogi

This comment has been minimized.

Copy link
Member

commented Aug 1, 2019

The WebSocketServer could be prone to a DoS attack
#2428

@youben11

This comment has been minimized.

Copy link
Contributor

commented Aug 1, 2019

Private tensor disclosure possible through execute_command from BaseWorker
#2432

@chicolinux

This comment has been minimized.

Copy link

commented Aug 5, 2019

Hello guys! I'm the new kid on the block! I am on Slack channel as well! I would like to work on this issue, if this one is still available to take!! Best Regards!!

@amit-rastogi

This comment has been minimized.

Copy link
Member

commented Aug 5, 2019

Tensors remain in server memory if websocketclient connection closes abruptly #2442

@iamtrask

This comment has been minimized.

Copy link
Member Author

commented Aug 5, 2019

@chicolinux - anyone can pick this up - lots of people can work on it simultaneously :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.