Do we have a Boinc virus?


log in

Advanced search

Message boards : Number crunching : Do we have a Boinc virus?

Previous · 1 . . . 7 · 8 · 9 · 10 · 11 · 12 · 13 . . . 27 · Next
Author Message
KB7RZF
Volunteer tester
Avatar
Send message
Joined: 15 Aug 99
Posts: 9463
Credit: 3,038,774
RAC: 1,977
United States
Message 241796 - Posted: 3 Feb 2006, 23:38:36 UTC - in response to Message 241593.

As Matt has stated here:


Second, I'm in contact with him. For the sake of privacy I'd rather not go into detail, but all is well, or will be well.

- Matt


Lets let the people who have to worry about it, worry about it? Why continue? I'm sure eventually things will be cleared up, and Matt or one of the over guys will give what little bit of info they are allowed to release and let us know.

Jeremy
____________

Profile BlkJack-21
Volunteer tester
Send message
Joined: 31 Aug 99
Posts: 108
Credit: 2,288,501
RAC: 0
United States
Message 241812 - Posted: 3 Feb 2006, 23:49:56 UTC
Last modified: 3 Feb 2006, 23:52:23 UTC

I,(and indeed others), have been watching this thread closely. I appreciate the fact that action has been initated to deal with this sensitive issue.

I do believe that the area of greatest concern is the fact that members of our team, myself, and the Seti Community equate our value of participation to this project by the current credit/reward system. Many of our members have invested considerable amount of time and money to Seti. Understood that this is completely voluntary. But that value of credit/reward system is how we "place" our contributions. It is apparent that "the punisment must equal the crime."

If this member in question is indeed guilty, and the punisment is considered to be too leanient, the value of the current reward system will be diminished. This, I believe is what is upsetting most people that are monitoring this.
____________

Jim
Avatar
Send message
Joined: 28 Jan 00
Posts: 614
Credit: 2,031,206
RAC: 0
United States
Message 241818 - Posted: 3 Feb 2006, 23:57:10 UTC - in response to Message 241783.

You can try but you wouldn't succeed I'm not as stupid as other people on the net with no protection
Please choose your words carefully. Ignorance does NOT mean stupidity. Simply because you are well informed does not mean that the less informed are stupid. This is a miopic and intolerant perspective.

I'll invite you to my place of work and we'll see how "stupid" you are simply because you are ignorant to the daily processes and lack some of the skills required to be considered to be competent. Better yet, let's call your Mom and Dad and other family or friends "stupid" if they get a virus or don't know as much as you do. It wouldn't go over well with you I imagine. The pilot that flies the plane on your next trip might fall victim to malware but you would be the one that would certainly look damned "stupid" trying to begin, much less complete, the checklist required to even begin to fire up the engines.

To quote the great Will Rogers: "Good judgement comes from experience and it comes from a lot of bad judgement."

____________

Without love, breath is just a clock ... ticking.
Equilibrium

Profile UBT - Halifax--lad
Volunteer tester
Avatar
Send message
Joined: 13 Dec 00
Posts: 433
Credit: 13,900
RAC: 0
United Kingdom
Message 241820 - Posted: 3 Feb 2006, 23:59:30 UTC

People who use the internet with no protection and open email that should just be trashed are stupid in my book.

its time for people like that to wake up and realise they need systems in place to protect them
____________
Join us in Chat (see the forum) Click the Sig


Join UBT

Zap de Ridder
Volunteer tester
Send message
Joined: 9 Jan 00
Posts: 226
Credit: 812,336
RAC: 187
Netherlands
Message 241825 - Posted: 4 Feb 2006, 0:10:07 UTC - in response to Message 241796.

As Matt has stated here:


Second, I'm in contact with him. For the sake of privacy I'd rather not go into detail, but all is well, or will be well.

- Matt


Lets let the people who have to worry about it, worry about it? Why continue? I'm sure eventually things will be cleared up, and Matt or one of the over guys will give what little bit of info they are allowed to release and let us know.

Jeremy


Wright,was just thinking that.

Profile Geek@Play
Volunteer tester
Avatar
Send message
Joined: 31 Jul 01
Posts: 2463
Credit: 85,121,401
RAC: 12,224
United States
Message 241838 - Posted: 4 Feb 2006, 0:19:54 UTC

I agree it's about the Science and not the credits, however, in reality it's competition that motivates the majority of our crunchers. Taking away the competition by allowing cheaters to continue will ruin SETI. Either they will go to another DC project or they will start cheating also. Regardless the fact that the science is getting done it has to be stopped here and now.

>Fred


I agree with Fred.

My main concern in this matter is the integrity of the Boinc credit system. If a few users are allowed to abuse the system as they did in Classic then ALL the Boinc/Seti credits become suspect and thus meaningless. Since this is the first instance of a possible abuser then he needs to be made an example of to discourage the practice.

When Nez started rocketing up the charts there was some concern expressed on the boards. He was checked out and even posted several times to clear up the problem. Turns out there was no problem. He has properly earned his number 1 ranking.

If Carsten Giese would come online and explain how hijacking other peoples computers for his gain is ok, well I'm willing to listen, or read. Where is he?




____________
Boinc....Boinc....Boinc....Boinc....

Jim
Avatar
Send message
Joined: 28 Jan 00
Posts: 614
Credit: 2,031,206
RAC: 0
United States
Message 241858 - Posted: 4 Feb 2006, 0:43:41 UTC - in response to Message 241838.

If Carsten Giese would come online and explain how hijacking other peoples computers for his gain is ok, well I'm willing to listen, or read. Where is he?
Guilty men murmur - the innocent shout to the rafters.

____________

Without love, breath is just a clock ... ticking.
Equilibrium

kevint
Volunteer tester
Send message
Joined: 17 May 99
Posts: 414
Credit: 11,680,240
RAC: 0
United States
Message 241882 - Posted: 4 Feb 2006, 0:59:08 UTC - in response to Message 241599.

First off, notice how the recent average credit on this guy is decreasing?
No, unfortunately not at all :( Still about the same:

http://setiathome.berkeley.edu/show_user.php?userid=95866



Agreed, it has gone from 113K RAC to just over 124K RAC in just a day or two.

He needs to have his account SHUT DOWN!

____________

kevint
Volunteer tester
Send message
Joined: 17 May 99
Posts: 414
Credit: 11,680,240
RAC: 0
United States
Message 241894 - Posted: 4 Feb 2006, 1:05:00 UTC - in response to Message 241783.

Distributed computing is all about Science not credits so so long as these results are crunching science I don't see it as a problem.

In other words, it's perfectly okay if I hijack your computer to do my work.


You can try but you wouldn't succeed I'm not as stupid as other people on the net with no protection



I don't think that was the point -
____________

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8270
Credit: 4,072,496
RAC: 374
United Kingdom
Message 241941 - Posted: 4 Feb 2006, 2:12:31 UTC - in response to Message 241820.
Last modified: 4 Feb 2006, 2:13:15 UTC

People who use the internet with no protection and open email that should just be trashed are stupid in my book.

its time for people like that to wake up and realise they need systems in place to protect them

So everyone must move over to Linux now?...

Sorry but people do have a choice whether or not that choice is well informed or blind stupidity.

Should not the real question be about whether 'stupid' people should be exploited?

Happy hacking,
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Fuzzy Hollynoodles
Volunteer tester
Avatar
Send message
Joined: 3 Apr 99
Posts: 9659
Credit: 251,998
RAC: 0
Message 241956 - Posted: 4 Feb 2006, 2:46:25 UTC

Could we stick to the original subject of this thread, please? Keeping the personal comments and flames out of here, please?

I have followed this thread closely also, as I think this is serious. I don't think it's Ok to use ignorant people's computers to crunch, as people should be allowed to decide for themselves, which programs they want to run. So even the crunching is for "the science", I don't care.

And we have stated here all the time, that the credit system is almost cheating free, so if a person is able to make people's computers crunch for him/her, without the knowledge of the owners, and with this increase his/her credit, it's serious in my oppinion.

But let's let the dev team here investigate and conclude, and if they find something suspect, which can bring the project in discredit, it should be punished. And I'm sure they will give a satisfactory punishment.


____________

"I'm trying to maintain a shred of dignity in this world." - Me

1mp0£173
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 241966 - Posted: 4 Feb 2006, 3:14:22 UTC - in response to Message 241941.

