if i had to make a suggestion, i'd say inform all the right places about what boinc is, before they make their own assumptions, that would be a good path towards damage control

That begins to sound better, but is still not sufficent. What we need is publicly showing and punishing such cheaters - having Black Boards on the official BOINC and project web sites, where such people will be displayed, accounts and credits removed, and their credits removed from all their present and former teams too. If such people are legally persecuted, it also needs to be shown there - so that it serves as a sufficinet deterrent for other potential followers. If people are fired because of illegally installing BOINC in their jobs, it should be shown there too.

Hmm, very interesting and very dangerous for the project and for the community!!! Can someone of the people here having direct wire to Rom or others at Berkeley assure that they are aware of it, and taking the necessary steps to avoid banning BOINC by antimalware, antivirus and firewall software and before it makes news in some IT magazines?

I know the user ID quite well - I noticed him when he, as the leader of SETI Germany with increible RAC of ~70k (now it is even more) left the team and created his own one just few weeks ago. I found it very strange, but since there were others leaving the team shortly after (including some well known forum members), I thought there were some internal conflicts behind it (we just seem to have one at CNT too).

I find it very important that some officials make the necessary steps to avoid more damage. I hate to tell it, but this is a criminal activity, and the author of the act desires to be investigated by the police. I hope for him that he is innocent and it was just some stupid friend of the victim who installed it manually (though it definitely does not look like).

"I'm trying to maintain a shred of dignity in this world." - Me

if i had to make a suggestion, i'd say inform all the right places about what boinc is, before they make their own assumptions, that would be a good path towards damage control

That begins to sound better, but is still not sufficent. What we need is publicly showing and punishing such cheaters - having Black Boards on the official BOINC and project web sites, where such people will be displayed, accounts and credits removed, and their credits removed from all their present and former teams too. If such people are legally persecuted, it also needs to be shown there - so that it serves as a sufficinet deterrent for other potential followers. If people are fired because of illegally installing BOINC in their jobs, it should be shown there too.

it's the same as with guns, guns don't kill people, people kill people

Explain to the Gestapo it was not you who killed H. Heidrich even if it is apparent your gun was used.

different issue, my point was that the gun acting alone (if that's possible for an inanimate object) doesn't kill someone, it needs to be fired by a person

what you're talking about is ownership, have you heard of zombie or bot networks, these are mostly computers of unaware users conducting a DDoS attack, just beacuse john doe owns one of these infected computers, doesn't mean he's responsible

just beacuse my car might have been used in a robbery, doesn't mean i was there, it just means my car was, because it was probably stolen

please take a look at an idiotic article on TMP in which the blatent problems with the implied "security" of the system is made apparent, the main quote from the original article being...

In fact, with TPM, your bank wouldn’t even need to ask for your username and password -- it would know you simply by the identification on your machine.

and the comment to that...

Since when is "your computer" the same as "you"?

i wouldn't try to explain, the Gestapo usually just did what they wanted, right or wrong, because they were power hungry and unreasonable, so if they wanted to kill me they would anyway

however, (i'd hope) the officials in charge of security today (national security and the like) would be more reasonable, and if something controversial makes sense, then they'd at least listen

Just my simple opinion here.
I think a lot of these "problems" can be prevented by the users themselves.
If only they would stop running executable slideshows and such they downloaded from a p2p-network while being logged into their windows machine as administrator or poweruser...

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

must have, i don't know of any other way to attach

Not sure exactly what's going on here, or if there's even anything to be worried about. But back in Classic there was at least one time when a virus circulated around the internet that, among other things, would download SETI@home and start crunching workunits for random users. So we've been there, done that.

No amount of PR (before or after) can protect us from the lack of understanding by the general public about how the internet works, who is responsible for what, who is at fault, etc. Frankly, I think preemptive PR might cause more confusion than quell any panic.

People always freak out about the security of BOINC. Yet there they are surfing the web every day, which is far, far less secure.

- Matt

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

must have, i don't know of any other way to attach

I see keys in the help desk often. Noobs don't know better.

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

must have, i don't know of any other way to attach

I see keys in the help desk often. Noobs don't know better.

True enough. Carsten isn't a noob though

If someone maliciously used Carstens' account, I wonder how they got his "key" and/or password?

Member of SETI Distributed Network

The worm installs and activates the SETI (Search for Extraterrestrial Intelligence) software to affected computer (see more information about SETI at http://setiathome.berkeley.edu).

The SETI software is downloaded by worm to Windows directory with MSSETI.EXE name from following FTP sites:


ftp://ftp.cdrom.com/pub/setiathome/setiathome-3.03.i386-winnt-cmdline.exe
ftp://ftp.let.uu.nl/pub/software/winnt/setiathome-3.03.i386-winnt-cmdline.exe
ftp://ftp.cdrom.com/.2/setiathome/setiathome-3.03.i386-winnt-cmdline.exe
ftp://alien.ssl.berkeley.edu/pub/setiathome-3.03.i386-winnt-cmdline.exe
ftp://setidata.ssl.berkeley.edu/pub/setiathome-3.03.i386-winnt-cmdline.exe

The worm also creates in Windows directory the following files:

USER_INFO.SAH and VERSION.SAH with SETI specific information MSSETI.PIF, RUN_MSSETI.VBS, MSSETI.BAT to run SETI program

and registers RUN_MSSETI.VBS file in Registry auto-run keys:


HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
msseti = WScript.exe %WinDir%\\run_msseti.vbs"


HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices
msseti = WScript.exe %WinDir%\\run_msseti.vbs"

The USER_INFO.SAH file contains user specific information about SETI user, the worm writes following IDs to there:


id=2199938
key=1603033966
email_addr=gl_storm@seznam.cz
name=GL_STORM
country=Czech Republic