informa
/
IT Life
News

Security Flaw Spotted, Fixed In [email protected] Program

The popular distributed-computing app is used to analyze noise from outer space for possible communication signals.
As if more proof was needed that any noble deed can potentially be punished: A security flaw has been discovered in the popular distributed-processing program [email protected], which looks for signs of extraterrestrial communication.

The flaw can result in an attacker gaining information about a [email protected] user's computer. It also can cause a buffer overflow. There are 4.4 million computers running [email protected], the pioneering distributed-processing app created by the organization of the same name. The screen-saver software distributes the process of analyzing space-borne radio signals over a worldwide volunteer network of individual computers.

[email protected] project director David Anderson acknowledged the vulnerability and said he is unaware of anyone being exploited by it. The organization's Web site, setiathome.berkeley.edu/, points to what is being called a "precautionary security" update of the program that addresses the problem. The site credits computer user Berend-Jan Wever with finding and reporting the flaw.

Vulnerabilities like this one might set back "optional" grid-computing programs such as [email protected], says Pete Lindstrom, research director of market-research firm Spire Security, but they're unlikely to hurt acceptance of more formal business-oriented grid computing, which has stronger security and use controls.

[email protected] is like the entertainment-trading site Kazaa," Lindstrom says. "Both are good, but both come with security risks."