Do we have a Boinc virus?


log in

Advanced search

Message boards : Number crunching : Do we have a Boinc virus?

Previous · 1 . . . 13 · 14 · 15 · 16 · 17 · 18 · 19 . . . 27 · Next
Author Message
Profile trux
Volunteer tester
Avatar
Send message
Joined: 6 Feb 01
Posts: 344
Credit: 1,127,051
RAC: 0
Czech Republic
Message 243305 - Posted: 5 Feb 2006, 22:38:14 UTC - in response to Message 241820.
Last modified: 5 Feb 2006, 22:41:35 UTC

Just coming briefly to the original topic of this thread - the infection. Although it is not entirely clear how the alien BOINC installation gets into the computer, from what we heard I do not think that the common protection (AV/firewall) necessarily helps. Well, if you have no BOINC installed at all, then your firewall should screem at the next connection attempt, though since the BOINC client was masked as MS update service, less experienced users won't suspect it, and those who already use BOINC, will get cheated even more likely too.

Unlike our colleague Halifax--lad, I do not think that it is the problem of the victims, because they did not protect themselves suffciently:

Halifax--lad wrote:

People who use the internet with no protection and open email that should just be trashed are stupid in my book.
its time for people like that to wake up and realise they need systems in place to protect them
Halifax--lad, I see you are using optimized client from Tetsuji, that you have downloaded as a binary, most likely from a 3rd party server (I think Tetsuji does not even offer it on his server, you can only find it at Marisan). AFAIK, it did not come with any warranty, privacy policy, terms of use, license or any agreement. Tetsuji Maverick Rai or Marisan.nl are more or less anonymous BOINC members - in case of problems you might have problems to call them for responsability. So how do you know that the binary you downloaded and installed does exactly what you expect and not something else? NOTE: please do not take me wrong - unlike you, I do know Tetsuji's version is OK, because I compiled it myself from his source code. All I want to tell, is that you are accusing others from ignorance and stupidity but in fact do not act differently. Any time you launch an application, you are in mercy of its author. It is quite well possible that the author of the BOINC Trojan or virus did it in very similar way (by offering some usefull program). Does it mean you consider yourself "stupid in your book" too? Well, even if you do (you may be right finally), I mean we have to fight against this abuse on all levels - many proposals were already presented in this thread (human interaction during host registration, unhiding hosts, disk and RAM checks, investigation of suspects, cooperating with AV companies,...). If we faild doing it, we well risk the future of the entire BOINC system.

____________
trux
BOINC software
Freediving Team
Czech Republic

Temujin
Volunteer tester
Send message
Joined: 19 Oct 99
Posts: 292
Credit: 47,872,052
RAC: 0
United Kingdom
Message 243332 - Posted: 5 Feb 2006, 22:58:06 UTC - in response to Message 243295.

I cannot see how showing your hosts will help to prove/disprove suspect activity.
Please read further below. It was already discussed and examples shown.

ok I've found this

If someone's computer gets RAC of 20,000, it is fishy. Maybe not impossible, but fishy, unless we have an explanation. If someone has 30,000 hosts, it is fishy - it is not easily imaginable that an individual could have or control such amount of computers. Not impossible, but fishy. If someone shows up with computers of 20 CPU's each it is fishy. Not impossible, but fishy,... If someones computer permanently claim unexplainable high credits, especially in projects with low quorum, then it is extremely fishy,... etc. etc.

ok, i can understand where your coming from but I still don't see that removing the hide computers option will improve things.

An account would presumably be initially investigated by fellow seti users because it has aquired a high RAC.
With visible hosts, said investigators would look at the hosts and may decide theres something "fishy" and report it to Berkeley.
With hidden hosts, said investigators may decide theres something "fishy" and report it to Berkeley.

Same result in both cases, they both get refered to Berkeley.

Why risk possibly losing a good number of users who may think they are being forced to reveal their computers when the don't want to all because one user with a very high RAC may be doing something "illicit"





____________

Profile MikeSW17
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 1603
Credit: 2,700,523
RAC: 0
United Kingdom
Message 243354 - Posted: 6 Feb 2006, 0:08:22 UTC

I'm just wondering how much longer before Godwin's Law kicks-in, it can't be far off...


____________

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 243361 - Posted: 6 Feb 2006, 0:18:57 UTC - in response to Message 243290.


I don't assume anyone is cheating simply because they hide their hosts. However, I have never understood why it was even needed as an option. I believe that trux has offered a solid proposal to end this debate. If you want to compete in the stats, you should not need to hide your hosts. Why even do something that could possibly look suspicious to others? If you do not wish to show what you are competing with (like showing your cards, I guess), then you should not be exposed in the stats (since that might infringe on your privacy as well).

maybe I've misunderstood something.
I cannot see how showing your hosts will help to prove/disprove suspect activity.
We can't see their ip addresses.
We can't see their hostnames.
As far as I can tell, we can't see anything that would confirm such activity.

All we can do now with hidden hosts and all we could do if hosts are visible would be to report a suspect user for the guys at Berkeley to investigate.

