Distributed Computing Projects

[marti]

I know many folks running Distributed Computing Projects, such as Seti and cancer research. *I don't participate.

I'm posting here to ask about privacy/security issues involved with running any of those programs. *Anyone have any thoughts on the subject?

thanks,
marti

* * *** FFI **

* * * * Distributed computing is a science which solves a large problem by giving small parts of the problem to many computers to solve and then combining the solutions for the parts into a solution for the problem. Recent distributed computing projects have been designed to use the computers of hundreds of thousands of volunteers all over the world, via the Internet, to look for extra-terrestrial radio signals, to look for prime numbers so large that they have more than ten million digits, and to find more effective drugs
. These projects are so large, and require so much computing power to solve, that they would be impossible for any one computer or person to solve in a reasonable amount of time.

* * * * * * * * * * * * * * * * * * * *


* * * * *MARTI

* * * * *its difficult to keep just one computer even marginally secure......a laborous task..............consider 100,000 computers......if I actually tryed to fund just ten secure computers among people I know...I could not.

* * * * * * * * * * * * * * * *snowman

[marti]

Snowman,

I know the definition of distributed computing. *What I'm curious about is

"does running a distributed computing program increase ones security/privacy risks?"

thanks,
marti

[spy1]

Marti - I wouldn't touch distributed computing with a ten-foot pole, personally. Seti's database was already hacked, once (although, until now anyway, that info hasn't been utilized in any way).

It's a gut-level thing with me - I don't want anyone else to have the use of my processor. It boils down to the fact that I haven't the technical expertise to know, exactly, what they'll be using it for.

It goes without saying that if anyone ever does get into anyone's distributed computing servers , they'd be able to unleash a DDoS attack of pretty impressive proportions against whatever target they chose - I really don't want my computer to be a part of that.

Just my .02 Pete

* * * Marti

* * * because the are others who may not know the definition.....an since I am not a self-centered individual..I thought to post the definition..so that just maybe someone could offer a response that might answer your question. * guess I just consider others more than some people do.


* * * * * * * * * * * * * * snowman

* *

[UNICRON]

I am a proud member of genome@home. Knowing that 99% of my clock cycles are wasted, and they could be useful to people actively working on genetic problems in humans, I had NO problem making the choice to join up.

The application has never been exploited, and can be no less secure than you using a web browser or email (in-fact web browser or email is probably a million times more likely to be a source of grief) It is controlled by Stanford University. The do have somewhat of a clue about computer security I'd hope. The benefits out-way the risks by a wide margin in my opinion. For the entire project to succumb to hack that allowed the whole works to be part of a DDoS, then everyone would have to be individually infected with a trojan. The app itself have no remote control capability. Even if the worst happened, and may machine was part of a DDoS once in 3 years, it would STILL be a positive benefit for mankind over all.

Genome@home is (also in my opinion) far more beneficial to humanity than Seti or prime. I'll also say that this research concerns my immediate family, *so I might be a bit bias.


Info here:

http://gah.stanford.edu/

[marti]

Snowman,

I did not intend to be rude in my response to you. *However, your response did not seem to have anything to do with the question that I asked.

marti

* * * * *MARTI

* * * * *Nor was I being rude either....your post had been up for several hours with out any replies....in consideration of your interest in the topic I simply offered the definition as addional information

* * * * my response indicated that *imo if its difficult to properly secure one computer.....how is it possible to know if those other 100.000 computers are secure...or their servers........would trusting the security of my computer to total strangers be wise........its matter of personal choice.......

* * * * wishing you a most pleasent day Marti...an glorious weekend.....


* * * * * * * * * * * * * * * *snowman

[UNICRON]

Quote:

........would trusting the security of my computer to total strangers be wise........

? you are doing that now aren't you? How many of the people who worked on the programs installed on your system (including OS and hardware drivers) do you know personally?

For me the number is zero.

I trust the reputation of the companies whose software I use (except Microsoft of course!). I would trust Stanford university before trusting M$

* * * Unicrom

* * * good point ! * *definitely I would not trust M$ as far as I could throw them by their eyebrows......

* * * Network...is just not my cup of tea......although I do connect to world exchanges daily......but then I would not be willing to use an mp3 file sharing network....certainly that would not be up to par with say Stanford......

* * * *but yes I do see your point.

* * * * * * * * * * * * * * * * snowman

[Zhen-Xjell]

I've been running these programs for more than 3 years now and never had an issue with privacy or security. *Projects I've run:

seti@home
folding@home
genome@home
mersenne prime numbers
distributed folding
rc5-64

[marti]

So, far it's two yes and two no.

marti

[UNICRON]

Matri I suggest you inquire to people who actually use these progs, and ask them how many problems they have had.

I have noticed many people are scared of DCPs without knowing much about them.

Whe asking any question or poll, always think:

1) does this person have any idea what they are talking about.

2) Is this person qualified (unofficially even) to make an educated statement about such things.

3) avoid tallying like: 2 - 1. Meaningless if the two jokers who vote "for" have no real knowledge/evidence/experience on such topics, and the one "against" is an expert in that feild. Subjectivity is paramount here.

[marti]

UNICRON,

I can ask folks that run DCP programs, but most of them are only "mildly" interested in computer security. *That's why I asked in this forum.

Tonight, I read about an intrustion to a DCP list of users. *Seems that someone got in and "retired" several folks from the list. *This intrustion was not on the indivuals computers, but, *it does make me wonder about the security of running such a system.

[Checkout]

Marti,

If I recall correctly, several people were recently fired for using their work computers for seti. *That may sound mean and harsh, but the systems' admin had determined that seti ewre making no attempts to plug known holes in their software (typically when the screensaver phoned home) and seti, bless 'em, stated that they couldn't spare the time or resources to address the problems. *That's if I recall correctly. *Personally, I've racked up nearly 1,000 work units in seti. *HTH.

Oops, Checkout, sorry, my English is failing me again...
What means:

Quote:

I've racked up nearly 1,000 work units in seti

Of course no offence meant, I only didn't understand that.

[Checkout]

Quote:

Oops, Checkout, sorry, my English is failing me again...
What means:


Of course no offence meant, I only didn't understand that.

Sorry, Jan - I tend to use 'engineering' English when I should write more plainly for people here. *Racked up means accumulated. *It refers to a scoring machine for games, like darts, where a wooden rack has point counters which move along it. *So, to record points scored, you would move your pointer across the rack.

I hope that's clear? *Sorry for the confusion.

[Mike_Healan]

I've donated 2600 hours of processor time to seti@home since I started with it in January. I see no obvious problem with it. The only information about you that Berkely receives is your email address, and you can fake that at the risk of being locked out of your account if you forget your password.