Do we have a Boinc virus?

Message boards : Number crunching : Do we have a Boinc virus?

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 . . . 27 · Next

Author	Message
Darth Dogbytes™ Volunteer tester Send message Joined: 30 Jul 03 Posts: 7512 Credit: 2,021,148 RAC: 0	Message 240507 - Posted: 1 Feb 2006, 0:22:23 UTC - in response to Message 240498.
	so lets all just wait and see what happens. Something will turn up. Exactly. ____________ Account frozen...
	ID: 240507 ·

Michael Buckingham Volunteer tester Send message Joined: 21 Aug 99 Posts: 4413 Credit: 2,663,817 RAC: 0	Message 240509 - Posted: 1 Feb 2006, 0:37:25 UTC
	I say terminate the account and let me have the credits. evil grin ____________ http://www.mikesbawx.org/photo/
	ID: 240509 ·

Jack Gulley Send message Joined: 4 Mar 03 Posts: 423 Credit: 526,566 RAC: 0	Message 240515 - Posted: 1 Feb 2006, 1:20:21 UTC
	If the account owner has done nothing and has nothing to hide, he would remove the "hidden" status of his systems. Then all could see how many he has. And he could point out the one or two that do not belong to him. I am sure as a major team leader he would notice a large number of systems reporting to his account if he did not own that many, and do something about it. (Not just start his own new team.) By tracking IP addresses of connections for this account, it would not be too hard to tell which belong to his location/ISP, and which are from infected systems. Only then will they know how wide spread the problem is.
	ID: 240515 ·

kevint Volunteer tester Send message Joined: 17 May 99 Posts: 414 Credit: 11,680,240 RAC: 0	Message 240552 - Posted: 1 Feb 2006, 2:52:46 UTC - in response to Message 240218.
	Very interesting ... quite an exploit ... :( I wonder if this would be a good canditate for: Total Credit => 0 ... If true - he should be a candidate for total credit =0 and all team credits he has generated so far - including team credits while he was crunching for Germany - No offense team Germany. As this unfolds it will be interesting for sure! ____________
	ID: 240552 ·

kevint Volunteer tester Send message Joined: 17 May 99 Posts: 414 Credit: 11,680,240 RAC: 0	Message 240555 - Posted: 1 Feb 2006, 3:08:48 UTC - in response to Message 240361.
	If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password? If someone did - Carsten would know about it - he would see his credit and notice that something is not right - wouldnt he then contact Berkley and try to find out what is going on ? ____________
	ID: 240555 ·

[SETI.USA] OneChicken Send message Joined: 3 Apr 04 Posts: 70 Credit: 906,887 RAC: 0	Message 240562 - Posted: 1 Feb 2006, 3:25:04 UTC - in response to Message 240555. Last modified: 1 Feb 2006, 3:26:05 UTC
	From Trux: I do not think it is the same case. This one seems to use different credentials and the classic client. I'd be interested though if it was investigated and the perpetrator persecuted. I mean this is a clearly criminal activity and should be followed up as such, regardless if the author did it in sake of "helping" the science, or just to improve his ranking (and his ego). And since it is not too dificult to track down the account owner, and verifying if it was him who launched the virus, I wonder if the responsible authorities were informed. I totally agree with Trux's statement. Whether he was installing SETI or trying to steal information from a computer, this is a criminal act and needs to be dealt with as one. At the very least, this alleged-virus-planting-user is guilty of knowing that this was going on and doing nothing about it. If my RAC started to rise like that and there were strange hosts on my list I would definitely notify someone @ Berkeley... ____________ Proud member of SETI.USA
	ID: 240562 ·

