On Thu, Nov 01, 2007 at 11:30:06AM -0000, Cornwall, LA (Linda) wrote:
>
> Having said that, it is encouraging that when someone is trying to break
> RSA codes it got noticed by sites and the activity was stopped by many.
> This means I hope that if a user were to try and break codes in a more
> malicious way, e.g. to break a bank's certificate there is a fair chance
> it would be spotted. :-)
Being the one that noticed the job I can say that I don't see anything
encouraging :( I did notice the job *more than a month ago* and because
I got distracted with the security of it's pilot job nature I didn't
even look at what it was tryning to do. Then again nobody else noticed
anything either.
I am very disappointed, if the user had taken some easy steps (just
changing the names of the binary/files) I don't think that it would have
been spotted *ever*.
If I start sumbitting jobs tomorrow called CancerGeneSolveB3F910c with
inputs geneXXXXX for example who can tell that I am not cracking
certificates? Well since I am in dteam and not biomed I'll have to
think of a different name but believe me *nobody* will notice anything
wrong.
Given this if we don't have hard penalties for a missuse we'll be
encouraging users to abuse the system.
Kostas
|