Do we have a Boinc virus?


log in

Advanced search

Message boards : Number crunching : Do we have a Boinc virus?

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 . . . 27 · Next
Author Message
Profile Darth Dogbytes™
Volunteer tester
Send message
Joined: 30 Jul 03
Posts: 7512
Credit: 2,021,148
RAC: 0
United States
Message 240507 - Posted: 1 Feb 2006, 0:22:23 UTC - in response to Message 240498.

so lets all just wait and see what happens. Something will turn up.

Exactly.



____________
Account frozen...

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 240509 - Posted: 1 Feb 2006, 0:37:25 UTC

I say terminate the account and let me have the credits.

*evil grin*
____________


http://www.mikesbawx.org/photo/

Jack Gulley
Send message
Joined: 4 Mar 03
Posts: 423
Credit: 526,566
RAC: 0
United States
Message 240515 - Posted: 1 Feb 2006, 1:20:21 UTC

If the account owner has done nothing and has nothing to hide, he would remove the "hidden" status of his systems. Then all could see how many he has. And he could point out the one or two that do not belong to him. I am sure as a major team leader he would notice a large number of systems reporting to his account if he did not own that many, and do something about it. (Not just start his own new team.)

By tracking IP addresses of connections for this account, it would not be too hard to tell which belong to his location/ISP, and which are from infected systems. Only then will they know how wide spread the problem is.

kevint
Volunteer tester
Send message
Joined: 17 May 99
Posts: 414
Credit: 11,680,240
RAC: 0
United States
Message 240552 - Posted: 1 Feb 2006, 2:52:46 UTC - in response to Message 240218.

Very interesting ... quite an exploit ... :(

I wonder if this would be a good canditate for: Total Credit => 0 ...


If true - he should be a candidate for total credit =0 and all team credits he has generated so far - including team credits while he was crunching for Germany -
No offense team Germany. As this unfolds it will be interesting for sure!

____________

kevint
Volunteer tester
Send message
Joined: 17 May 99
Posts: 414
Credit: 11,680,240
RAC: 0
United States
Message 240555 - Posted: 1 Feb 2006, 3:08:48 UTC - in response to Message 240361.

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?


If someone did - Carsten would know about it - he would see his credit and notice that something is not right - wouldnt he then contact Berkley and try to find out what is going on ?

____________

Profile [SETI.USA] OneChicken
Avatar
Send message
Joined: 3 Apr 04
Posts: 70
Credit: 906,887
RAC: 0
United States
Message 240562 - Posted: 1 Feb 2006, 3:25:04 UTC - in response to Message 240555.
Last modified: 1 Feb 2006, 3:26:05 UTC

From Trux:


I do not think it is the same case. This one seems to use different credentials and the classic client. I'd be interested though if it was investigated and the perpetrator persecuted. I mean this is a clearly criminal activity and should be followed up as such, regardless if the author did it in sake of "helping" the science, or just to improve his ranking (and his ego). And since it is not too dificult to track down the account owner, and verifying if it was him who launched the virus, I wonder if the responsible authorities were informed.


I totally agree with Trux's statement. Whether he was installing SETI or trying to steal information from a computer, this is a criminal act and needs to be dealt with as one. At the very least, this alleged-virus-planting-user is guilty of knowing that this was going on and doing nothing about it.

If my RAC started to rise like that and there were strange hosts on my list I would definitely notify someone @ Berkeley...
____________


Proud member of SETI.USA

Profile Webmaster Yoda
Volunteer tester
Avatar
Send message
Joined: 3 Apr 99
Posts: 52
Credit: 500,125
RAC: 0
Australia
Message 240564 - Posted: 1 Feb 2006, 3:35:49 UTC - in response to Message 240555.
Last modified: 1 Feb 2006, 3:38:27 UTC

All speculation... So here's a bit more.

He claims he doesn't know how to write a virus and we have no proof that he can or has done so. Still, Google his name and observe the interests/skills someone with the same name appears to have. Proves nothing, but it's interesting.