Webmaster Yoda Volunteer tester Send message Joined: 3 Apr 99 Posts: 52 Credit: 500,125 RAC: 0	Message 240564 - Posted: 1 Feb 2006, 3:35:49 UTC - in response to Message 240555. Last modified: 1 Feb 2006, 3:38:27 UTC
	All speculation... So here's a bit more. He claims he doesn't know how to write a virus and we have no proof that he can or has done so. Still, Google his name and observe the interests/skills someone with the same name appears to have. Proves nothing, but it's interesting. While from the project's point of view I guess these hosts are helping, if SETI is running on them without the owner's knowledge and consent (as appears to be the case with the initial report), it would be a violation of the rules, by the person who installed it or caused it to be installed. I'm sure BOINC/SETI would not want to be a knowing party to, or beneficiary of illegal/criminal activity, if that's what this turns out to be. At any rate, Matt says he's looking into it. Let's leave it to him and see what happens. Meanwhile, keep crunching, people! [edit] P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does. [/edit] ____________ * Join the #1 Aussie Alliance on SETI *
	ID: 240564 ·

Misfit Volunteer tester Send message Joined: 21 Jun 01 Posts: 21680 Credit: 2,443,662 RAC: 0	Message 240565 - Posted: 1 Feb 2006, 3:40:31 UTC - in response to Message 240361. Last modified: 1 Feb 2006, 3:44:59 UTC
	I just got off the phone with Rom Walton, one of the Berkeley Devs. He informed me that they (SSL/project devs) are aware of this situation, and that they are currently investigating it. It will be given their full attention. Like I said, Matt is one of the devs, and once I say his post, I knew that they were aware of the problem. It is good that they are actively looking into it. The Devs have phones? Your donations at work! ;)
	ID: 240565 ·

trux Volunteer tester Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0	Message 240567 - Posted: 1 Feb 2006, 3:55:47 UTC - in response to Message 240564.
	P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does. He definitely does - he changed the team from SETI Germany to his own one just few days ago. When doing it, you definitely have to pass through your account, where it is inavoidable that you see your RAC and your total credit. Well, now we can speculate that he has 1000 own hosts, and just this single and only stolen one - in that case you are certainly right - he would not notice the difference. However, I'd rather speculate the ratio is rather in the opposite way. Still only speculations. Hope we see the truth soon. ____________ trux BOINC software Freediving Team Czech Republic
	ID: 240567 ·

thepossum1 Send message Joined: 15 Apr 00 Posts: 106 Credit: 213,585 RAC: 0	Message 240580 - Posted: 1 Feb 2006, 4:38:11 UTC - in response to Message 240567.
	P.S. If someone else did this, Carsten would only know about it if he looked at his stats, which not everybody does. He definitely does - he changed the team from SETI Germany to his own one just few days ago. When doing it, you definitely have to pass through your account, where it is inavoidable that you see your RAC and your total credit. Well, now we can speculate that he has 1000 own hosts, and just this single and only stolen one - in that case you are certainly right - he would not notice the difference. However, I'd rather speculate the ratio is rather in the opposite way. Still only speculations. Hope we see the truth soon. Oh, I'd say he DEFINTELY is interested in stats and knows very well what his are. The following is from the forum on Seti.Germany's site: Autor Thread "schlechte Team-Statistik: deutsche Teams" Carsten_Giese BeitrÃ¤ge: 1 schlechte Team-Statistik: deutsche Teams (vom 12.01.2006 - 10:49:24) Mit Zitat antworten Hallo, SetiGermany-Admins, kann mir jemand die Frage beantworten, warum in Eurer Team-Statistik fÃ¼r die deutschen Teams nur die Teams angezeigt werden sollen, die mehr als 10 Mitglieder haben? Wir haben auf unseren Firmenservern nur einen Account, haben aber Ã¼ber 6 Millionen Credits im Laufe der Jahre angesammelt. Meiner Meinung nach sollte doch die Anzahl der Credits beim Ranking im Vordergrund stehen und das sollte in Eurer Statistik doch auch durch das Ranking "belohnt" werden. WÃ¤re schÃ¶n, wenn Ihr bei Euren Statistiken den Filter "mind. 10 Members" herausnehmen kÃ¶nntet, um auch kleinen und sehr erfolgreichen Teams eine Chance zu geben, bei Euch gelistet zu sein. Ansonsten entsteht doch m. E. der Eindruck, dass hier absichtlich mit Filtern "manipuliert" wird. GruÃŸ: Carsten Giese Deutsches Team "ESC-Consult" ____________
	ID: 240580 ·

