Do we have a Boinc virus?

Message boards : Number crunching : Do we have a Boinc virus?

Previous · 1 . . . 13 · 14 · 15 · 16 · 17 · 18 · 19 . . . 27 · Next

Author	Message
trux Volunteer tester Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0	Message 243305 - Posted: 5 Feb 2006, 22:38:14 UTC - in response to Message 241820. Last modified: 5 Feb 2006, 22:41:35 UTC
	Just coming briefly to the original topic of this thread - the infection. Although it is not entirely clear how the alien BOINC installation gets into the computer, from what we heard I do not think that the common protection (AV/firewall) necessarily helps. Well, if you have no BOINC installed at all, then your firewall should screem at the next connection attempt, though since the BOINC client was masked as MS update service, less experienced users won't suspect it, and those who already use BOINC, will get cheated even more likely too. Unlike our colleague Halifax--lad, I do not think that it is the problem of the victims, because they did not protect themselves suffciently: Halifax--lad wrote: People who use the internet with no protection and open email that should just be trashed are stupid in my book. its time for people like that to wake up and realise they need systems in place to protect them Halifax--lad, I see you are using optimized client from Tetsuji, that you have downloaded as a binary, most likely from a 3rd party server (I think Tetsuji does not even offer it on his server, you can only find it at Marisan). AFAIK, it did not come with any warranty, privacy policy, terms of use, license or any agreement. Tetsuji Maverick Rai or Marisan.nl are more or less anonymous BOINC members - in case of problems you might have problems to call them for responsability. So how do you know that the binary you downloaded and installed does exactly what you expect and not something else? NOTE: please do not take me wrong - unlike you, I do know Tetsuji's version is OK, because I compiled it myself from his source code. All I want to tell, is that you are accusing others from ignorance and stupidity but in fact do not act differently. Any time you launch an application, you are in mercy of its author. It is quite well possible that the author of the BOINC Trojan or virus did it in very similar way (by offering some usefull program). Does it mean you consider yourself "stupid in your book" too? Well, even if you do (you may be right finally), I mean we have to fight against this abuse on all levels - many proposals were already presented in this thread (human interaction during host registration, unhiding hosts, disk and RAM checks, investigation of suspects, cooperating with AV companies,...). If we faild doing it, we well risk the future of the entire BOINC system. ____________ trux BOINC software Freediving Team Czech Republic
	ID: 243305 ·

Temujin Volunteer tester Send message Joined: 19 Oct 99 Posts: 292 Credit: 47,872,052 RAC: 0	Message 243332 - Posted: 5 Feb 2006, 22:58:06 UTC - in response to Message 243295.
	I cannot see how showing your hosts will help to prove/disprove suspect activity. Please read further below. It was already discussed and examples shown. ok I've found this If someone's computer gets RAC of 20,000, it is fishy. Maybe not impossible, but fishy, unless we have an explanation. If someone has 30,000 hosts, it is fishy - it is not easily imaginable that an individual could have or control such amount of computers. Not impossible, but fishy. If someone shows up with computers of 20 CPU's each it is fishy. Not impossible, but fishy,... If someones computer permanently claim unexplainable high credits, especially in projects with low quorum, then it is extremely fishy,... etc. etc. ok, i can understand where your coming from but I still don't see that removing the hide computers option will improve things. An account would presumably be initially investigated by fellow seti users because it has aquired a high RAC. With visible hosts, said investigators would look at the hosts and may decide theres something "fishy" and report it to Berkeley. With hidden hosts, said investigators may decide theres something "fishy" and report it to Berkeley. Same result in both cases, they both get refered to Berkeley. Why risk possibly losing a good number of users who may think they are being forced to reveal their computers when the don't want to all because one user with a very high RAC may be doing something "illicit" ____________
	ID: 243332 ·

MikeSW17 Volunteer tester Send message Joined: 3 Apr 99 Posts: 1603 Credit: 2,700,523 RAC: 0	Message 243354 - Posted: 6 Feb 2006, 0:08:22 UTC
	I'm just wondering how much longer before Godwin's Law kicks-in, it can't be far off... ____________
	ID: 243354 ·

