Do we have a Boinc virus?

Message boards : Number crunching : Do we have a Boinc virus?
Message board moderation

To post messages, you must log in.

Previous · 1 . . . 10 · 11 · 12 · 13 · 14 · 15 · 16 . . . 27 · Next

AuthorMessage
1mp0£173
Volunteer tester

Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 242573 - Posted: 4 Feb 2006, 22:36:10 UTC - in response to Message 242464.  


I have a bad feeling about Carsten Giese, though. Can't be sure because of the lack of information.

We can't be sure because we don't know if Carsten is guilty of writing a trojan, or guilty of not being careful with his account keys.

It wouldn't be that much harder to write a trojan to collect account keys.

ID: 242573 · Report as offensive
Michael Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 21 Aug 99
Posts: 4608
Credit: 7,427,891
RAC: 18
United States
Message 242578 - Posted: 4 Feb 2006, 22:41:40 UTC - in response to Message 242573.  


I have a bad feeling about Carsten Giese, though. Can't be sure because of the lack of information.

We can't be sure because we don't know if Carsten is guilty of writing a trojan, or guilty of not being careful with his account keys.

It wouldn't be that much harder to write a trojan to collect account keys.


The part that is questionable to me would be; why would someone go to the trouble of writing a trojan that has a Seti payload and give credit to someone other than his/herself?

Of course Casrston knows what went on...and he may not have even wrote it, but he dang sure was in on it...





ID: 242578 · Report as offensive
[SG-SPEG]stefan78

Send message
Joined: 1 Aug 99
Posts: 19
Credit: 30,308
RAC: 0
Germany
Message 242582 - Posted: 4 Feb 2006, 22:46:02 UTC

think about following thought:

if i would like to increase my credits, am i willing to write a trojan or worm? No. But if i can, i also know that with a simple check everyone can find the account which is getting the results.....so it would be too easy to find me.

I do not think he is responsible for this worm as he would also know that someone will discover that the credits are going to a specific account.

It would be too apparent and every worm writer would like to keep his real identity confidental.
ID: 242582 · Report as offensive
Profile UBT - Halifax--lad
Volunteer tester
Avatar

Send message
Joined: 13 Dec 00
Posts: 433
Credit: 13,900
RAC: 0
United Kingdom
Message 242589 - Posted: 4 Feb 2006, 22:50:13 UTC - in response to Message 242582.  

think about following thought:

if i would like to increase my credits, am i willing to write a trojan or worm? No. But if i can, i also know that with a simple check everyone can find the account which is getting the results.....so it would be too easy to find me.

I do not think he is responsible for this worm as he would also know that someone will discover that the credits are going to a specific account.

It would be too apparent and every worm writer would like to keep his real identity confidental.


I tend to agree, a virus writer could of just done it to cause mayhem within SETI if that was the intention then it worked just look at this post.

Everyone has jumped to the conclusion it was written to increase credits when it could so easily of been something to start up a heated debate
Join us in Chat (see the forum) Click the Sig


Join UBT
ID: 242589 · Report as offensive
Odysseus
Volunteer tester
Avatar

Send message
Joined: 26 Jul 99
Posts: 1808
Credit: 6,701,347
RAC: 6
Canada
Message 242602 - Posted: 4 Feb 2006, 22:57:18 UTC - in response to Message 242578.  

The part that is questionable to me would be; why would someone go to the trouble of writing a trojan that has a Seti payload and give credit to someone other than his/herself?


To make that person or team look like a cheater? Or perhaps a misguided attempt to do a favour? Or just to raise doubt and stir up controversy about the credit system in general, maybe picking high-ranking crunchers at random?

I don't claim any insight into the motivations of people who would do this kind of thing, but your question rests on the assumption that they would want or value cobblestones more than any other form of gratification the exploit may give them.


ID: 242602 · Report as offensive
Profile StokeyBob
Avatar

Send message
Joined: 31 Aug 03
Posts: 848
Credit: 2,218,691
RAC: 0
United States
Message 242604 - Posted: 4 Feb 2006, 22:57:23 UTC
Last modified: 4 Feb 2006, 22:58:55 UTC

Maybe he developed some sort of software, like to calculate your cat's correct weight and stuck something in the end user license agreement that you agree to run SETI for him.


Did anyone figure out for sure how he was doing it?

ID: 242604 · Report as offensive
1mp0£173
Volunteer tester

Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 242606 - Posted: 4 Feb 2006, 22:59:31 UTC - in response to Message 242589.  

think about following thought:

if i would like to increase my credits, am i willing to write a trojan or worm? No. But if i can, i also know that with a simple check everyone can find the account which is getting the results.....so it would be too easy to find me.

I do not think he is responsible for this worm as he would also know that someone will discover that the credits are going to a specific account.

