tired of "just exclude boinc folder from virus scan"

Message boards : Projects : tired of "just exclude boinc folder from virus scan"
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile Joseph Stateson
Volunteer tester
Avatar

Send message
Joined: 27 Jun 08
Posts: 641
United States
Message 91613 - Posted: 24 May 2019, 15:53:30 UTC
Last modified: 24 May 2019, 15:53:59 UTC

This is just my opinion, but I am getting tired of being told to just prevent the boinc directory from being scanned to fix "false positives". That is like putting a sign outside your home "this is a gun free area". Just tells the bad guys were to go to do their thing.

I lost all Moo! Wrapper work units due to McAfee on a system that I like to keep secure but still on the internet.

I went over to "moo" people and made a wish and was informed that they get their "stuff" from dnetc and I would have to talk to them. So, the "moo" people don't even know what they are downloading to unsuspecting users. The projects need to step up and work with the antivirus folks.
ID: 91613 · Report as offensive
Profile Dave
Help desk expert

Send message
Joined: 28 Jun 10
Posts: 2515
United Kingdom
Message 91614 - Posted: 24 May 2019, 16:46:58 UTC - in response to Message 91613.  

CPDN produces the occasional false positive as well. From memory it is in one of the pieces of code from the met office that the license they have doesn't allow them to change. I can't remember which av program throws it up though.

I agree, that a blanket policy of excluding all BOINC folders from av scans feels risky, especially if one runs multiple projects.

(Spoken as one who only runs Windows tasks under WINE.)
ID: 91614 · Report as offensive
Les Bayliss
Help desk expert

Send message
Joined: 25 Nov 05
Posts: 1654
Australia
Message 91615 - Posted: 24 May 2019, 21:33:08 UTC

To be fair, that message seems to be from an ordinary user, not the Moo people.

Perhaps just accept that for now Moo has a problem, and don't run anything from there.

Your experience must be a disappointment to them, seeing as how they say that one of the biggest improvements in their new App is the newer D.net Client.

(Did come across this in a McAfee post:
1. VirusScan detects a suspicious file for which there is no signature in the .DAT database on your computer.)
ID: 91615 · Report as offensive
Profile Gary Charpentier
Avatar

Send message
Joined: 23 Feb 08
Posts: 2462
United States
Message 91618 - Posted: 25 May 2019, 0:45:41 UTC

Want real fun? Seti@home sends random noise to your computer, unless it is ET. Once in a while random noise will match a virus signature. There is no way short of telling the AV program to ignore the BOINC data folders to prevent FALSE positives.

BTW if you trust the project enough to install the science application then you automatically trust it enough that the data files are just data and not executable code. If you don't, then don't run any distributed computing project.
ID: 91618 · Report as offensive
whynot

Send message
Joined: 8 May 10
Posts: 89
Ukraine
Message 91624 - Posted: 25 May 2019, 15:55:12 UTC

On the bright side -- Unix for all! You can always find (or build) perfect match. Anecdotal evidence -- I have no problems with viruses, anti-viruses, trojans, worms etc etc for decades. Pity, vapourware is still a thing though :(
I'm counting for science,
points just make me sick.
ID: 91624 · Report as offensive
Profile Joseph Stateson
Volunteer tester
Avatar

Send message
Joined: 27 Jun 08
Posts: 641
United States
Message 91625 - Posted: 25 May 2019, 16:48:42 UTC - in response to Message 91624.  
Last modified: 25 May 2019, 17:04:03 UTC

On the bright side -- Unix for all! You can always find (or build) perfect match. Anecdotal evidence -- I have no problems with viruses, anti-viruses, trojans, worms etc etc for decades. Pity, vapourware is still a thing though :(


You could be part of the problem and not even know it! Your Linux box could be part of the problem (or solution, or feature), one of millions of zombie system "bots" inflicting chaos (or fixing, or upgrading depending on the script kiddie ideals) social media platforms all over the free world. (Russia & china are switching to private internet as we converse so bots cant get in there eventually but probably will always get out)

I once thought to myself "whynot (pun intended) stick with my 1976 Zilog Z80 and its CPM) and use it for the next several decades"

One day, a lot of the secretaries got together and told the boss they wanted to stick with electric pencil and not use word perfect as it was too confusing. I liked word perfect myself and agreed with the boss and realized that I also had to go with the flow and my Z80 CPM was replaced.

[EDIT] Yes, I am aware that Raspberry PI boots CP/M but I am not into retro computing.
ID: 91625 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15477
Netherlands
Message 91638 - Posted: 26 May 2019, 15:36:15 UTC - in response to Message 91613.  

The projects need to step up and work with the antivirus folks.
You apparently think there are only a handful of antivirus developers and products. There aren't. This Wikipedia page shows a lot of products and developers. Virustotal.com scans files through 70 antivirus products. Neither BOINC nor the projects have time (or money) to develop, test and retest (every time a bit of code changes) such an option, and therefore it is far easier for you to tell your AV product not to scan the BOINC data directory.
ID: 91638 · Report as offensive
whynot

Send message
Joined: 8 May 10
Posts: 89
Ukraine
Message 91680 - Posted: 1 Jun 2019, 17:48:57 UTC - in response to Message 91625.  


You could be part of the problem and not even know it! Your Linux box could be part of the problem (or solution, or feature), one of millions of zombie system "bots" inflicting chaos (or fixing, or upgrading depending on the script kiddie ideals) social media platforms all over the free world. (Russia & china are switching to private internet as we converse so bots cant get in there eventually but probably will always get out)


Yes, I have evidence. No, I don't participate in The Scary Stuff.

Anyway, if you don't want to join fun side, *and* The Scary Stuff isn't my problem, I'm totaly fine with this.
I'm counting for science,
points just make me sick.
ID: 91680 · Report as offensive
Profile Joseph Stateson
Volunteer tester
Avatar

Send message
Joined: 27 Jun 08
Posts: 641
United States
Message 91681 - Posted: 1 Jun 2019, 18:25:29 UTC - in response to Message 91680.  


Anyway, if you don't want to join fun side, *and* The Scary Stuff isn't my problem, I'm totaly fine with this.


hmm. I failed to put [farcical][/farcical] around my post, my bad.
ID: 91681 · Report as offensive

Message boards : Projects : tired of "just exclude boinc folder from virus scan"

Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.