Should not the real question be about whether 'stupid' people should be exploited?

Seems to me that "Is there ever a time when it's okay to exploit a vulnerability?" is the real question.

The fact that some systems and some users are more or less vulnerable doesn't really change the question.

____________

Profile trux
Volunteer tester
Avatar
Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 241979 - Posted: 4 Feb 2006, 3:28:36 UTC - in response to Message 241956.
Last modified: 4 Feb 2006, 3:30:16 UTC

Could we stick to the original subject of this thread, please?
Yup, I am afraid that in the personal flame wars and troll feeding, the most important information got lost. So for example I am afraid that Rom or Matt long time ago lost the patience to read the posts here because of their empty content, and quite likely lost the important information from Synister1 who claimed further below that his own account was hijacked by someone! Unfortunately he was probably scared away by the flame wars too, and did not post the additional information we asked him, so we do not know if his account was hijacked by Carsten Giese, or if we have another abuser here, or if it might have been just his own error.

If someone of you have direct contact to Rom or Matt, please make sure that they know about the second case. But please post here before contacting them to avoid multiple people mailing and phoning them, like the last time. Their time is precious.
____________
trux
BOINC software
Freediving Team
Czech Republic

Profile Fuzzy Hollynoodles
Volunteer tester
Avatar
Send message
Joined: 3 Apr 99
Posts: 9659
Credit: 251,998
RAC: 0
Message 241987 - Posted: 4 Feb 2006, 3:40:22 UTC - in response to Message 241979.



... and quite likely lost the important information from Synister1 who claimed further below that his own account was hijacked by someone!

...

If someone of you have direct contact to Rom or Matt, please make sure that they know about the second case. But please post here before contacting them to avoid multiple people mailing and phoning them, like the last time. Their time is precious.


I've mailed your post and a link to Synister1's postlist to them.



____________
"I'm trying to maintain a shred of dignity in this world." - Me

Profile trux
Volunteer tester
Avatar
Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 242000 - Posted: 4 Feb 2006, 3:56:08 UTC
Last modified: 4 Feb 2006, 4:07:06 UTC

I was just rereading the original post, and Sinister1 was unfortunately completely unclear about what exactly happened with his BOINC installation.

He tells:

It will verride your current install of boinc. I lost a few months of processing. One day I go look at boinc to find it was processing for another account.
I find strange that he did not see it during several months. Actually, to me it sounds more likely that he had his standard installation in C:\\Program Files and concurrently Giese's Trojan installation ran from system32\\ - it is quite well possible to run multiple installations concurrently, and they then share the CPU time. In such case it would be more likely not to find it out too soon, unless you know exactly how high RAC you should have with your CPU. However, from Sinister1's quote it looks that the intruder hijacked his own installation - that was then certainly not the same mechanism as in the first case (although it can still be done with the same program or script).

I think it is time to put a warning on the main page of all projects asking Windows users to check their system32 dir for the presence of BOINC xml files and project subdirectories. [EDIT] Actually searching all drives for some typical boinc files (like client_state.xml) would be much better - we have no guarantee that it is always in the same location.[/EDIT] Or maybe even much simpler - adding a checker into the S@H application that would warn in case of multiple running BOINC instances, would be much better.

I will personally put such checker into my BOINC client, but that will cover just couple of users. It is much more important that if it is forced to all users with the standard official S@H applications - those who do not watch this forum, and do not use any optimized clients or applications.

____________
trux
BOINC software
Freediving Team
Czech Republic

Profile trux
Volunteer tester
Avatar
Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 242004 - Posted: 4 Feb 2006, 4:05:05 UTC - in response to Message 242000.
Last modified: 4 Feb 2006, 4:06:45 UTC

sorry, double post. Removed
____________
trux
BOINC software
Freediving Team
Czech Republic

Profile Ageless
Avatar
Send message
Joined: 9 Jun 99
Posts: 12259
Credit: 2,553,709
RAC: 770
Netherlands
Message 242005 - Posted: 4 Feb 2006, 4:12:06 UTC - in response to Message 242000.

I was just rereading the original post, and Sinister1 was unfortunately completely unclear about what exactly happened with his BOINC installation.