Jon C Melusky Send message Joined: 13 Dec 00 Posts: 12 Credit: 529,029 RAC: 256	Message 240581 - Posted: 1 Feb 2006, 4:42:41 UTC - in response to Message 240427.
	He wrote he did not know how to write viruses. I wrote I'd be very interested in his opinion and explanation, since I assume he had to see the RAC increase. I am just afraid he won't answer anymore. I am temped to call him, but again, I am no official BOINC representant, and it is not my business to make any such investigation. Hmmmmm... I don't think anyone smart enough to put BOINC on other people's computers with a virus would leave any trace of their own ID number. But they could be smart in some ways and not in others. But I wonder if such a person would create it to benefit BOINC, but not realize that it hurts BOINC when this is found out eventually ? Or perhaps the person who benefits from the virus has Jonathan ____________
	ID: 240581 ·

Lazy@SETI.USA Send message Joined: 4 Sep 00 Posts: 14 Credit: 23,552,278 RAC: 0	Message 240583 - Posted: 1 Feb 2006, 4:55:28 UTC
	So far I have read a lot of speculation with no validation. There are a lot of great theories but nothing to really quantify any drastic measures. As earlier stated the best thing to do at this time would be to wait and see what the people at Berkeley come up with. It should be interesting. ____________ This is only a test...
	ID: 240583 ·

DrBob Volunteer tester Send message Joined: 27 Sep 99 Posts: 37 Credit: 2,555,444 RAC: 0	Message 240587 - Posted: 1 Feb 2006, 5:05:32 UTC - in response to Message 240583.
	So far I have read a lot of speculation with no validation. There are a lot of great theories but nothing to really quantify any drastic measures. As earlier stated the best thing to do at this time would be to wait and see what the people at Berkeley come up with. It should be interesting. I agree with you Lazy. ____________ Join team, SETI.USA
	ID: 240587 ·

Jon C Melusky Send message Joined: 13 Dec 00 Posts: 12 Credit: 529,029 RAC: 256	Message 240633 - Posted: 1 Feb 2006, 9:38:15 UTC - in response to Message 240444. Last modified: 1 Feb 2006, 9:59:44 UTC
	[quote] This thread is already no doubt being indexed by Google. Don't expect someone using the search words 'BOINC virus' to bother with the tiny detail of reading the text, a match will be enough to prove the case. If certain critical mass is reached, there will be 1000s of know-nothings reporting bad news, for every 1 who does know trying to tell the truth. The larger number wins FYI, "boinc virus" search with google brings up 69 results. But it only shows 11 as the others are repeats or too similar webpages according to google search parameters. Most of the 11 are from April 2005 or August 2004. This thread is not yet indexed by google. Hey now it is indexed ! Luckily I rechecked google just now and I am still in time to edit this post before the 60 minute time window closed editing. (^: Ok so google has 71 results now. Jonathan ____________
	ID: 240633 ·

Pepo Volunteer tester Send message Joined: 5 Aug 99 Posts: 308 Credit: 413,740 RAC: 0	Message 240670 - Posted: 1 Feb 2006, 13:55:54 UTC - in response to Message 240580.
	Oh, I'd say he DEFINTELY is interested in stats and knows very well what his are. The following is from the forum on Seti.Germany's site: Thread "schlechte Team-Statistik: deutsche Teams" (vom 12.01.2006 - 10:49:24) Wir haben auf unseren Firmenservern nur einen Account, haben aber Ã¼ber 6 Millionen Credits im Laufe der Jahre angesammelt.... GruÃŸ: Carsten Giese, Deutsches Team "ESC-Consult" (shortened) "On our company's servers we have only one account, but we collected over 6 million Credits during the year...." My question would be: do Carsten's computers use IPs mostly from some IP range (ideally belonging to ESC-Consult), or are they semi-randomly placed over the internet? Should not be a problem to check. Peter
	ID: 240670 ·

