7
   

Does your computer BOINC?

 
 
Reply Sun 22 Nov, 2009 02:12 am
http://boinc.berkeley.edu/logo/www_logo.gif
Quote:
BOINC [Berkeley Open Infrastructure for Network Computing] is a program that lets you donate your idle computer time to science projects like [email protected], Climateprediction.net, [email protected], World Community Grid, and many others.

http://boinc.berkeley.edu/download.php

I signed up for projects from...

[email protected]: http://setiathome.ssl.berkeley.edu/
Quote:
[email protected] is a scientific experiment that uses Internet-connected computers in the Search for Extraterrestrial Intelligence (SETI). You can participate by running a free program that downloads and analyzes radio telescope data.


[email protected]: http://www.cosmologyathome.org/
Quote:
The goal of [email protected] is to search for the model that best describes our Universe and to find the range of models that agree with the available astronomical and particle physics data. In order to achieve this goal, participants in [email protected] (i.e. you!) will compute the observable predictions of millions of theoretical models with different parameter combinations.


CLIMATEPREDICTION.NET: http://climateprediction.net
Quote:
Climateprediction.net is a distributed computing project to produce predictions of the Earth's climate up to 2080 and to test the accuracy of climate models. To do this, we need people around the world to give us time on their computers - time when they have their computers switched on, but are not using them to their full capacity.
 
tsarstepan
 
  1  
Reply Sun 22 Nov, 2009 02:15 am
http://i46.tinypic.com/15dluzm.jpg
0 Replies
 
tsarstepan
 
  1  
Reply Sun 22 Nov, 2009 02:19 am
http://i47.tinypic.com/vgo6xg.jpg
0 Replies
 
tsarstepan
 
  1  
Reply Sun 22 Nov, 2009 02:20 am
http://i50.tinypic.com/21dgxsm.jpg
0 Replies
 
dlowan
 
  1  
Reply Sun 22 Nov, 2009 03:12 am
Super cool!
0 Replies
 
BillRM
 
  2  
Reply Sun 22 Nov, 2009 08:56 am
Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.

Therefore you are kind of hoping that the project people know what they are doing so bad guys can not used this net for their own reasons.
BillRM
 
  1  
Reply Sun 22 Nov, 2009 09:02 am
A very fast google search indicate that my question concerning the security of computers running such programs seem to have some foundation.

Here is just one of many articles on this subject.
---------------------------------------------------------------------------------

http://boinc.berkeley.edu/trac/wiki/SecurityIssues

Security issues in volunteer computing
Many types of attacks are possible in volunteer computing.

Result falsification. Attackers return incorrect results.
Credit falsification. Attackers return results claiming more CPU time than was actually used.
Malicious executable distribution. Attackers break into a BOINC server and, by modifying the database and files, attempt to distribute their own executable (e.g. a virus program) disguised as a BOINC application.
Overrun of data server. Attackers repeatedly send large files to BOINC data servers, filling up their disks and rendering them unusable.
Theft of participant account information by server attack. Attackers break into a BOINC server and steal email addresses and other account information.
Theft of participant account information by network attack. Attackers exploit the BOINC network protocols to steal account information.
Theft of project files. Attackers steal input and/or output files.
Intentional abuse of participant hosts by projects. A project intentionally releases an application that abuses participant hosts, e.g. by stealing sensitive information stored in files.
Accidental abuse of participant hosts by projects. A project releases an application that unintentionally abuses participant hosts, e.g. deleting files or causing crashes.
BOINC provides mechanisms to reduce the likelihood of some of these attacks.

Result and credit falsification
These can be reduced using replication or other result validation methods.

Malicious executable distribution
BOINC uses code signing to prevent this. Even if attackers break into a project's BOINC server, they will not be able to cause clients to accept a false code file.

Denial of server attacks on data servers
BOINC provides an optional mechanism, upload certificates, to prevent data server attacks. Each output file has an associated maximum size. Each project has an upload authentication key pair. The public key is stored on the project's data servers. Result file descriptions are sent to clients with a digital signature, which is forwarded to the data server when the file is uploaded. The data server verifies the file description, and ensures that the amount of data uploaded does not exceed the maximum size.

Theft of participant account information by server attack
Each project must address theft of private account information (e.g. email addresses) using conventional security practices. All server machines should be protected by a firewall, and should have all unused network services disabled. Access to these machines should be done only with encrypted protocols like SSH. The machines should be subjected to regular security audits.

