Trojan boinc installation by rogue member

Mike Hewson
Mike Hewson
Moderator
Joined: 1 Dec 05
Posts: 6534
Credit: 284730859
RAC: 105773

RE: I am not a Windows

Message 61111 in response to message 61110

Quote:
I am not a Windows expert, but I know that Windows, by default, lets a file named FILE.TXT.VBS to be seen as FILE.TXT by the user. He then clicks on it and hell breaks loose. This applies also to Vista.
Tullio


Oooh, I didn't know that!

Mind you, being an old DOS type of guy, I have always displayed file extensions regardless of default opening applications/associations and Windows preferences.

If it's a default Windows install behaviour to hide them, then it'll be bad JooJoo all around ..... :-(

I think there has been some 'loss of innocence', in that there has been an awakening of understanding amongst contributors, particularly of the economic importance of volunteers. From my observations ( ~ 18 months now ) there is a continual 'bubbling' of various agendas, but that's the most prominent one. I was recently trying to find a post of Bruce Allen's ( it was a while ago ) about the electricity savings alone. It was by itself considerable, and didn't touch outlay, depreciation and other 'total cost of ownership' assays.

You could implement polls and the like via the existing BOINC client/server interaction - there's a bucket of pragmatic exchange continuously going on anyway - maybe an additional 'feedback/feedforward' channel could be created in whatever is the BOINC API or it's equivalent. If created, BOINC projects could harness that. I can't see any in principle objection to that at least ..... I get little popup's near the system tray at present informing me of this, that and the other thing as is it is now.

Is there some sort of general charter at present? Or is it ad hoc at present? By this I mean a base level policy ( forum independent ) as regards parameters on both 'supply' and 'usage' sides, covering things like

- negative boundaries on behaviours, 'thou shalt not...'

- positive boundaries on behaviours, 'thou agrees to ....'

- visibility criteria, 'we declare that ... '

- exit and other scenario clauses, 'if X happens then Y follows ... '

- precision definitions, 'X is this ... and Y is that ....'

- etc.

you get the idea ... :-)

Cheers, Mike.

( edit ) Found Bruce's post here.
That was in 12/05, now has ~ 5x number of computers with credit activity, so the benefit is somewhat proportional.

I have made this letter longer than usual because I lack the time to make it shorter ...

... and my other CPU is a Ryzen 5950X :-) Blaise Pascal

FalconFly
FalconFly
Joined: 16 Feb 05
Posts: 191
Credit: 15650710
RAC: 0

RE: I have no first-hand

Message 61112 in response to message 61104

Quote:
I have no first-hand knowledge of this topic or P@H. Could it be that some projects are discovering that the "community" is simply too demanding?
My own observation is that participants don't really "volunteer" unused cpu cycles. Their attitude from the outset is that of a barter: "I give you cpu cycles and in return I get to dictate the circumstances and environment in which I participate, otherwise color me gone."

Well, one has to differenciate here.

Volunteers are initially won by the Project for various reasons and motivations.
After that, they are falling into different categories, ranging from "Grandma who just likes the Idea but has no comprehension of what's actually going on on her Computer" upto experienced Users with a long history of DC in all colours who closely evaluate the entire Project, point out problems and give suggestions in areas where improvement is desirable - out of pure dedication for the Project's goals and Ideals.
So in a way, latter is alot more than just "Volunteers" if the definition of that was to be limited to "Passive Participation"

Concerning the resources any Project is given, it's up to them on how they use it.
Generally, for Projects wanting to become and stay successful however, it is mandatory and considered good practise for any Staff to have open ears & eyes at the Community (basically a form of CRM, Crew Resource Management). A successful Project therefor has to conquer not only the technical aspects (participating Computers), but also the social Aspects (participating Members) and make the best of both.

Active DC Members are far more likely to recognize and acknowledge good Resource Management, but at the same time also see shortcomings or failure.
It's one thing when a Project's Staff finds itself (for any reasons) in a difficult position to handle, another when Staff has never cared for it and faces the consequences, which - over time - are far more devastating to a DC Project than all technical related Problems combined.