He tells:
It will verride your current install of boinc. I lost a few months of processing. One day I go look at boinc to find it was processing for another account.
I find strange that he did not see it during several months.

He's got his computers hidden, yet with a RAC of over 760, it'll probably be more than one computer. Since we're advocating that Seti now is as much "Start and forget" as Classic was, why is this so strange?

You've got 20 computers at least. Do you check them every week?
You may and they will probably all run Crunch3r apps. Not everyone is and does.

I think it is time to put a warning on the main page of all projects asking Windows users to check their system32 dir for the presence of BOINC xml files and project subdirectories. Or maybe even much simpler - adding a simple checker into the S@H application.

Better let an email go out. Seeing still how many people can find a button in Boinc Manager to post on the forums (here and Q&A), but never think to look on the front page, makes me worried.
____________
Jord

Fighting for the correct use of the apostrophe, together with Weird Al Yankovic

Profile trux
Volunteer tester
Avatar
Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 242009 - Posted: 4 Feb 2006, 4:21:59 UTC - in response to Message 242005.
Last modified: 4 Feb 2006, 4:35:44 UTC

He's got his computers hidden, yet with a RAC of over 760, it'll probably be more than one computer. Since we're advocating that Seti now is as much "Start and forget" as Classic was, why is this so strange?
Please do not start another flamewar because of absolutely uninportant and irrelevant issues. This thread is already long enough, so please try resisting your temptation to start arguing because of any ridiculous detail. The guy apparently reads the forum (7 posts is not few for a guy who installs and forgets), so I guess he checks the stats or his account sometimes too. RAC 760 can be easily from a single machine - we know nothing untill he tells us more. But as I tell, it is absolutely secondary.

Better let an email go out.
Better all together - web, email, popup message in Boinc manager, dupe checker in project applications,...

____________
trux
BOINC software
Freediving Team
Czech Republic

Profile Ageless
Avatar
Send message
Joined: 9 Jun 99
Posts: 12259
Credit: 2,553,709
RAC: 770
Netherlands
Message 242020 - Posted: 4 Feb 2006, 4:53:27 UTC - in response to Message 242009.
Last modified: 4 Feb 2006, 5:24:34 UTC

He's got his computers hidden, yet with a RAC of over 760, it'll probably be more than one computer. Since we're advocating that Seti now is as much "Start and forget" as Classic was, why is this so strange?
Please do not start another flamewar because of absolutely uninportant and irrelevant issues. This thread is already long enough, so please try resisting your temptation to start arguing because of any ridiculous detail.

Uhm, why don't you read what I wrote? I wasn't starting any flamewar, but for in your opinion. All I said was in a reply to your post that Synister1 may not look at his computers as much as you do. Now where is the flame in that?

Or do you feel attacked all of a sudden? You may want to calm down a bit. It's still open forums here, I was only asking a question.

The guy apparently reads the forum (7 posts is not few for a guy who installs and forgets), so I guess he checks the stats or his account sometimes too. RAC 760 can be easily from a single machine - we know nothing untill he tells us more. But as I tell, it is absolutely secondary.

"The guy" has a nickname. We don't know if it is a guy or a gall.
He or she is also crunching Rosetta@Home. Do you still want to stick to a single machine with a RAC of 760?

Anyway, why is it so strange to not look at a computer for several months? Classic never gave you the intention, as it would "crunch in the background". So some people have luckily adapted that view for Boinc.

"Don't Micromanage!" is a thing you can read all around the forums. Here's one person who doesn't micromanage and then all of a sudden you think it's strange.

Sorry, Trux, but I cannot follow your state of mind. :)
(Still no flame)
____________
Jord

Fighting for the correct use of the apostrophe, together with Weird Al Yankovic

Profile Mark Artuso
Send message
Joined: 29 May 99
Posts: 66
Credit: 665,515
RAC: 0
United States
Message 242056 - Posted: 4 Feb 2006, 5:39:18 UTC - in response to Message 242020.
Last modified: 4 Feb 2006, 5:40:35 UTC

Do you still want to stick to a single machine with a RAC of 760?


That seems pretty easy to do, no?

____________

SETI.USA - Uniting the United States stats!

Previous · 1 . . . 7 · 8 · 9 · 10 · 11 · 12 · 13 . . . 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?

Copyright © 2014 University of California