While from the project's point of view I guess these hosts are helping, if SETI is running on them without the owner's knowledge and consent (as appears to be the case with the initial report), it would be a violation of the rules, by the person who installed it or caused it to be installed.

I'm sure BOINC/SETI would not want to be a knowing party to, or beneficiary of illegal/criminal activity, if that's what this turns out to be.

At any rate, Matt says he's looking into it. Let's leave it to him and see what happens.

Meanwhile, keep crunching, people!

[edit]
P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does.
[/edit]

____________
*** Join the #1 Aussie Alliance on SETI ***

Profile Misfit
Volunteer tester
Avatar
Send message
Joined: 21 Jun 01
Posts: 21790
Credit: 2,510,901
RAC: 0
United States
Message 240565 - Posted: 1 Feb 2006, 3:40:31 UTC - in response to Message 240361.
Last modified: 1 Feb 2006, 3:44:59 UTC

I just got off the phone with Rom Walton, one of the Berkeley Devs. He informed me that they (SSL/project devs) are aware of this situation, and that they are currently investigating it. It will be given their full attention.

Like I said, Matt is one of the devs, and once I say his post, I knew that they were aware of the problem. It is good that they are actively looking into it.

The Devs have phones? Your donations at work! ;)

Profile trux
Volunteer tester
Avatar
Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 240567 - Posted: 1 Feb 2006, 3:55:47 UTC - in response to Message 240564.

P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does.
He definitely does - he changed the team from SETI Germany to his own one just few days ago. When doing it, you definitely have to pass through your account, where it is inavoidable that you see your RAC and your total credit. Well, now we can speculate that he has 1000 own hosts, and just this single and only stolen one - in that case you are certainly right - he would not notice the difference. However, I'd rather speculate the ratio is rather in the opposite way. Still only speculations. Hope we see the truth soon.


____________
trux
BOINC software
Freediving Team
Czech Republic

Profile thepossum1
Avatar
Send message
Joined: 15 Apr 00
Posts: 106
Credit: 213,585
RAC: 0
United States
Message 240580 - Posted: 1 Feb 2006, 4:38:11 UTC - in response to Message 240567.

P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does.
He definitely does - he changed the team from SETI Germany to his own one just few days ago. When doing it, you definitely have to pass through your account, where it is inavoidable that you see your RAC and your total credit. Well, now we can speculate that he has 1000 own hosts, and just this single and only stolen one - in that case you are certainly right - he would not notice the difference. However, I'd rather speculate the ratio is rather in the opposite way. Still only speculations. Hope we see the truth soon.



Oh, I'd say he DEFINTELY is interested in stats and knows very well what his are. The following is from the forum on Seti.Germany's site:
Autor Thread "schlechte Team-Statistik: deutsche Teams"
Carsten_Giese
Beiträge: 1
schlechte Team-Statistik: deutsche Teams (vom 12.01.2006 - 10:49:24) Mit Zitat antworten
Hallo, SetiGermany-Admins,
kann mir jemand die Frage beantworten, warum in Eurer Team-Statistik für die deutschen Teams nur die Teams angezeigt werden sollen, die mehr als 10 Mitglieder haben?

Wir haben auf unseren Firmenservern nur einen Account, haben aber über 6 Millionen Credits im Laufe der Jahre angesammelt. Meiner Meinung nach sollte doch die Anzahl der Credits beim Ranking im Vordergrund stehen und das sollte in Eurer Statistik doch auch durch das Ranking "belohnt" werden.

Wäre schön, wenn Ihr bei Euren Statistiken den Filter "mind. 10 Members" herausnehmen könntet, um auch kleinen und sehr erfolgreichen Teams eine Chance zu geben, bei Euch gelistet zu sein. Ansonsten entsteht doch m. E. der Eindruck, dass hier absichtlich mit Filtern "manipuliert" wird.

Gruß:
Carsten Giese
Deutsches Team "ESC-Consult"




____________

Profile Jon C Melusky
Avatar
Send message
Joined: 13 Dec 00
Posts: 12
Credit: 750,157
RAC: 539
United States
Message 240581 - Posted: 1 Feb 2006, 4:42:41 UTC - in response to Message 240427.