Gone thanks to mmciastro Send message Joined: 30 Jun 99 Posts: 51 Credit: 112,892 RAC: 0	Message 240675 - Posted: 1 Feb 2006, 14:20:33 UTC - in response to Message 240670.
	According to BOINCstats Carsten has got 13 hosts. So with an RAC of 120.000+ these have to be powerful machines at the upper range of what is available today. It would not make any sense to capture single machines unless they are very powerful too as slow PCs would not add to that RAC considerably. But such powerful machines tend to be administrated by very skilled persons who would get to the fraud in a minute. Replaced system files like the wupdmgr.exe would hardly go unheeded. This sounds all too fishy to be a case of fraud by the account owner himself. I would rather expect a single and very bad joke, which fits with the number of 13 hosts; there surely will not be half a dozen captured average PCs among them as the supposed culprit would then have to have 6 or 7 own machines getting an RAC of 20.000 each, whew! With that crunching power, who needs to cheat for keeps of some hundred or even one or two thousand RAC? Regards, Christoph ____________ "I know that you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I meant." R.M. Nixon
	ID: 240675 ·

thepossum1 Send message Joined: 15 Apr 00 Posts: 106 Credit: 213,585 RAC: 0	Message 240687 - Posted: 1 Feb 2006, 15:00:15 UTC - in response to Message 240675.
	According to BOINCstats Carsten has got 13 hosts.<snip> Regards, Christoph The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. HOST STATS Again, this is all circumstantial "evidence" and Berkeley is investigating and will take appropriate action. It's sad that something like this ever happens because it does put BOINC/Seti in a bad light even if it's not any of their doing. ____________
	ID: 240687 ·

Ananas Volunteer tester Send message Joined: 14 Dec 01 Posts: 192 Credit: 2,319,430 RAC: 0	Message 240689 - Posted: 1 Feb 2006, 15:10:48 UTC - in response to Message 240687. Last modified: 1 Feb 2006, 15:16:31 UTC
	The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. BOINC 4.19 maybe? I guess BOINCstats needs the cross project host ID, 4.19 doesn't have that. My hosts aren't listed at BOINCstats either and I am using CC 4.19 p.s.: I agree with Hans Dorn, a businessman would never risk to have a virus linked to his business in any way.
	ID: 240689 ·

Toby Volunteer tester Send message Joined: 26 Oct 00 Posts: 1001 Credit: 5,536,461 RAC: 0	Message 240692 - Posted: 1 Feb 2006, 15:56:49 UTC
	I don't know where you all are getting this "13 hosts" from but it is not correct. 13 hosts could not produce that kind of RAC. Look at the top computers page. The biggest, baddest, fastest, most optimized host currently working for seti has a RAC of under 4,000. 4,000 * 13 = 52,000 - not even close. And even "hidden" hosts show up on that page, they just don't list who the owner is. ____________ A member of The Knights Who Say NI! For rankings, history graphs and more, check out: My BOINC stats site
	ID: 240692 ·

Daniel Schaalma Volunteer tester Send message Joined: 28 May 99 Posts: 297 Credit: 16,953,703 RAC: 0	Message 240693 - Posted: 1 Feb 2006, 15:56:55 UTC - in response to Message 240687.
	According to BOINCstats Carsten has got 13 hosts.<snip> Regards, Christoph The list may say 13 hosts, but if you click through to host stats, there are zero hosts listed. HOST STATS Again, this is all circumstantial "evidence" and Berkeley is investigating and will take appropriate action. It's sad that something like this ever happens because it does put BOINC/Seti in a bad light even if it's not any of their doing. It could be too, that he has merged a great many of the hosts, and may even set the unsuspecting hosts to use his network as a proxy server to make it appear as though all hosts are coming from the same network. But, again, this is all speculation, and I will not rush to judgement as I do not have all the facts and evidence. UCB is investigating, and I will defer to their findings in this matter. I would find it hard to believe that a business executive would put so much at risk for what? the #2 position on the S@H leaderboard? I would find it easier to believe that a disgruntled employee or customer would do something like this. Since it is being investigated by UCB, we should all just relax and wait to see what happens. Regards, Daniel. ____________
	ID: 240693 ·

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 . . . 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?