[PLUG] Folding at home
Mike C.
mconnors1 at gmail.com
Wed Apr 22 04:42:17 UTC 2020
>
> Avast antivirus suggests installing Folding at home module to effect
> distributed computing to analyze covid proteins. It warns compute
> intensity, running hot, and high electric use, advises run at night.
> Seeking opinions on installing Folding at home
> especially security risks, etc.
> Your thoughts ??
>
I was curious about your inquiry and so I went a Googling. I didn't find
very much info on security/privacy issues with installing & running
Folding at home.
I did find out that the F at H client isn't fully open-source so there hasn't
been any code security reviews/audits done.
The only security related info I found was on F at H's FAQ page:
https://foldingathome.org/support/faq/miscellaneous/
What about security issues?
We have worked very hard to maintain the best security possible with modern
computer science methodology. Our software will upload and download data
only from our data server here at Stanford. Also, we only interact with FAH
files on your computer (we don’t read, write, or transmit any other files,
as we don’t need to do so and doing so would violate our privacy policy).
The Cores are also digitally signed (see below) to make sure that you’re
getting the true Stanford cores and nothing else.
How is this possible? We take extensive measures to check all of the data
entering your computer and the results we send back to Stanford with 2048
bit digital signatures. If the signatures don’t match (on either the input
or the output) the client will throw away the data and start again. This
ensures, using the best software security measures developed to date
(digital signatures and PKI in version 3.0), that we are keeping the
tightest possible security. Finally, the clients are available for download
only from this web site (or in certain cases, also from our commercial
partners such as Sony, NVIDIA, and ATI), so that we can guarantee the
integrity of the software. We do not support Folding at home software obtained
elsewhere and prohibit others to distribute the software."
More information about the PLUG
mailing list