Michael Buckingham Volunteer tester Send message Joined: 21 Aug 99 Posts: 4413 Credit: 2,663,817 RAC: 0	Message 243361 - Posted: 6 Feb 2006, 0:18:57 UTC - in response to Message 243290.
	I don't assume anyone is cheating simply because they hide their hosts. However, I have never understood why it was even needed as an option. I believe that trux has offered a solid proposal to end this debate. If you want to compete in the stats, you should not need to hide your hosts. Why even do something that could possibly look suspicious to others? If you do not wish to show what you are competing with (like showing your cards, I guess), then you should not be exposed in the stats (since that might infringe on your privacy as well). maybe I've misunderstood something. I cannot see how showing your hosts will help to prove/disprove suspect activity. We can't see their ip addresses. We can't see their hostnames. As far as I can tell, we can't see anything that would confirm such activity. All we can do now with hidden hosts and all we could do if hosts are visible would be to report a suspect user for the guys at Berkeley to investigate. Please tell me what I'm missing. Thats what I am trying to say. I think NEZ is suspect. 301,000 RAC is suspect. Who cares if he hides his machines or not. ____________ http://www.mikesbawx.org/photo/
	ID: 243361 ·

ML1 Volunteer tester Send message Joined: 25 Nov 01 Posts: 7212 Credit: 3,703,390 RAC: 728	Message 243365 - Posted: 6 Feb 2006, 0:24:13 UTC - in response to Message 243361. Last modified: 6 Feb 2006, 0:26:27 UTC
	Thats what I am trying to say. I think NEZ is suspect. 301,000 RAC is suspect. Who cares if he hides his machines or not. Whatever it is you're trying to say, you're not saying it very well! Can we drag this up from the bad old dark ages of The Inquisition and Witch Hunts? And can you credit Berkeley with at least a little good sense please...? The top leaders have been mentioned before and I can't believe that the devs have not got a little curiosity to take a look at the numbers. And I strongly agree with Jack G (for once). There are a number of very good and very honest reasons for why a participant might not want to reveal their machine types and OS types. Now poke out your own green envious eyes and get crunchin! Regards, Martin ____________ Mandriva Linux A user friendly OS! See new freedom Mageia2 The Future is what We make IT (GPLv3)
	ID: 243365 ·

Michael Buckingham Volunteer tester Send message Joined: 21 Aug 99 Posts: 4413 Credit: 2,663,817 RAC: 0	Message 243374 - Posted: 6 Feb 2006, 0:37:37 UTC - in response to Message 243365.
	Now poke out your own green envious eyes and get crunchin! Regards, Martin Nah, I am quite proud of my RAC. ____________ http://www.mikesbawx.org/photo/
	ID: 243374 ·

Michael Buckingham Volunteer tester Send message Joined: 21 Aug 99 Posts: 4413 Credit: 2,663,817 RAC: 0	Message 243375 - Posted: 6 Feb 2006, 0:39:11 UTC - in response to Message 243354.
	I'm just wondering how much longer before Godwin's Law kicks-in, it can't be far off... I'll bite...maybe we are the RAC Nazi's sent by Hitler? snicker ____________ http://www.mikesbawx.org/photo/
	ID: 243375 ·

Temujin Volunteer tester Send message Joined: 19 Oct 99 Posts: 292 Credit: 47,872,052 RAC: 0	Message 243381 - Posted: 6 Feb 2006, 0:53:16 UTC - in response to Message 243361.
	301,000 RAC is suspect. even with NEZ not showing his hosts its easy enough to find info about his seti RAC. Take a look at his listing on OcUK and boincstats ok he only started hitting hard from July last year but his returns have been constant. I would imagine that someone sneaking seti onto hundreds of CPUs using a trojan or however it was done would show a RAC that is constantly rising. Is see no reason to suspect anything at all. ____________
	ID: 243381 ·