Please tell me what I'm missing.


Thats what I am trying to say. I think NEZ is suspect.

301,000 RAC is suspect. Who cares if he hides his machines or not.

____________


http://www.mikesbawx.org/photo/

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8263
Credit: 4,070,731
RAC: 392
United Kingdom
Message 243365 - Posted: 6 Feb 2006, 0:24:13 UTC - in response to Message 243361.
Last modified: 6 Feb 2006, 0:26:27 UTC

Thats what I am trying to say. I think NEZ is suspect.

301,000 RAC is suspect. Who cares if he hides his machines or not.

Whatever it is you're trying to say, you're not saying it very well!

Can we drag this up from the bad old dark ages of The Inquisition and Witch Hunts?

And can you credit Berkeley with at least a little good sense please...?


The top leaders have been mentioned before and I can't believe that the devs have not got a little curiosity to take a look at the numbers.

And I strongly agree with Jack G (for once). There are a number of very good and very honest reasons for why a participant might not want to reveal their machine types and OS types.

Now poke out your own green envious eyes and get crunchin!

Regards,
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 243374 - Posted: 6 Feb 2006, 0:37:37 UTC - in response to Message 243365.



Now poke out your own green envious eyes and get crunchin!

Regards,
Martin


Nah, I am quite proud of my RAC.

____________


http://www.mikesbawx.org/photo/

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 243375 - Posted: 6 Feb 2006, 0:39:11 UTC - in response to Message 243354.

I'm just wondering how much longer before Godwin's Law kicks-in, it can't be far off...



I'll bite...maybe we are the RAC Nazi's sent by Hitler?

*snicker*

____________


http://www.mikesbawx.org/photo/

Temujin
Volunteer tester
Send message
Joined: 19 Oct 99
Posts: 292
Credit: 47,872,052
RAC: 0
United Kingdom
Message 243381 - Posted: 6 Feb 2006, 0:53:16 UTC - in response to Message 243361.


301,000 RAC is suspect.

even with NEZ not showing his hosts its easy enough to find info about his seti RAC.
Take a look at his listing on OcUK and boincstats
ok he only started hitting hard from July last year but his returns have been constant.
I would imagine that someone sneaking seti onto hundreds of CPUs using a trojan or however it was done would show a RAC that is constantly rising.

Is see no reason to suspect anything at all.

____________

Profile Crunch3r
Volunteer tester
Avatar
Send message
Joined: 15 Apr 99
Posts: 1540
Credit: 3,314,460
RAC: 0
Germany
Message 243385 - Posted: 6 Feb 2006, 1:00:27 UTC - in response to Message 243381.
Last modified: 6 Feb 2006, 1:03:11 UTC


301,000 RAC is suspect.

even with NEZ not showing his hosts its easy enough to find info about his seti RAC.
Take a look at his listing on OcUK and boincstats
ok he only started hitting hard from July last year but his returns have been constant.
I would imagine that someone sneaking seti onto hundreds of CPUs using a trojan or however it was done would show a RAC that is constantly rising.

Is see no reason to suspect anything at all.



Hey guys,

don't you think it's time to stop this whole witch hunt ?
I think it's going way to far from now on.

I don't know about NEZ but if Matt says he's ok why don't you just leave it that way ?



____________

Join BOINC United now!
Auto eVB | Autoversicherung

Profile Crunch3r
Volunteer tester
Avatar
Send message
Joined: 15 Apr 99
Posts: 1540
Credit: 3,314,460
RAC: 0
Germany
Message 243386 - Posted: 6 Feb 2006, 1:02:36 UTC - in response to Message 243385.
Last modified: 6 Feb 2006, 1:03:36 UTC

Sorry double post :(

____________

Join BOINC United now!
Auto eVB | Autoversicherung

Profile Lazy@SETI.USA
Avatar
Send message
Joined: 4 Sep 00
Posts: 14
Credit: 23,552,278
RAC: 0
United States
Message 243392 - Posted: 6 Feb 2006, 1:19:59 UTC

We need to put our trust in the Gentleman at Berkeley. After all it is their project and they have the ability to tell what is going on with the users better than anyone. I feel it is time for this thread to die, This horse has been beaten enough... Lets have some fun and Crunch!
____________
This is only a test...

Jack Gulley
Send message
Joined: 4 Mar 03
Posts: 423
Credit: 526,566
RAC: 0
United States
Message 243405 - Posted: 6 Feb 2006, 2:03:22 UTC
Last modified: 6 Feb 2006, 2:09:33 UTC

And then there are those Anonymous owner machines like this one and and this one running Crunch3r application, doing two WU per hour and claiming around 60 Credits for each one, which seems a bit much.

Or one claiming 50, and another claiming 50, and another claiming 58.

All are Xeon processors that have what seem to be very high Floating Point and/or Integer benchmarks, even for an Xeon processor. (Wish I knew how to write the script to search and sort hostID by Floating Point benchmark, and later by Integer benchmark.)