It would be too apparent and every worm writer would like to keep his real identity confidental.


I tend to agree, a virus writer could of just done it to cause mayhem within SETI if that was the intention then it worked just look at this post.

Everyone has jumped to the conclusion it was written to increase credits when it could so easily of been something to start up a heated debate

Or maybe he's just interested in the Science, and doesn't care about credits.
ID: 242606 · Report as offensive
[SG-SPEG]stefan78

Send message
Joined: 1 Aug 99
Posts: 19
Credit: 30,308
RAC: 0
Germany
Message 242627 - Posted: 4 Feb 2006, 23:25:08 UTC

i am pretty sure that someone would like to discredit high RAC users.....that could be the intention to write such a worm. Every experienced user of BOINC would know that the increase in total credits and RAC would be too obvious.

Today it is CG, tomorrow it could be another distinguished user....so please be fair in forming an opinion about this case.....i believe, 99,999999 percent of the users of BOINC are trustworthy. The most apparent adjudgment could not be the correct one, i think.




ID: 242627 · Report as offensive
Jack Gulley

Send message
Joined: 4 Mar 03
Posts: 423
Credit: 526,566
RAC: 0
United States
Message 242629 - Posted: 4 Feb 2006, 23:27:01 UTC

It could even be a simple case of someone willing to "reward" others for setting up systems to crunch for their account or team. And the "rewards" were enough to entice a virus writer.
ID: 242629 · Report as offensive
Zap de Ridder
Volunteer tester

Send message
Joined: 9 Jan 00
Posts: 227
Credit: 1,468,844
RAC: 1
Netherlands
Message 242640 - Posted: 5 Feb 2006, 0:03:33 UTC

The smart thing about this whole sceme is having affected only those who where to ignorant to find out and finding there way to this forum. ;-) LOL
Exept for one ? No pun intended.
ID: 242640 · Report as offensive
Profile Sir Antony Magnus Project Donor
Avatar

Send message
Joined: 26 Dec 03
Posts: 66
Credit: 997,346
RAC: 1
United States
Message 242735 - Posted: 5 Feb 2006, 2:23:42 UTC

My 2 here

I was also a victim of a SETI Classic trojan virus attack back in the classic days, was back before I ever knew about or joined SETI. Truth is when I realized what had happened I was needless to say angered at the fact that it had happened in the first place. I am sure there will be plenty of other people coming forth with the same fury I had at the time it had happened. Funny thing is I considered myself a pretty computer savvy user at the time and had no idea how it got there, was running a firewall and AV. I think personally it was a worm/trojan, self installation mechanism payload perhaps.

I would hope that people with high credits will start to bring more scrutiny in the future. Kudos to the SETI folks for coming out in the open and warning peeps about this new development. Also ( Dont know if this is on the to do list) would like to recommend the possibility of submitting the samples to various Anti-Virus authorities so they can update their signatures and prevent this in the future.

Antony Magnus
Ni newly returned, not newly knighted! Ni
ID: 242735 · Report as offensive
Profile Fred G
Avatar

Send message
Joined: 17 May 99
Posts: 185
Credit: 24,109,481
RAC: 0
United States
Message 242765 - Posted: 5 Feb 2006, 3:37:10 UTC

One way to keep an eye on those that want to cheat or have their system taken over is for SETI to do away with the "Hide Computers" option. Making all computer available for viewing would allow problems to be seen before they get out of hand like this one. I've never understood why people want to hide their computers. No information other than the type of system, OS and WU's are available.

>Fred



http://www.teamstarfire.org/
ID: 242765 · Report as offensive
Profile trux
Volunteer tester
Avatar

Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 242771 - Posted: 5 Feb 2006, 3:51:41 UTC - in response to Message 242765.  

One way to keep an eye on those that want to cheat or have their system taken over is for SETI to do away with the "Hide Computers" option. Making all computer available for viewing would allow problems to be seen before they get out of hand like this one. I've never understood why people want to hide their computers. No information other than the type of system, OS and WU's are
I applaud this proposal. For the more paranoid, I'd allow hiding the OS version, but that's about all. There is indeed no reason to hide the hosts, unless you cheat in some way or install BOINC illegally on computers without permission.
trux
BOINC software
Freediving Team
Czech Republic
ID: 242771 · Report as offensive
Michael Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 21 Aug 99
Posts: 4608
Credit: 7,427,891
RAC: 18
United States
Message 242779 - Posted: 5 Feb 2006, 4:13:22 UTC - in response to Message 242771.  

One way to keep an eye on those that want to cheat or have their system taken over is for SETI to do away with the "Hide Computers" option. Making all computer available for viewing would allow problems to be seen before they get out of hand like this one. I've never understood why people want to hide their computers. No information other than the type of system, OS and WU's are
I applaud this proposal. For the more paranoid, I'd allow hiding the OS version, but that's about all. There is indeed no reason to hide the hosts, unless you cheat in some way or install BOINC illegally on computers without permission.


