Security and BOINC

[ChristianVirtual]

Not to hijack the MW@H thread about non-stock-app; but that example raised again my question about security in BOINC based systems.

Is there (at least for officially released stock app) any kind of security concept ? Is there any check/review/verification that a BOINC component is not building a hidden bot net or is performing any other illegal activities ? Did that ever happen in the past ?
Any special BOINC-points to watch out for ?

Obvious I'm a BOINC-newbee

 

[Gilthanis]

As far as that goes, the answer is no. WCG (aka IBM) is very security aware and do quite a bit of security audits before signing off on any of the apps including the official releases from Berkeley. However, they also don't allow custom apps at there project.

Other projects you pretty well have to put faith in them or do the legwork testing yourself to see what is going on with your system/network. Typically if there is something that needs explaining, somebody pops up and asks. I have not seen a project do any malicious activity nor heard of one. This extends to the other DC projects outside of BOINC as well. With that said, it is always good to look into the organization before giving them your support.

 

[Starbomba]

After 5.5 years of BOINC and 21 different projects I've crunched on, I have never had any safety or security concerns, nor even heard of them. However, I do try to avoid custom apps, as that is one thing you have no idea if they do what they are advertised to do.