Hey,

I've recently joined this wonderful world of BOINCing. It really is great stuff. I have had many discussions about it since I started heavily into it the last month. The first thing everyone asks me is "and what else are they doing with your computer?" I can't give a knowledgeable response. I do not know what safeguards are in place to ensure I won't get viruses or someone won't hijack my computers to spam emails. Is there a succinct FAQ that covers this topic?

TYVM

I don't think there is a FAQ anywhere specifically about this. But you could ask your friends to consider the following:

* There are dozens of BOINC-related forums, some of which have been in existence for years. If anything untoward of any type happens, you can be pretty certain it will be publicly discussed on at least one forum.

* BOINC code is open-source and discussed publicly. A number of ordinary crunchers contribute to the code. Everything they contribute is overseen by professional programmers at the University of California in Berkeley. We know who these people are.

* The same people post publicly on the BOINC email lists and can be contacted.

* New BOINC versions are always tested before public release.

* The big projects also test new versions of their workunits before public release.

* BOINC offers a list of recommended projects. These are projects whose administrator(s) are known to Dr David Anderson, the founder of BOINC, and whose security measures he is satisfied with.

* Dr Anderson, the other Berkeley programmers, and many project programmers/administrators speak at public meetings. Some of us have met some of them in person.

* More than a million people have downloaded BOINC. To my knowledge not a single BOINC download has ever been reported as carrying a spam/virus/trojan payload.

* All BOINC project administrators and moderators advise their members to keep their normal security measures in operation and up-to-date (firewall, AV, Spybot, Adaware etc).

* Few other downloads over the internet can possibly be used by so many people who are professional programmers.

* Many of the big projects are run by or at universities. Their programmers/administrators are employed by these universities. One group of projects is supported by IBM. It is not in the interests of any of these institutions to recommend or use software that has not proved to be secure.

* Strict measures are in place to protect project members' personal details eg email addresses. This is the case both in members' project registrations and on the forums.

* If any malware were ever found to be associated with BOINC or any of the project workunits, I expect we would be informed within hours (if not minutes) by the people at HijackThis or Spybot who generously provide malware-identification services for the public.

* BOINC and the projects are for volunteers who actually have to contribute their computer time, expertise and the cost of the extra electricity. I can see no scope in it for making money or profit.

Thanks.

All well and good. Definately ammunition for discussions.

As a programmer myself, some of what you said still concerns me. After all, it is my job to be paranoid 8-] Opportunities must exist for rogue coders to do malitious things. I'm sure the architects do have an eye on things, but it would be such a travesty should someone gain and use access for less than noble purposes. The science would take a huge step back.