Now if they all belong to one or two "Anonymous" user or team, it might be time to start drying out the firewood for the next part of the hunt. I might even change my mind about hidden computers and at least want them linked to an account ID that shows the number or machines and hostID's.

KB7RZF
Volunteer tester
Avatar
Send message
Joined: 15 Aug 99
Posts: 9463
Credit: 3,027,850
RAC: 1,981
United States
Message 243408 - Posted: 6 Feb 2006, 2:18:53 UTC - in response to Message 243385.



Hey guys,

don't you think it's time to stop this whole witch hunt ?
I think it's going way to far from now on.

I don't know about NEZ but if Matt says he's ok why don't you just leave it that way ?




Man, Im glad great minds think alike. I remember posting something a bit earlier in the thread saying the same thing. But it continues on and on and on, kinda like a broken record. This has turn into more of a "Lets point fingers here, lets point the fingers there". Can't we just let the folks at Berkeley deal with the situation at hand, quit trying to find others who everyone believes is "cheating" and go on with our crunching?
____________

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 243411 - Posted: 6 Feb 2006, 2:21:05 UTC

I just want to get my Pentium MMX 200Mhz to crunch something...

mauahahahahaha
____________


http://www.mikesbawx.org/photo/

John McLeod VII
Volunteer developer
Volunteer tester
Avatar
Send message
Joined: 15 Jul 99
Posts: 24064
Credit: 516,970
RAC: 133
United States
Message 243426 - Posted: 6 Feb 2006, 3:07:21 UTC - in response to Message 243411.

I just want to get my Pentium MMX 200Mhz to crunch something...

mauahahahahaha

It needs 96Mb RAM (current) or 64Mb RAM (enhanced).
____________


BOINC WIKI

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 243427 - Posted: 6 Feb 2006, 3:11:24 UTC - in response to Message 243426.

I just want to get my Pentium MMX 200Mhz to crunch something...

mauahahahahaha

It needs 96Mb RAM (current) or 64Mb RAM (enhanced).


Got 96mb.

I keep trying to toss an optimized app at it...thinkI am going to have to stick with a standard app.

I will let this cruinch for a few days and see what happens...she's crunching now.

____________


http://www.mikesbawx.org/photo/

Profile Scarecrow
Avatar
Send message
Joined: 15 Jul 00
Posts: 4382
Credit: 458,880
RAC: 2
United States
Message 243433 - Posted: 6 Feb 2006, 3:27:11 UTC - in response to Message 243427.

I just want to get my Pentium MMX 200Mhz to crunch something...

mauahahahahaha

It needs 96Mb RAM (current) or 64Mb RAM (enhanced).


Got 96mb.

I keep trying to toss an optimized app at it...thinkI am going to have to stick with a standard app.

I will let this cruinch for a few days and see what happens...she's crunching now.

Get this guy's recipe... last few units have gone so fast they can't be clocked. ;)

John McLeod VII
Volunteer developer
Volunteer tester
Avatar
Send message
Joined: 15 Jul 99
Posts: 24064
Credit: 516,970
RAC: 133
United States
Message 243441 - Posted: 6 Feb 2006, 3:50:36 UTC - in response to Message 243433.

I just want to get my Pentium MMX 200Mhz to crunch something...

mauahahahahaha

It needs 96Mb RAM (current) or 64Mb RAM (enhanced).


Got 96mb.

I keep trying to toss an optimized app at it...thinkI am going to have to stick with a standard app.

I will let this cruinch for a few days and see what happens...she's crunching now.

Get this guy's recipe... last few units have gone so fast they can't be clocked. ;)

What? use a development version that was never released (4.68) that has a known bug where it sometimes reports 0 seconds of CPU time even after hours of processing? Not exactly bright.
____________


BOINC WIKI

Profile Misfit
Volunteer tester
Avatar
Send message
Joined: 21 Jun 01
Posts: 21790
Credit: 2,510,901
RAC: 0
United States
Message 243463 - Posted: 6 Feb 2006, 4:49:31 UTC - in response to Message 243441.

Get this guy's recipe... last few units have gone so fast they can't be clocked. ;)

What? use a development version that was never released (4.68) that has a known bug where it sometimes reports 0 seconds of CPU time even after hours of processing? Not exactly bright.

Wasn't one of Trux's old optimized clients based on 4.68?

Profile Ageless
Avatar
Send message
Joined: 9 Jun 99
Posts: 12258
Credit: 2,545,476
RAC: 266
Netherlands
Message 243502 - Posted: 6 Feb 2006, 7:40:24 UTC - in response to Message 243433.

Get this guy's recipe... last few units have gone so fast they can't be clocked. ;)

I like his CPU:

CPU type i386
Intel(R) Pentium(R) 4 CPU 2.80GHz

Intel keeps amazing me.
____________
Jord

Fighting for the correct use of the apostrophe, together with Weird Al Yankovic

Previous · 1 . . . 13 · 14 · 15 · 16 · 17 · 18 · 19 . . . 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?

Copyright © 2014 University of California