He wrote he did not know how to write viruses. I wrote I'd be very interested in his opinion and explanation, since I assume he had to see the RAC increase. I am just afraid he won't answer anymore. I am temped to call him, but again, I am no official BOINC representant, and it is not my business to make any such investigation.


Hmmmmm... I don't think anyone smart enough to put BOINC on other people's computers with a virus would leave any trace of their own ID number. But they could be smart in some ways and not in others. But I wonder if such a person would create it to benefit BOINC, but not realize that it hurts BOINC when this is found out eventually ? Or perhaps the person who benefits from the virus has

Jonathan
____________

Profile Lazy@SETI.USA
Avatar
Send message
Joined: 4 Sep 00
Posts: 14
Credit: 23,552,278
RAC: 0
United States
Message 240583 - Posted: 1 Feb 2006, 4:55:28 UTC

So far I have read a lot of speculation with no validation. There are a lot of great theories but nothing to really quantify any drastic measures. As earlier stated the best thing to do at this time would be to wait and see what the people at Berkeley come up with. It should be interesting.
____________
This is only a test...

Profile DrBob
Volunteer tester
Send message
Joined: 27 Sep 99
Posts: 37
Credit: 3,128,333
RAC: 700
United States
Message 240587 - Posted: 1 Feb 2006, 5:05:32 UTC - in response to Message 240583.

So far I have read a lot of speculation with no validation. There are a lot of great theories but nothing to really quantify any drastic measures. As earlier stated the best thing to do at this time would be to wait and see what the people at Berkeley come up with. It should be interesting.


I agree with you Lazy.
____________

Join team, USA

Profile Jon C Melusky
Avatar
Send message
Joined: 13 Dec 00
Posts: 12
Credit: 750,157
RAC: 539
United States
Message 240633 - Posted: 1 Feb 2006, 9:38:15 UTC - in response to Message 240444.
Last modified: 1 Feb 2006, 9:59:44 UTC

[quote] This thread is already no doubt being indexed by Google. Don't expect someone using the search words 'BOINC virus' to bother with the tiny detail of reading the text, a match will be enough to prove the case.

If certain critical mass is reached, there will be 1000s of know-nothings reporting bad news, for every 1 who does know trying to tell the truth. The larger number wins


FYI, "boinc virus" search with google brings up 69 results. But it only shows 11 as the others are repeats or too similar webpages according to google search parameters. Most of the 11 are from April 2005 or August 2004. This thread is not yet indexed by google. Hey now it is indexed ! Luckily I rechecked google just now and I am still in time to edit this post before the 60 minute time window closed editing. (^: Ok so google has 71 results now.

Jonathan
____________

Pepo
Volunteer tester
Avatar
Send message
Joined: 5 Aug 99
Posts: 308
Credit: 418,019
RAC: 0
Slovakia
Message 240670 - Posted: 1 Feb 2006, 13:55:54 UTC - in response to Message 240580.

Oh, I'd say he DEFINTELY is interested in stats and knows very well what his are. The following is from the forum on Seti.Germany's site:
Thread "schlechte Team-Statistik: deutsche Teams" (vom 12.01.2006 - 10:49:24)
Wir haben auf unseren Firmenservern nur einen Account, haben aber über 6 Millionen Credits im Laufe der Jahre angesammelt....

Gruß: Carsten Giese, Deutsches Team "ESC-Consult"

(shortened) "On our company's servers we have only one account, but we collected over 6 million Credits during the year...."

My question would be: do Carsten's computers use IPs mostly from some IP range (ideally belonging to ESC-Consult), or are they semi-randomly placed over the internet? Should not be a problem to check.

Peter

Gone thanks to mmciastro
Avatar
Send message
Joined: 30 Jun 99
Posts: 51
Credit: 112,892
RAC: 0
Message 240675 - Posted: 1 Feb 2006, 14:20:33 UTC - in response to Message 240670.

