Message boards :
Number crunching :
Do we have a Boinc virus?
Message board moderation
Previous · 1 . . . 9 · 10 · 11 · 12 · 13 · 14 · 15 . . . 27 · Next
Author | Message |
---|---|
Michael Send message Joined: 21 Aug 99 Posts: 4608 Credit: 7,427,891 RAC: 18 |
When Nez started rocketing up the charts there was some concern expressed on the boards. He was checked out and even posted several times to clear up the problem. Turns out there was no problem. He has properly earned his number 1 ranking.Well, Giese is done, so why not reharshing this case :) I searched the forum archive, but found only a single post of NEZ - in Cafe, regarding the Babe of the Day. No comment to the incredible RAC he has. Theoretically, it could be done by couple of hunderds of high performance machines (or maybe couple of supercomouters) running 24/7, but practically several thousands machines seem to be more probable. That's surely possible for a huge company or a well organized group of individuals, but I'd be interested how Nez explained it. Can you point us to the post he made, and that turned it into "no problem" as you wrote? I'd be definitely interested in reading it, but did not find anything. yeah, coz that guy has way more than Giese has...301,352.32 RAC, Thats THOUSANDS of [edit]average[edit] computers. |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
No, he never answered Misfits question in the BOTD thread.Hmm, in that case I have to tell that to me it stinks too. Shouldn't the guys at BOINC have look at this one maybe too. trux BOINC software Freediving Team Czech Republic |
Alinator Send message Joined: 19 Apr 05 Posts: 4178 Credit: 4,647,982 RAC: 0 |
Another easy way of cheating was discussed long time ago on our team forum, when some new projects appeared, with description in foreign languages that nobody understood. We were speculating that there is nothing easier than creating a bogus project, just forwarding S@H WU's and then resending the completeed results to the S@H server under own user or team ID. Just to make sure I'm reading this right: You set up a BOINC project, which pulls results from SAH and then farms them out to it's own participants, then recollects them when finished and transmits them back to SAH. How would that be strictly cheating, since the "farm" project is being legitimately run by the people who participate on it, and the farm project would still have to set up individual accounts for every one of their proxies to get around the quota problem. It might be unethical to not disclose the fact you're acting as an "agent", but the true cruncher still gets BOINC credit for the proxy project they run. Do you have links to any of the "agent" projects? Alinator |
Alinator Send message Joined: 19 Apr 05 Posts: 4178 Credit: 4,647,982 RAC: 0 |
Pilot error!! :-) |
Alinator Send message Joined: 19 Apr 05 Posts: 4178 Credit: 4,647,982 RAC: 0 |
No, he never answered Misfits question in the BOTD thread.Hmm, in that case I have to tell that to me it stinks too. Shouldn't the guys at BOINC have look at this one maybe too. If you search the forums and drill down the threads, Rom did make a response which indicated Nez was legit. Here's a link: http://setiathome.berkeley.edu/forum_thread.php?id=21447#180861 Although I'm not 100 % sure he was referring to Nez, Teef, or both. Alinator |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
http://setiathome.berkeley.edu/forum_thread.php?id=21447#180861He really did not specify, but seems to be speaking really about Teef, who indeed explained that they were just burning in a huge farm of machines for other purposes, and it took just few weeks. Also, all what Rom wrote is this: Wow, S/He has a butt load of machines.Giese had also huge number of machines, so if they did not know about the hijacked machines, they would not suspect him either. The things changed since then. trux BOINC software Freediving Team Czech Republic |
Misfit Send message Joined: 21 Jun 01 Posts: 21804 Credit: 2,815,091 RAC: 0 |
I don't believe the 'virus' would be able to attach random accounts because the email address and password, or account key, would have to be known. As long as the database that contains this info hasn't been compromised this senario couldn't happen. me@rescam.org |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
You set up a BOINC project, which pulls results from SAH and then farms them out to it's own participants, then recollects them when finished and transmits them back to SAH.Well, I am probably not normal, but yes - for me it is cheating. Do you have links to any of the "agent" projects?Do you really think, I'd be still till now if I knew such projects exist? If you suspect some, try opening couple of WU's in Notepad - you may (and you may not) find out if just forwards WU's of another project. trux BOINC software Freediving Team Czech Republic |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