A Server or Network connection can be fixed - no big deal and no harm taken, an ignorant and non-communicative staff (as a worst-case scenario) however can not.
----------------------------
It might indeed be that some Projects finished the Phase of solving technical Problems and focussing on technical resources, but did not realize the socal aspects and subsequent requirements. For all I know from such cases the past, that can and will seriously hamper (or fail) a Project.
AFAIK there is no way to separate and concentrate on the technical Resources alone - a community will always form and will need attention & feedback accordingly, even if that means alot more work.

Nothing But Idle Time
Nothing But Idl...
Joined: 24 Aug 05
Posts: 158
Credit: 289204
RAC: 0

@FalconFly Your analysis is

@FalconFly Your analysis is good as far as it goes, as mine was good as far as it went. The sociology of contributors is complex and we could explore it ad nauseum. I didn't want to be long-winded so I kept my observations a little trite. I observe that contributors (those seen on the msg boards) run the gamut of intelligent/qualified to ignorant/arrogant. A typical observation for me is: 1) newbie (experienced or otherwise) says "Hey this project is great and the staff is so "communicative"; 2)a few days later there's a post like "Ya know, I don't think my credit is right, should get more; 3) later there is "I'd like to see xxxx change"; 4) that post is followed by "Hey, dumkopfs, is anybody listening out there?"; 5) then "You idiots ain't listening, I said you ought to change this and get more responsive to my needs or I'm outta here!."

Sound familiar? Then two months later another newbie starts a similar scenario all over again.

FalconFly
FalconFly
Joined: 16 Feb 05
Posts: 191
Credit: 15650710
RAC: 0

My best guess is that this is

Message 61114 in response to message 61113

My best guess is that this is mainly due to Expectations and new Users making their personal Experiences - and deriving conclusions off what they get.

The Results certainly vary, but with sufficient patience and kind responses, I didn't observe any severe issues coming from that alone on the Messageboards (even on Projects with fairly large Userbases).

I rarely saw the Stereotype with very personal and isolated requirements (apart from a few odd feature requests).
On the other hand, I did observe larger Groups of Users with constructive feedback or pointing out urgent and obvious issues that affected many. When those were ignored, chunks of Users repeatedly turned their back on affected Projects over time (depending on patience or endurance) as a last logical conclusion.

Brian Silvers
Brian Silvers
Joined: 26 Aug 05
Posts: 772
Credit: 282700
RAC: 0

RE: RE: Can I get you a

Message 61115 in response to message 61110

Quote:
Quote:

Can I get you a smaller brush to paint with next time? ;-)

Brian


I am not a Windows expert, but I know that Windows, by default, lets a file named FILE.TXT.VBS to be seen as FILE.TXT by the user. He then clicks on it and hell breaks loose. This applies also to Vista.
Tullio

While you are technically correct, you failed to grasp why I took exception to your broad-brush statement. The implication of your original statement that I took exception with is that being a Windows user automatically means that you are careless / carefree. Some of us are not... I recall immediately recognizing ILOVEYOU as a script due to seeing the VBS extension, as I had set my system up to display the full name. :-)

Brian

tullio
tullio
Joined: 22 Jan 05
Posts: 2118
Credit: 61407735
RAC: 0

RE: While you are

Message 61116 in response to message 61115

Quote:

While you are technically correct, you failed to grasp why I took exception to your broad-brush statement. The implication of your original statement that I took exception with is that being a Windows user automatically means that you are careless / carefree. Some of us are not... I recall immediately recognizing ILOVEYOU as a script due to seeing the VBS extension, as I had set my system up to display the full name. :-)

Brian


Yes, some. But most Windows users do not know how to defend their computers. I have a dual boot system and I am using WIN98SE to print photos on an Olivetti printer for which I could not find a Linux driver. I have no antivirus on it.
I think Microsoft should give more attention to security. Most producers of antivirus software are highly critical of Windows Vista, also probably for money reasons. But I am not going to start a flame war, there are already too many wars going on. Peace.
Tullio

Brian Silvers
Brian Silvers
Joined: 26 Aug 05
Posts: 772
Credit: 282700
RAC: 0

RE: I have a dual boot

Message 61117 in response to message 61116

Quote:

I have a dual boot system and I am using WIN98SE to print photos on an Olivetti printer for which I could not find a Linux driver.

