NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2003-q2

[ISN] Security flaw hits SETI

home

From: InfoSec News (isnc4i.org)
Date: Mon Apr 07 2003 - 03:47:19 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://news.zdnet.co.uk/story/0,,t278-s2133025,00.html

Patrick Gray
ZDNet Australia
7th April 2003

The flaw means that an attack could target any of the distributed
computing project's millions of clients around the world A security
vulnerability has been found in SETIhome, the software used by
millions of Internet users to search for extraterrestrial life.

The flaw has been found in both the SETI (Search for Extra Terrestrial
Intelligence) client and server software. According to an advisory,
the successful breach of the main server could result in the
compromise of all SETIhome clients.

"Do understand that successful exploitation of the bug in the server
would offer a platform from which ALL SETIhome clients can be
exploited," it says.

The SETIhome project uses distributed processing to analyse
radio-telescope data. The client software, in the form of a screen
saver, downloads raw data collected by the telescope and scours it for
intelligent signals embedded in it.

This type of number crunching is computationally intensive, but with
around 4.3 million users, the researchers are able to make the most of
the world's idle processing power. The SETI Web site explains the
logic: "While you are getting coffee, or having lunch or sleeping,
your computer will be helping the Search for Extraterrestrial
Intelligence by analysing data specially captured by the world's
largest radio telescope."

Users of the software can download a patch here.

Melbourne based web designer Sean Rainey has used the SETI client for
about two years.

He joked that intelligent extraterrestrials may have used the
vulnerability already in order to smudge the project's findings. "It's
clear as day," he told ZDNet Australia, "they're quite happy just
being left alone."

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]