I don't believe the 'virus' would be able to attach random accounts because the email address and password, or account key, would have to be known. As long as the database that contains this info hasn't been compromised this senario couldn't happen.If I wrote 'random', I certainly did not mean completely random, but simply random user ID from a pool of user id's of the crook - it's not a big deal generating couple of hundreds of user ids. trux BOINC software Freediving Team Czech Republic |
Alinator Send message Joined: 19 Apr 05 Posts: 4178 Credit: 4,647,982 RAC: 0 |
Giese had also huge number of machines, so if they did not know about the hijacked machines, they would not suspect him either. The things changed since then. Agreed, I guess that's a point in favor of the 'Stone counters. The odds you can get away with an illegitimate credit exploit long term would seem to be pretty small when it causes numbers big enough to make a real difference, if this thread (and others) is any indication. One of the "hazards" of being in the top 100! LOL Regarding the other matter of an "Agent" project; Since I cannot find anywhere where it is expressly prohibited (here at SAH), if it was fully disclosed to prospective participants as to what they were actually doing, I still don't see it as cheating. It's not like the proxy crunching hosts are double dipping, since their credit is accounted for in the Agent Project totals, and as far as SAH is concerned they have X new hosts crunching for them legally. I see it as similiar to "Account Managers on steroids". The case could be different for a project like PAH, where result are grouped by processor type on purpose if that wasn't honored by the agent, but then a project could always specifically disallow agenting in its rules. Of course, I'm ignoring the obvious question of why someone would want to give up the specific project credit their machine earned to the Agent in the first place, but assuming they did, why shouldn't the Agent be entitled to a "reward" for the service provided to the target project? Alinator |
Hans Dorn Send message Joined: 3 Apr 99 Posts: 2262 Credit: 26,448,570 RAC: 0 |
I'm pretty sure that NEZ is alright. He's been crunching for quite a while now, and no complaints showed up. Regards Hans P.S: I have a bad feeling about Carsten Giese, though. Can't be sure because of the lack of information. I also think his credits should be deleted from seti.germany, so this whole mess can be considered closed. |
Fred G Send message Joined: 17 May 99 Posts: 185 Credit: 24,109,481 RAC: 0 |
@ Fred_G: Fred, could you possibly send me the file sched_request.xml from the system32 dir of the infected machine? I am building in some protection into my core client, and need to verify some info in the file. Thanks! I'll see if I can get it and send it to you. >Fred http://www.teamstarfire.org/ |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
Since I cannot find anywhere where it is expressly prohibited (here at SAH), if it was fully disclosed to prospective participants as to what they were actually doing, I still don't see it as cheating.Maybe you have personally, or generally in your country, different ethical and moral values than I do. However, I think I can be pretty sure that I am not the only one who does not need to have written laws and rules to know what is moral and what not, or what is cheating and what not. I agree though that the opinions may differ. For me, if a project pretended it made some big science, or research important for the mankind, but in fact did nothing else than forwarding your work to another project as if it was made by another user (themselves) - sorry, for me it is immoral and I definitely consider it cheating. If you feel it perfectly OK and decide to launch such project, or maybe even if you do it already yourself, then please count that I'll fight against you as much as I can. EDIT: and of course, if you reread my posts, since the beginning I do not speak about any proxy or agent project that clearly states that it does something like that - it wouldn't make any sense anyway, so I doubt anyone would launch or use such project if it clearly specified that in only passes your work for their own. trux BOINC software Freediving Team Czech Republic |
[SG-SPEG]stefan78 Send message Joined: 1 Aug 99 Posts: 19 Credit: 30,308 RAC: 0 |
