Message boards : Projects : Suggestion: A way to bundle projects with other applications
Message board moderation
Author | Message |
---|---|
Send message Joined: 27 Jan 11 Posts: 2 |
I'm not sure if this is the right sub-forum for this, if it's not feel free to move it... I thought to share an idea, I was thinking that it would be nice if there was a tool, or simple API that would allow developers to include a BOINC projects very easily with another application they are developing. I don't mean an API to create BOINC projects (I know this exists), but a tool or API to bundle existing projects with other applications. For example, lets say someone develops a web browser application. The developers of this software would like to help distribute a certain BOINC project ( or more than one), so they will use this tool or API which will bundle BOINC + the preferred project with the installation of the web browser. When the user install the browser, they would be asked if they agree to give such and such idle CPU time to help this project, and if they agree, it will install BOINC and attach it to the project along with the browser. The users not need to register. Perhaps the registered user would be the developer of the browser. This could be useful in several ways: 1) Help distribute projects to a much vaster number of computers. 2) It might serve to support software development projects, for example, an open source application development team may be able to receive funding from a university to include its project with the application. Oded Streigold. |
Send message Joined: 8 Jan 06 Posts: 448 |
The first thing that came to mind was that this would be a major security risk. Boinc being open source, someone could easily modify the code and use it as a Trojan horse and set up a project with malicious intent. Boinc V 7.4.36 Win7 i5 3.33G 4GB NVidia 470 |
Send message Joined: 27 Jan 11 Posts: 2 |
Thanks for the reply, I'm not a security expert, but I suppose it's possible to solve such issues, for example it could be decided that projects bundling BOINC would be required to be downloaded from a BOINC supervised repository, and they could only use BOINC as a dynamic lib, and moderators can check if the lib was modified using a digest. In any case, some creativity can come up with solutions for such security problems. But more importantly, it should be noted that any software can disguise itself as legitimate, but in fact be a Trojan. It doesn't have to be an open source project. The legitimacy of software in the eyes of users is created by the reputation of the software. For example, people feel safe downloading the newest version of Firefox, because it has a good reputation. I don't think that it would be different if BOINC projects would be bundled with the software. For example, if Firefox was bundled BOINC with World Community Grid running FightAIDS@Home, I don't see how that could be security risk. Oded Streigold. |
Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License,
Version 1.2 or any later version published by the Free Software Foundation.