Month: December 2006

BOINC Q&A — 22/12/06

During the install of BOINC as a Windows service, you are required to enter an account which will be used to launch the BOINC service. Why do you need this? I can manually convert the service over to “Local System” without requiring credentials at all and it still seems to work OK.

“LocalSystem” is a special account, it has more permissions on the system then even the administrator account.

My goal in setting up the installer that way was to try and get people to be a little more paranoid about which account they were going to use as the service account.

For instance if you use your computer to track your finances you probably don’t want to be running BOINC using the LocalSystem account. Even if you initially removed permissions from your financial records for the LocalSystem account any process running under that account can take ownership of those files and read them anyway.

We actually talked about the whole trust thing at the conference, how do we as a community know if a new project is trust worthy? How do we know their application is doing what it claims to be doing?

As an off shoot of that conversation, how do we minimize the damages a potential project can cause on a computer system? The most obvious answer is don’t run as LocalSystem/Administrator/root.

The safest way to run BOINC as a service is to create a limited user account just for the BOINC service.

—– Rom

My stuff is here…. :)

Well my stuff arrived yesterday, I’m a pretty happy fellow right now. I got my main development machine hooked up yesterday and it booted without a problem the first try.

It feels really good to be using a desktop machine with an actual office chair. Those hard wood chairs people use for dinner table chairs hurt after an hour or so.

I would be dancing right now, if I really knew how to dance. 🙂

—– Rom

Back on the air…

Comcast doesn’t have the same type of High-Speed Internet access across the country.

Granted Adelphia was just acquired by Comcast, and so I’m dealing with a bunch of different people who either call themselves Comcast reps or Adelphia reps depending on if that department has converted yet.

In order to get my web services back online, I had to upgrade to a commercial account.

My stuff is supposed to arrive tomorrow.

Things are looking up.

—– Rom