The flaw can result in an attacker gaining information about a [email protected] user's computer. It also can cause a buffer overflow. There are 4.4 million computers running [email protected], the pioneering distributed-processing app created by the organization of the same name. The screen-saver software distributes the process of analyzing space-borne radio signals over a worldwide volunteer network of individual computers.
[email protected] project director David Anderson acknowledged the vulnerability and said he is unaware of anyone being exploited by it. The organization's Web site, setiathome.berkeley.edu/, points to what is being called a "precautionary security" update of the program that addresses the problem. The site credits computer user Berend-Jan Wever with finding and reporting the flaw.
Vulnerabilities like this one might set back "optional" grid-computing programs such as [email protected], says Pete Lindstrom, research director of market-research firm Spire Security, but they're unlikely to hurt acceptance of more formal business-oriented grid computing, which has stronger security and use controls.
[email protected] is like the entertainment-trading site Kazaa," Lindstrom says. "Both are good, but both come with security risks."