Re: intent of package seti@home
Kevin Dalley writes:
> SETI@Home wants to know whether a given piece of data has been analyzed.
> You don't need a Cray to send billions of "nobody's home message".
You also don't need a Cray to reverse-engineer the client and figure out
the protocol. seti@home is very naive if they think that witholding the
source will protect them. They are using an unreliable network of
unreliable and untrustworthy computers. The sensible defense against this
sort of attack as well as other false negatives is to send each piece of
data to several clients, and only consider it analyzed when they receive
several sets of identical results back.
> My old 486 could send back many possibly false negatives, downloading new
> data and immediately turning it around with negative results.
And if their software is any good that client will be marked bad and all
its results ignored. Time stamping each piece of data and rejecting
clients that produce impossibly quick results is an obvious and easy bit of
validation.
--
John Hasler This posting is in the public domain.
john@dhh.gt.org Do with it what you will.
Dancing Horse Hill Make money from it if you can; I don't mind.
Elmwood, Wisconsin Do not send email advertisements to this address.
Reply to: