How secure is my machine when running R@h?

Message boards : Number crunching : How secure is my machine when running R@h?

To post messages, you must log in.

AuthorMessage
Guilherme Silberstein

Send message
Joined: 8 May 20
Posts: 2
Credit: 0
RAC: 0
Message 96263 - Posted: 8 May 2020, 13:37:44 UTC - in response to Message 90915.  

Dear Mr Baker!

Congratulations on the Fold It and R@H project! I work in a consultancy and possibly, with thousands of people working from home, there is spare computing capacity on-site the corporate world, including several of my clients which might be interested in sharing this extra capacity. Would it be possible to arrange a virtual meeting with someone from your team to understand the security of the solution as well as which are the statistics of completions of protein folding by chip type (ARM vs Intel vs AMD, etc)? How much computing power you predict is necessary or is your goal (comparing with other successfully developed proteins)?

Thanks!
Guilherme
P.S. I´m running R@H balena install on a Raspberry 4, with 4GB RAM, seems to have taken 1 day to complete 1 of the 4 tasks.
ID: 96263 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Mod.Sense
Volunteer moderator

Send message
Joined: 22 Aug 06
Posts: 4018
Credit: 0
RAC: 0
Message 96264 - Posted: 8 May 2020, 13:57:01 UTC
Last modified: 8 May 2020, 15:07:51 UTC

What are you getting at with the phrase?
...statistics of completions of protein folding by chip type


The computing power is a need over the extended period of time. There is no one fixed pile of work that needs to be done. There are discoveries to be made, and you have to continue until you find them.
Rosetta Moderator: Mod.Sense
ID: 96264 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Raistmer

Send message
Joined: 7 Apr 20
Posts: 49
Credit: 797,293
RAC: 0
Message 96274 - Posted: 8 May 2020, 18:59:18 UTC - in response to Message 96264.  
Last modified: 8 May 2020, 19:00:46 UTC

What are you getting at with the phrase?
[quote]...statistics of completions of protein folding by chip type

Perhaps something like this:
https://setiathome.berkeley.edu/cpu_list.php
or
https://setiathome.berkeley.edu/apps.php
ot this
https://setiathome.berkeley.edu/host_stats.php
ID: 96274 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Ray Murray
Avatar

Send message
Joined: 22 Apr 20
Posts: 17
Credit: 270,864
RAC: 0
Message 96277 - Posted: 8 May 2020, 19:38:32 UTC - in response to Message 96274.  
Last modified: 8 May 2020, 19:40:14 UTC

Guilherme,
Is this what you're looking for? https://boinc.bakerlab.org/rosetta/cpu_list.php from the dropdowns at the top of the page Computing/Statistics/CPU models.
On security;
Boinc, or any other Boinc user, doesn't have access to anything on your computer. Even the information about it is limited to OS, CPU type, amount of memory, and how many and which tasks it has running or run. You can see more info on your hosts than others can see. Compare what you can see of your own with what you can see about mine.
If you are worried that it will overtax your machine, you can limit the number of core assigned to Boinc. I always like to leave 1 core free, particularly when I am new to a project, so I can gauge the impact on the system without the danger of it falling over.

Hope that's helpful.
ID: 96277 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
sgaboinc

Send message
Joined: 2 Apr 14
Posts: 282
Credit: 208,966
RAC: 0
Message 96293 - Posted: 9 May 2020, 5:57:58 UTC
Last modified: 9 May 2020, 6:06:21 UTC

it is pretty secure, i.e. only the boinc-client contact the server, not the other way round.
ID: 96293 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
mikey
Avatar

Send message
Joined: 5 Jan 06
Posts: 1895
Credit: 9,169,305
RAC: 3,400
Message 96306 - Posted: 9 May 2020, 12:38:44 UTC - in response to Message 96293.  

It is also important to remember that Boinc only accesses one set of Directories on your pc, nothing else, and every Project is as concerned about viruses as you and your customers are so actively check everything all the time. There are instances that a pc may flag something as 'virus like' but that's because of the way Boinc works not that it's an actual virus. The way around those false positives is to exclude the Boinc directories from your a/v scanner, any REAL virus will try and get to other directories on the pc and get caught by your a/v while any false positives within the Boinc directories will be ignored. Boinc sends info back and forth to the same Project IP address all the time, the Heuristic way of scanning can sometimes see that as 'virus like' as someplace collecting your data and flag it.
ID: 96306 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Mod.Sense
Volunteer moderator

Send message
Joined: 22 Aug 06
Posts: 4018
Credit: 0
RAC: 0
Message 96311 - Posted: 9 May 2020, 14:59:58 UTC

One method to assure that a BOINC project cannot modify anything outside of the scope of the project on your machine is to run BOINC in a sandbox.
Rosetta Moderator: Mod.Sense
ID: 96311 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
William Albert

Send message
Joined: 22 Mar 20
Posts: 23
Credit: 1,069,070
RAC: 99
Message 96319 - Posted: 10 May 2020, 0:04:44 UTC - in response to Message 96311.  

