Changes between Version 1 and Version 2 of SecurityIssues


Ignore:
Timestamp:
Sep 23, 2007, 12:18:34 PM (17 years ago)
Author:
Didactylos
Comment:

Typos

Legend:

Unmodified
Added
Removed
Modified

  • SecurityIssues

    v1 v2  
    3838 Each project must address theft of private account information (e.g. email addresses) using conventional security practices. All server machines should be protected by a firewall, and should have all unused network services disabled. Access to these machines should be done only with encrypted protocols like SSH. The machines should be subjected to regular security audits.
    3939
    40  Projects should be undertaken only the organizations that have sufficient expertise and resources to secure their servers. A successful attack could discredit all BOINC-based projects, and public-participation computing in general.
     40 Projects should be undertaken only by organizations that have sufficient expertise and resources to secure their servers. A successful attack could discredit all BOINC-based projects, and public-participation computing in general.
    4141
    4242'''Theft of participant account information by network attack'''
    4343
    44  Attackers sniffing network traffic could get user's account keys, and use them to get the user's email address, or change the user's preferences. BOINC does nothing to prevent this.
     44 Attackers sniffing network traffic could get a user's account key, and use them to get the user's email address, or change the user's preferences. BOINC does nothing to prevent this.
    4545
    4646'''Theft of project files'''