AndrOINC is a boinc project trying to break a 1024 bit RSA key used by Motorola to sign the boot and recovery partitions on the Motorola Milestone. If this key could be broken, we would be able to sign our own boot/recovery images, which would enable us to run custom kernels and recovery images on the Milestone.

IMHO this is a dubious aim for a BOINC Project. DNETC aims to break an RSA key, but thats with a legitimate competition sponsored by the Vendor. This appears wholey different.

I dont know much about the Motorola Milestone, but it does appear on the surface that the Project aims to break one of Motorola's security features. I could be way wrong of course, and the latter is why I am posting. I will happily stand corrected if I am wrong.

There are no references or Motorola statements to steer this back into clear legitimate territory. At best, it appears to be of questionable Ethical standing without such Motorola statements, and against what BOINC stands for.

Not gunning for them as such, just raising the question at BOINC level about AndrOINC's status and legitimacy of its aims. If a Project with these aims, and no corresponding blessing from the target Vendor is allowed to operate, it destroys BOINC's basic premise on what BOINC stands for.

AndrOINC Project Home Page

Regards
Zy

Use common sense: If you do not trust a project or do not trust what it is doing, then do not run it. Tell your friends not to run it. Bad publicity is a better way of stopping projects like this, than Berkeley saying what their software can and cannot be used for.

And there's the rap, Berkeley cannot dictate what their software is to be used for, as else they'll break the LGPL they run under. Then they're no longer open source software.

With that said, I doubt that this project will make the 'official' BOINC projects list. Just as all of the "we do it for money" projects aren't showing up, nor are the "you pay us" projects.

---

AndrOINC and DNETC are closing down as at end of play 31 Jan 2010

Regards
Zy

AndrOINC and DNETC are closing down as at end of play 31 Jan 2010

2011 actually ;)

Looks like enough donations have been received to keep them both alive though.

Good thing? Bad thing? No idea! :)

Al.

I'm dubious only for the fact that the 512 RSA has only completed around 1% of potential keys. which means it has a good 50 years or more to complete all combinations. a 1024 would exponentially increase the time to completion and really is a long long long term project

I think its a good thing, because the motorola milestone in this case, is a "old" mobile phone and is not saled by Motorola themselfes, so if motorola dont make money with this mobile phone i thing its a right way to break its security features ...


The Motorola Droid for example dont have a crypted key for its bootloader !