Since your computer(s) is/are hidden, I don't know what Linux distro you have, but if your host OS is supported you could use VMware. The licensed version of Workstation is $189 (USD), but they do offer a player for free that can play pre-configured VMs... My plan for the next computer I build is to buy Workstation and use it to dabble in Linux/Unix... FYI, I originally started out using OS/2 :-)

VMware

Brian

tullio
tullio
Joined: 22 Jan 05
Posts: 2118
Credit: 61407735
RAC: 0

RE: Since your computer(s)

Message 61118 in response to message 61117

Quote:


Since your computer(s) is/are hidden, I don't know what Linux distro you have, but if your host OS is supported you could use VMware. The licensed version of Workstation is $189 (USD), but they do offer a player for free that can play pre-configured VMs... My plan for the next computer I build is to buy Workstation and use it to dabble in Linux/Unix... FYI, I originally started out using OS/2 :-)

VMware

Brian


I am running SuSE Linux 10.1 on a 400 MHz PII Deschutes, working 24/7 and running SETI, Einstein and QMC. Thanks for your suggestion. I remember telling an IBM manager in 1989 in Milano that OS/2 wa a stillbirth and seeing him becoming red. He had asked me, then a Honeywell Bull marketing engineer, how could we hope to sell UNIX on a Motorola 68040 CPU in the presence of OS/2. Maybe I was a little harsh. I believe that OS/2 was a good OS, much better than Windows, but marketing rules over engineering and Microsoft's marketing was better than IBM's. Cheers.
Tullio

EclipseHA
EclipseHA
Joined: 19 Feb 05
Posts: 41
Credit: 10540182
RAC: 0

RE: RE: Since your

Message 61119 in response to message 61118

Quote:
Quote:


Since your computer(s) is/are hidden, I don't know what Linux distro you have, but if your host OS is supported you could use VMware. The licensed version of Workstation is $189 (USD), but they do offer a player for free that can play pre-configured VMs... My plan for the next computer I build is to buy Workstation and use it to dabble in Linux/Unix... FYI, I originally started out using OS/2 :-)

VMware

Brian


I am running SuSE Linux 10.1 on a 400 MHz PII Deschutes, working 24/7 and running SETI, Einstein and QMC. Thanks for your suggestion. I remember telling an IBM manager in 1989 in Milano that OS/2 wa a stillbirth and seeing him becoming red. He had asked me, then a Honeywell Bull marketing engineer, how could we hope to sell UNIX on a Motorola 68040 CPU in the presence of OS/2. Maybe I was a little harsh. I believe that OS/2 was a good OS, much better than Windows, but marketing rules over engineering and Microsoft's marketing was better than IBM's. Cheers.
Tullio

A bit of interesting history to be said here...

Back when MS was doing OS/2 they basically "gave" DOS to IBM, as OS/2 was next - Anyone remember DOS 4.x? It was junk - done by IBM..

When Windows 3.0 became a hit, MS and IBM swapped again, as windows 3.0 needed a good DOS. MS took back DOS, and IBM got the original OS/2. MS came out with Dos 5, as IBM had messed up DOS 4.x and it really hurt windows..

Then MS started work on OS/2 - New Technology - a re-write of OS/2. Today called simply "Windows NT".. (that's where the "NT" came from!) The basis for not only NT x.x but also Win2k, XP and Vista.

clownius
clownius
Joined: 16 Jun 06
Posts: 42
Credit: 2164665
RAC: 0

Ill stick to my Linux boxes

Ill stick to my Linux boxes personally here :) Takes the headache out of security. I used to be a big windoze user and win 2k was one of my favorite OS's. I used to run windoze 2k advanced server on my desktop and i just found that no matter how much security i had running there was always another security hole to catch me before the patch came out. One year i coped 3 viruses that got through everything. The laughable OS security, the firewall, anti virus and adaware pro edition that was supposed to warn me of all changes to registry.
I then moved to Linux and don't run any extra security and not one breach yet.
I don't think we can blame windoze users when they get caught as windoze is an open invitation to get caught out. M$ has worked very hard to make windoze "user friendly" and in doing so has opened so many security holes it hurts. Many windoze users are so used to having their hand held its like they are children and children need protecting.
Wate took advantage of this and should be hung. If he really feels the need to code he should be working on open source software. Its much more productive and actually helps instead of hurts people.
On the other side of things Projects who ignore the user base do so at their own peril. Predictor i believe is one of the older projects and has so little crunching done compared to other projects they may need to look at why sometime. it might open their eyes.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.