Projects should be undertaken only by organizations that have sufficient expertise and resources to secure their servers. A successful attack could discredit all BOINC-based projects, and volunteer computing in general.

Theft of participant account information by network attack
Attackers sniffing network traffic could get a user's account key, and use them to get the user's email address, or change the user's preferences. BOINC does nothing to prevent this.

Theft of project files
The input and output files used by BOINC applications are not encrypted. Applications can do this themselves, but it has little effect since data resides in cleartext in memory, where it is easy to access with a debugger.

Intentional abuse of participant hosts by projects
BOINC uses account-based sandboxing: applications run under a specially-created account (Mac/Linux version 5.4+, Windows version 6+). If file and directory permissions are set appropriately, applications will have no access to files outside of the BOINC directory.

Accidental abuse of participant hosts by projects
BOINC prevents some problems: for example, it detects when applications use too much disk space, memory, or CPU time, and aborts them. Projects can minimize the likelihood of causing problems by pre-released application testing. Projects should test their applications thoroughly on all platforms and with all input data scenarios before promoting them to production status.

Tags security
--------------------------------------------------------------------------------
0 Replies
 
tsarstepan
 
  1  
Reply Sat 8 May, 2010 07:54 am
It's been a couple of months since I ran BOINC. I always had it start up when I turned on my computer. About a couple of months ago, my computer started to freeze up immediately after turning on.

Only after a friend turned BOINC off from starting at initial boot-up did the crashing stop. Could be a coincidence. He did turn off several other programs that automatically start up when the laptop boots-up on being turned on. He checked for spyware, malware, etc.... He didn't find any or didn't tell me if he had. When I got my computer back, I turned on the BOINC program to see if it ran without crashing and perhaps it was just making the computer crash when it started on initial boot-up. It did crash my computer. Crying or Very sad

I have yet to use it again. I finally uninstalled the program and am wondering if I should redownload it again and hope a new and updated copy might be the fix. I miss my [email protected] program, et al. Should I take the risk?
dlowan
 
  1  
Reply Sat 8 May, 2010 08:04 am
@tsarstepan,
It was making my computer freeze a lot, and be very slow.

Now I only let it run when I don't want to turn the computer off, but don't plan to use it for a while.
0 Replies
 
tsarstepan
 
  1  
Reply Sat 30 Apr, 2011 08:23 pm
SETI puts E.T. on hold
SETI has temporarily halted one of its chief alien-hunting tools, the Allen Telescope Array, citing lack of funding.
http://www.csmonitor.com/Science/2011/0427/SETI-puts-E.T.-on-hold
0 Replies
 
domsriltz123
 
  -3  
Reply Fri 5 Aug, 2011 06:07 am
Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.

Therefore you are kind of hoping that the project people know what they are doing so bad guys can not used this net for their own reasons.
maxdancona
 
  2  
Reply Fri 5 Aug, 2011 06:15 am
@domsriltz123,
Quote:
Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.


This program is no more of a security concern than any other program you install on you computer. And the software is open which means that if anyone did anything really bad, it would be public news pretty quick.
djjd62
 
  3  
Reply Fri 5 Aug, 2011 06:36 am
@domsriltz123,
domsriltz123 wrote:

Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.

Therefore you are kind of hoping that the project people know what they are doing so bad guys can not used this net for their own reasons.


this from a douchebag who includes spam in his sig line
tsarstepan
 
  1  
Reply Fri 5 Aug, 2011 12:38 pm
@maxdancona,
maxdancona wrote:

Quote:
Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.


This program is no more of a security concern than any other program you install on you computer. And the software is open which means that if anyone did anything really bad, it would be public news pretty quick.


Now if only I can get it to work on my computer once again without it crashing said computer. Crying or Very sad

I miss having [email protected] Crying or Very sad
0 Replies
 
tsarstepan
 
  1  
Reply Fri 19 Aug, 2011 11:22 am
Quote:
Jodie Foster helps in search for alien civilizations
The nonprofit Search for Extraterrestrial Intelligence (SETI) Institute, which was forced earlier this year to shutter its Allen Telescope Array, used to listen for alien signals, due to budget issues, has raised enough money to resume the search for life beyond planet Earth.


http://www.csmonitor.com/Science/2011/0812/Jodie-Foster-helps-in-search-for-alien-civilizations
0 Replies
 
Irishk
 
  1  
Reply Fri 19 Aug, 2011 01:19 pm
I hope whoever calls us is cuddly like 'ET'.

Otherwise, remember.....