Crunch3r Volunteer tester Send message Joined: 15 Apr 99 Posts: 1540 Credit: 3,302,157 RAC: 0	Message 243385 - Posted: 6 Feb 2006, 1:00:27 UTC - in response to Message 243381. Last modified: 6 Feb 2006, 1:03:11 UTC
	301,000 RAC is suspect. even with NEZ not showing his hosts its easy enough to find info about his seti RAC. Take a look at his listing on OcUK and boincstats ok he only started hitting hard from July last year but his returns have been constant. I would imagine that someone sneaking seti onto hundreds of CPUs using a trojan or however it was done would show a RAC that is constantly rising. Is see no reason to suspect anything at all. Hey guys, don't you think it's time to stop this whole witch hunt ? I think it's going way to far from now on. I don't know about NEZ but if Matt says he's ok why don't you just leave it that way ? ____________ Join BOINC United now! Auto eVB \| Autoversicherung
	ID: 243385 ·

Crunch3r Volunteer tester Send message Joined: 15 Apr 99 Posts: 1540 Credit: 3,302,157 RAC: 0	Message 243386 - Posted: 6 Feb 2006, 1:02:36 UTC - in response to Message 243385. Last modified: 6 Feb 2006, 1:03:36 UTC
	Sorry double post :( ____________ Join BOINC United now! Auto eVB \| Autoversicherung
	ID: 243386 ·

Lazy@SETI.USA Send message Joined: 4 Sep 00 Posts: 14 Credit: 23,552,278 RAC: 0	Message 243392 - Posted: 6 Feb 2006, 1:19:59 UTC
	We need to put our trust in the Gentleman at Berkeley. After all it is their project and they have the ability to tell what is going on with the users better than anyone. I feel it is time for this thread to die, This horse has been beaten enough... Lets have some fun and Crunch! ____________ This is only a test...
	ID: 243392 ·

Jack Gulley Send message Joined: 4 Mar 03 Posts: 423 Credit: 526,566 RAC: 0	Message 243405 - Posted: 6 Feb 2006, 2:03:22 UTC Last modified: 6 Feb 2006, 2:09:33 UTC
	And then there are those Anonymous owner machines like this one and and this one running Crunch3r application, doing two WU per hour and claiming around 60 Credits for each one, which seems a bit much. Or one claiming 50, and another claiming 50, and another claiming 58. All are Xeon processors that have what seem to be very high Floating Point and/or Integer benchmarks, even for an Xeon processor. (Wish I knew how to write the script to search and sort hostID by Floating Point benchmark, and later by Integer benchmark.) Now if they all belong to one or two "Anonymous" user or team, it might be time to start drying out the firewood for the next part of the hunt. I might even change my mind about hidden computers and at least want them linked to an account ID that shows the number or machines and hostID's.
	ID: 243405 ·

KB7RZF Volunteer tester Send message Joined: 15 Aug 99 Posts: 9427 Credit: 2,172,598 RAC: 2,686	Message 243408 - Posted: 6 Feb 2006, 2:18:53 UTC - in response to Message 243385.
	Hey guys, don't you think it's time to stop this whole witch hunt ? I think it's going way to far from now on. I don't know about NEZ but if Matt says he's ok why don't you just leave it that way ? Man, Im glad great minds think alike. I remember posting something a bit earlier in the thread saying the same thing. But it continues on and on and on, kinda like a broken record. This has turn into more of a "Lets point fingers here, lets point the fingers there". Can't we just let the folks at Berkeley deal with the situation at hand, quit trying to find others who everyone believes is "cheating" and go on with our crunching? ____________
	ID: 243408 ·

Michael Buckingham Volunteer tester Send message Joined: 21 Aug 99 Posts: 4413 Credit: 2,663,817 RAC: 0	Message 243411 - Posted: 6 Feb 2006, 2:21:05 UTC
	I just want to get my Pentium MMX 200Mhz to crunch something... mauahahahahaha ____________ http://www.mikesbawx.org/photo/
	ID: 243411 ·