According to BOINCstats Carsten has got 13 hosts. So with an RAC of 120.000+ these have to be powerful machines at the upper range of what is available today. It would not make any sense to capture single machines unless they are very powerful too as slow PCs would not add to that RAC considerably. But such powerful machines tend to be administrated by very skilled persons who would get to the fraud in a minute. Replaced system files like the wupdmgr.exe would hardly go unheeded.

This sounds all too fishy to be a case of fraud by the account owner himself. I would rather expect a single and very bad joke, which fits with the number of 13 hosts; there surely will not be half a dozen captured average PCs among them as the supposed culprit would then have to have 6 or 7 own machines getting an RAC of 20.000 each, whew! With that crunching power, who needs to cheat for keeps of some hundred or even one or two thousand RAC?

Regards,

Christoph
____________
"I know that you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I meant." R.M. Nixon

Profile thepossum1
Avatar
Send message
Joined: 15 Apr 00
Posts: 106
Credit: 213,585
RAC: 0
United States
Message 240687 - Posted: 1 Feb 2006, 15:00:15 UTC - in response to Message 240675.

According to BOINCstats Carsten has got 13 hosts.<snip>
Regards,

Christoph


The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. HOST STATS

Again, this is all circumstantial "evidence" and Berkeley is investigating and will take appropriate action. It's sad that something like this ever happens because it does put BOINC/Seti in a bad light even if it's not any of their doing.
____________

Profile Ananas
Volunteer tester
Send message
Joined: 14 Dec 01
Posts: 192
Credit: 2,319,430
RAC: 0
Germany
Message 240689 - Posted: 1 Feb 2006, 15:10:48 UTC - in response to Message 240687.
Last modified: 1 Feb 2006, 15:16:31 UTC

The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed.


BOINC 4.19 maybe? I guess BOINCstats needs the cross project host ID, 4.19 doesn't have that.

My hosts aren't listed at BOINCstats either and I am using CC 4.19


p.s.: I agree with Hans Dorn, a businessman would never risk to have a virus linked to his business in any way.

Profile Toby
Volunteer tester
Avatar
Send message
Joined: 26 Oct 00
Posts: 1005
Credit: 5,622,795
RAC: 0
United States
Message 240692 - Posted: 1 Feb 2006, 15:56:49 UTC

I don't know where you all are getting this "13 hosts" from but it is not correct. 13 hosts could not produce that kind of RAC. Look at the top computers page. The biggest, baddest, fastest, most optimized host currently working for seti has a RAC of under 4,000. 4,000 * 13 = 52,000 - not even close. And even "hidden" hosts show up on that page, they just don't list who the owner is.
____________
A member of The Knights Who Say NI!
For rankings, history graphs and more, check out:
My BOINC stats site

Daniel Schaalma
Volunteer tester
Avatar
Send message
Joined: 28 May 99
Posts: 297
Credit: 16,953,703
RAC: 0
United States
Message 240693 - Posted: 1 Feb 2006, 15:56:55 UTC - in response to Message 240687.

According to BOINCstats Carsten has got 13 hosts.<snip>
Regards,

Christoph


The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. HOST STATS

Again, this is all circumstantial "evidence" and Berkeley is investigating and will take appropriate action. It's sad that something like this ever happens because it does put BOINC/Seti in a bad light even if it's not any of their doing.


It could be too, that he has merged a great many of the hosts, and may even set the unsuspecting hosts to use his network as a proxy server to make it appear as though all hosts are coming from the same network. But, again, this is all speculation, and I will not rush to judgement as I do not have all the facts and evidence. UCB is investigating, and I will defer to their findings in this matter. I would find it hard to believe that a business executive would put so much at risk for what? the #2 position on the S@H leaderboard? I would find it easier to believe that a disgruntled employee or customer would do something like this. Since it is being investigated by UCB, we should all just relax and wait to see what happens.

Regards, Daniel.
____________

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 . . . 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?

Copyright © 2014 University of California