It's a Cookbook!!!
0 Replies
 
oralloy
 
  1  
Reply Tue 27 Nov, 2012 12:18 am
@tsarstepan,

I've done a bit of work for Climateprediction and Cosmology. Never did anything for SETI though.

But when I switched to Windows 8, I jumped to 64-bit. And now I'm focusing only on projects that make good use of 64-bit CPUs.

I'm doing:

a) "Optimal Golumb Ruler" and "Elliptical Curve Factorization" through [email protected]

b) Sieving for the Riesal subproject at PrimeGrid. (I'm not too into finding primes for the sake of finding primes, but finding primes for that particular subproject will help prove a mathematical theory.) Their Serpinsky subprojects also work toward proving theories, but they are all done sieving, so there is no more work optimized for 64-bit CPUs.

c) And [email protected] (that one is doing work towards understanding a BIG mathematical theory).



At the moment I'm running BOINC as a service install for the greater security, and that precludes letting BOINC use my graphics card, but if you have a reasonably modern graphics card, and if you don't use a service install, you should try seeing what BOINC will do with your graphics card.

The results will be absolutely stunning. Especially if it is a project that once did CPU work, and you know how long the workunits take on a CPU doing SSE3 calculations.

Moore's Law being what it is, modern graphics cards are more powerful than anything built by Cray Research before Silicone Graphics bought them out. And having your BOINC tasks processed by the equivalent of a Cray supercomputer is pretty amazing.

Your jaw will drop when you see your graphics card knocking off 10-hour workunits in less than a minute, over and over, every minute another 10 hours of work done.
oralloy
 
  1  
Reply Tue 27 Nov, 2012 12:24 am
@BillRM,
BillRM wrote:
Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.

Therefore you are kind of hoping that the project people know what they are doing so bad guys can not used this net for their own reasons.


In general it is pretty easy to figure out which projects are reputable. For instance, if you are helping major observatories comb through data to find neutron stars, or doing work for the Large Hadron Collider in Europe, you can probably count on it being legit work. Same also if the math department at a large university wants to help advance the field of mathematics.

World Community Grid is run by IBM, and they have their security experts vet every one of their subprojects.

Also, if you install BOINC to run as a service, it runs under an unprivileged account, so if your program goes haywire, whether through malice or by accident, the damage will be limited.

However installing BOINC to run as a service will not allow it to use your graphics card (which is a shame if your graphics card has the power of a 15 year old supercomputer).

I'm running mine as a service, even though I have such a graphics card. But oh well, security comes first.
0 Replies
 
roger
 
  2  
Reply Tue 27 Nov, 2012 01:15 am
@djjd62,
djjd62 wrote:

domsriltz123 wrote:

Interesting but I wonder if you might be introducing some security concerns as what you are doing in effect is joining a bot net or so I would think.

Therefore you are kind of hoping that the project people know what they are doing so bad guys can not used this net for their own reasons.


this from a douchebag who includes spam in his sig line


Yes, and he also stole the entire post from BillRM.
0 Replies
 
DuncanJones
 
  0  
Reply Wed 28 Nov, 2012 12:16 am
@tsarstepan,
Hello Friends,

It's easy to participate in a BOINC project: download and install BOINC. You will be asked to select a project and enter your email address and a password. That's it!
When you run BOINC on your PC, it does the following:
1. Your PC gets a set of tasks from the project's scheduling server. The tasks depend on your PC: for example, the server won't give it tasks that requires more RAM than you have. Projects can support several applications, and the server may send you tasks from any of them.
2. Your PC downloads executable and input files from the project's data server. If the project releases new versions of its applications, the executable files are downloaded automatically to your PC.
3. Your PC runs the application programs, producing output files.
4. Your PC uploads the output files to the data server.
5. Later (up to several days later, depending on your preferences) your PC reports the completed tasks to the scheduling server, and gets new tasks.

Best Regards,
Duncan Jones
0 Replies
 
 

 
  1. Forums
  2. » Does your computer BOINC?
Copyright © 2018 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 12/14/2018 at 03:27:20