John McLeod VII Volunteer developer Volunteer tester Send message Joined: 15 Jul 99 Posts: 22343 Credit: 440,201 RAC: 100	Message 243426 - Posted: 6 Feb 2006, 3:07:21 UTC - in response to Message 243411.
	I just want to get my Pentium MMX 200Mhz to crunch something... mauahahahahaha It needs 96Mb RAM (current) or 64Mb RAM (enhanced). ____________ BOINC WIKI
	ID: 243426 ·

Michael Buckingham Volunteer tester Send message Joined: 21 Aug 99 Posts: 4413 Credit: 2,663,817 RAC: 0	Message 243427 - Posted: 6 Feb 2006, 3:11:24 UTC - in response to Message 243426.
	I just want to get my Pentium MMX 200Mhz to crunch something... mauahahahahaha It needs 96Mb RAM (current) or 64Mb RAM (enhanced). Got 96mb. I keep trying to toss an optimized app at it...thinkI am going to have to stick with a standard app. I will let this cruinch for a few days and see what happens...she's crunching now. ____________ http://www.mikesbawx.org/photo/
	ID: 243427 ·

Scarecrow Send message Joined: 15 Jul 00 Posts: 4351 Credit: 416,922 RAC: 48	Message 243433 - Posted: 6 Feb 2006, 3:27:11 UTC - in response to Message 243427.
	I just want to get my Pentium MMX 200Mhz to crunch something... mauahahahahaha It needs 96Mb RAM (current) or 64Mb RAM (enhanced). Got 96mb. I keep trying to toss an optimized app at it...thinkI am going to have to stick with a standard app. I will let this cruinch for a few days and see what happens...she's crunching now. Get this guy's recipe... last few units have gone so fast they can't be clocked. ;)
	ID: 243433 ·

John McLeod VII Volunteer developer Volunteer tester Send message Joined: 15 Jul 99 Posts: 22343 Credit: 440,201 RAC: 100	Message 243441 - Posted: 6 Feb 2006, 3:50:36 UTC - in response to Message 243433.
	I just want to get my Pentium MMX 200Mhz to crunch something... mauahahahahaha It needs 96Mb RAM (current) or 64Mb RAM (enhanced). Got 96mb. I keep trying to toss an optimized app at it...thinkI am going to have to stick with a standard app. I will let this cruinch for a few days and see what happens...she's crunching now. Get this guy's recipe... last few units have gone so fast they can't be clocked. ;) What? use a development version that was never released (4.68) that has a known bug where it sometimes reports 0 seconds of CPU time even after hours of processing? Not exactly bright. ____________ BOINC WIKI
	ID: 243441 ·

Misfit Volunteer tester Send message Joined: 21 Jun 01 Posts: 21680 Credit: 2,443,662 RAC: 0	Message 243463 - Posted: 6 Feb 2006, 4:49:31 UTC - in response to Message 243441.
	Get this guy's recipe... last few units have gone so fast they can't be clocked. ;) What? use a development version that was never released (4.68) that has a known bug where it sometimes reports 0 seconds of CPU time even after hours of processing? Not exactly bright. Wasn't one of Trux's old optimized clients based on 4.68?
	ID: 243463 ·

Ageless Send message Joined: 9 Jun 99 Posts: 11766 Credit: 2,077,018 RAC: 2,347	Message 243502 - Posted: 6 Feb 2006, 7:40:24 UTC - in response to Message 243433.
	Get this guy's recipe... last few units have gone so fast they can't be clocked. ;) I like his CPU: CPU type i386 Intel(R) Pentium(R) 4 CPU 2.80GHz Intel keeps amazing me. ____________ Jord - BOINC FAQ Service - BOINC User Wiki Real is just a matter of perception.
	ID: 243502 ·

Previous · 1 . . . 13 · 14 · 15 · 16 · 17 · 18 · 19 . . . 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?