Hi all, as Hans mentioned, i also support the idea of deleting the addtitional credits from CG. The Seti.Germany credits will go down, but they will be fair. Before anyone is saying, that Seti.Germany is cheating it would be better to delete the credits. But Berkeley should check all high RACs as i think if it can happen once, it also can happen twice....maybe now. |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
I'm pretty sure that NEZ is alright. He's been crunching for quite a while now, and no complaints showed up.I'd love if I knew you have some specific reason to belive him. I find it difficult though to believe that an individual may manage to reach that high RAC (comparable with the RAC of the team leader SETI.Germany with over 10.000 members - and probably at least double of that number of hosts). Well, maybye it is not an individual (only the el. power costs would ruin him/her). Maybe it is a huge group of individuals - in that case though I would expect them having a well know website, forum and number of active members who would not hesitate to post some explanation here. Or it might be a huge corporation, but in that case I would expect they'd be happy to use the top ranking as a good advertisement and not doing it anonymously. Or maybe it is a guy who built a supercomputer, or a GCU cruncher and manages to crunch 100 times more per machine than others. Then I'd expect he won't keep it secret that long and offers his dicovery to others too (yes, I am naïve). Yes, I know, all these are pure speculations, but still I find it as suspicious as at Carsten Giese, when not even more. trux BOINC software Freediving Team Czech Republic |
Alinator Send message Joined: 19 Apr 05 Posts: 4178 Credit: 4,647,982 RAC: 0 |
Since I cannot find anywhere where it is expressly prohibited (here at SAH), if it was fully disclosed to prospective participants as to what they were actually doing, I still don't see it as cheating.Maybe you have personally, or generally in your country, different ethical and moral values than I do. However, I think I can be pretty sure that I am not the only one who does not need to have written laws and rules to know what is moral and what not, or what is cheating and what not. I agree though that the opinions may differ. For me, if a project pretended it made some big science, or research With all due respect: Where did I say that to clandestinely or otherwise misrepresent the purpose of an Agent Project is moral, ethical, and should not be considered a cheat? I expressly specified that if such an Agent was operated with *Full Disclosure* to prospective participants as to what the purpose was, then I don't see a problem, and it is a stretch to call it cheating under *those* conditions. For example, if I perform computer service work for someone, and as a quid pro quo in lieu of cash payment, have them allow me to run BOINC/SETI on their machine with full disclosure and permission under my account, is that cheating? I don't think so. Then why should an Agent Project operating under the *same* conditions not be allowed? <edit> OK, sorry, we must havew been co-posting, since I see from your edit, we are on the same page! LOL Alinator |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
For example, if I perform computer service work for someone, and as a quid pro quo in lieu of cash payment, have them allow me to run BOINC/SETI on their machine with full disclosure and permission under my account, is that cheating? I don't think so. Then why should an Agent Project operating under the *same* conditions not be allowed?Sorry, but I did not speak about such case at all. Please reread my original post. Besides it, it makes no sence to create a project that does nothing else than stealing your work and passing it as their own. (I mean no other sense than cummulating credits). If you agree to work under the account of anoterh user, it is your free choice, but that's a completely different case that I did not discuss here at all. trux BOINC software Freediving Team Czech Republic |
trux Send message Joined: 6 Feb 01 Posts: 344 Credit: 1,127,051 RAC: 0 |
|
Alinator Send message Joined: 19 Apr 05 Posts: 4178 Credit: 4,647,982 RAC: 0 |
sorry, double post again LOL, no problemo and I've done it too, see my edit. The only use for such a project I can see would be if people wanted to not be directly associated with any project in any way, but still wanted to contribute in some manner. Maybe call it BOINC-a-mizer@Home. :-) Alinator |
[SG-SPEG]stefan78 Send message Joined: 1 Aug 99 Posts: 19 Credit: 30,308 RAC: 0 |
I think, this issue should be reported to companies as F-Secure, Symantec and McAfee as i think, if this is a modified worm who causes these problems, there should be updated virus patterns to stop spreading it widely. |
©2024 University of California
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.