One method to assure that a BOINC project cannot modify anything outside of the scope of the project on your machine is to run BOINC in a sandbox.


While account sandboxing is a great feature, and can be used without downsides on most platforms, it should be noted that sandboxing on Windows prevents BOINC from using the GPU.
ID: 96319 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
sgaboinc

Send message
Joined: 2 Apr 14
Posts: 282
Credit: 208,966
RAC: 0
Message 96326 - Posted: 10 May 2020, 5:19:33 UTC

imho actually it is easier to be hit by a virus / spyware / tracker simply surfing the web with a web browser than running r@h.
javascript is deemed a 'attack surface' with no url boundaries with cross site scripting
ID: 96326 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Guilherme Silberstein

Send message
Joined: 8 May 20
Posts: 2
Credit: 0
RAC: 0
Message 96405 - Posted: 12 May 2020, 21:15:55 UTC - in response to Message 96274.  
Last modified: 12 May 2020, 21:18:25 UTC

Thanks to all that responded!

Is anyone aware of companies that install BOINC to run R@H out of office hours in their main office desktops or data-centers spare capacity? or, as the name would say, this is only meant for home usage?

Best Regards,
Guilherme
ID: 96405 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
William Albert

Send message
Joined: 22 Mar 20
Posts: 23
Credit: 1,069,070
RAC: 99
Message 96409 - Posted: 12 May 2020, 22:16:51 UTC - in response to Message 96405.  

Is anyone aware of companies that install BOINC to run R@H out of office hours in their main office desktops or data-centers spare capacity? or, as the name would say, this is only meant for home usage?


We utilize some of our otherwise-unused data center capacity for BOINC projects like Rosetta, but machines used for this purpose are dedicated toward it; we don't mix BOINC and non-BOINC workloads on the same machine. We also take other hardening steps, like secure erasing disks before being used in machines that run BOINC, and keeping BOINC machines outside of our internal production networks.

That being said, I wouldn't recommend using shared office PCs for BOINC, for security and performance reasons.
ID: 96409 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Grant (SSSF)

Send message
Joined: 28 Mar 20
Posts: 1681
Credit: 17,854,150
RAC: 20,118
Message 96425 - Posted: 13 May 2020, 6:09:24 UTC - in response to Message 96405.  

or, as the name would say, this is only meant for home usage?
It's for any one, home or business, to use.
Grant
Darwin NT
ID: 96425 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
Profile Ace Casino

Send message
Joined: 16 Jul 07
Posts: 18
Credit: 14,027,021
RAC: 11,595
Message 96442 - Posted: 13 May 2020, 15:25:15 UTC

At least one person used a whole school district.

Just ask NEZ from SETI@home......lol.....can't stop laughing!
ID: 96442 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote
mikey
Avatar

Send message
Joined: 5 Jan 06
Posts: 1895
Credit: 9,169,305
RAC: 3,400
Message 96486 - Posted: 14 May 2020, 13:10:00 UTC - in response to Message 96405.  

Thanks to all that responded!

Is anyone aware of companies that install BOINC to run R@H out of office hours in their main office desktops or data-centers spare capacity? or, as the name would say, this is only meant for home usage?

Best Regards,
Guilherme


My former employer who had over 10k pc's was working on using a sandboxing method of running Boinc but the local power company offered to pay them to shut down the machines at night instead of expanding their power generation efforts so it never happened. The basic ideas was that at 8pm, after 99% of employees were gone, the pc would pop up a message saying 'if you don't want the machine to reboot click the mouse or keyboard within 60 seconds', if no one clicked anything then the machine would auto reboot into a sandboxed setup for Boinc, it would be get a unit, finish it and get another unit, no cache at all. Then at around 4 am it would stop getting new tasks and once it recognized it was no longer crunching it would reboot back to the normal everyday screen for the users to do their daily work.
ID: 96486 · Rating: 0 · rate: Rate + / Rate - Report as offensive    Reply Quote

Message boards : Number crunching : How secure is my machine when running R@h?



©2024 University of Washington
https://www.bakerlab.org