I don't even think you need to hide the OS version. If I don't know the IP of your machine, knowing what OS you have is moot.

ID: 242779 · Report as offensive
Profile trux
Volunteer tester
Avatar

Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 242784 - Posted: 5 Feb 2006, 4:17:03 UTC - in response to Message 242779.  
Last modified: 5 Feb 2006, 4:17:57 UTC

I don't even think you need to hide the OS version. If I don't know the IP of your machine, knowing what OS you have is moot.
Sure, I do not argue that. I am telling it should be the maximum to be allowed to hide - some people may be for example ashamed to be using Windows although claiming to be Unix gurus never touching a Windows box ;)

trux
BOINC software
Freediving Team
Czech Republic
ID: 242784 · Report as offensive
Michael Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 21 Aug 99
Posts: 4608
Credit: 7,427,891
RAC: 18
United States
Message 242785 - Posted: 5 Feb 2006, 4:19:46 UTC - in response to Message 242784.  
Last modified: 5 Feb 2006, 4:20:08 UTC

I don't even think you need to hide the OS version. If I don't know the IP of your machine, knowing what OS you have is moot.
Sure, I do not argue that. I am telling it should be the maximum to be allowed to hide - some people may be for example ashamed to be using Windows although claiming to be Unix gurus never touching a Windows box ;)


That's true. Although, my farm includes my wifes and sons computer...they run windows...my 3 machines are linux. I suspect alot of folks would do just what you say.



ID: 242785 · Report as offensive
Profile DrBob
Volunteer tester

Send message
Joined: 27 Sep 99
Posts: 37
Credit: 10,712,463
RAC: 0
United States
Message 242789 - Posted: 5 Feb 2006, 4:44:14 UTC

How would un-hiding someone’s computers help in telling if they are up to something fishy? If Carsten’s machines were not hidden it would have only shown him adding more systems to his ID, correct? No real information available to show who the machines actually belonged to.

I do not hide my machines as there is no sensitive information shown to be worried about. Others choose to hide theirs for whatever reason they might have; it’s just a personal choice. Just because someone’s machines are not viewable to you does not mean they are up to no good.

Am I missing something here?

ID: 242789 · Report as offensive
Michael Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 21 Aug 99
Posts: 4608
Credit: 7,427,891
RAC: 18
United States
Message 242792 - Posted: 5 Feb 2006, 4:55:25 UTC - in response to Message 242789.  

How would un-hiding someone’s computers help in telling if they are up to something fishy? If Carsten’s machines were not hidden it would have only shown him adding more systems to his ID, correct? No real information available to show who the machines actually belonged to.

I do not hide my machines as there is no sensitive information shown to be worried about. Others choose to hide theirs for whatever reason they might have; it’s just a personal choice. Just because someone’s machines are not viewable to you does not mean they are up to no good.

Am I missing something here?


I think the point was used to better help identify someone who may not be doing things on the up and up.

If someone was running over say, 300,000 RAC, and we look and we see that user has 2000 machines, I would say that account would be suspect...duh?

ID: 242792 · Report as offensive
Aurora Borealis
Volunteer tester
Avatar

Send message
Joined: 14 Jan 01
Posts: 3075
Credit: 5,631,463
RAC: 0
Canada
Message 242798 - Posted: 5 Feb 2006, 5:11:49 UTC

There may be another victim that may need to be looked at posted on the BOINC core client Board


Boinc V7.2.42
Win7 i5 3.33G 4GB, GTX470
ID: 242798 · Report as offensive
Profile BlkJack-21
Volunteer tester

Send message
Joined: 31 Aug 99
Posts: 108
Credit: 2,288,501
RAC: 0
United States
Message 242802 - Posted: 5 Feb 2006, 5:57:38 UTC - in response to Message 242771.  

I applaud this proposal. For the more paranoid, I'd allow hiding the OS version, but that's about all. There is indeed no reason to hide the hosts, unless you cheat in some way or install BOINC illegally on computers without permission.


I am very disppointed to see this kind of remark. To make this kind of generalization is not very responsible.

If an issue or irregularity occurs w/a user's account, the staff @ Berkeley can easily review the account's hosts, OS, etc. It is not our responsibility to monitor user's accounts..(we are contributing to science, right?!?!)

The purpose of "hidden" hosts is meant for privacy. If a user wishes not to share this kind of information with the public, they should be entitled to this choice.

The issues in this thread have become clouded, and "hidden" computers has nothing to do with a potential Boinc trojan/worm.

ID: 242802 · Report as offensive
Previous · 1 . . . 10 · 11 · 12 · 13 · 14 · 15 · 16 . . . 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.