:: 18-Apr-2000 14:37 (Tuesday) ::

Two issues: one cool, one trivial…

Apparently, it’s just not very simple to send money from France to the
US. It’s also clear that the Euro as a monetary unit hasn’t yet gained
full acceptance. Regardless, we can now officially close the books on
the CSC project. This morning I picked up a cheque from CS Communications
for 65595,70 B.P.F’s. (No, I’m not altogether sure either, but I’m trusting
that our bank will be able to turn that into USD :)

I’d like to thank CS Communications again for sponsoring the CSC contest,
which turned out to be a fun and exciting project for us.

On a more trivial note, it seems that one or more of the crackers that
we’ve recently had to pull from stats for using the “C Share” worm client
have decided to retaliate in a rather unique way. The most recent variant
of the worm client distribution is spreading clients with *my* email
address in them. Unfortunately, I can’t take credit for the impressive
keyrate on nugget@slacker.com — it’s mostly compromised machines running
the client without the user’s knowledge.

I can’t just yank my own email from stats, obviously, so I need to arrange
a way to strip out the illicit blocks from my stats prior to running each
daily update. Won’t be tough to do; I’ve been delayed from having been
in Atlanta for the past several days.

:: 18-Apr-2000 03:25 (Tuesday) ::

Ok what everyone has been waiting for. We are about to start our beta of
new clients for OGR and RC5. It looks like we have most of the bugs out,
but want to make sure.

We will be looking for your help to find any remaining bugs.

You are probably asking how can I help. Well If you feel up to it and
want to help the following will be happening.

On Thursday April 20th 2000 sometime UTC we will be opening our beta
network and clients to those who wish to help us test. Information on how
to help out with the beta process will be posted on a page that will be
announced on Thursday and can be access from http://www.distributed.net/

We will be making “beta” clients available with instructions for how to
test the client and functionality. These clients will use a time out
period so you will should not install then on machines that you will not
be visiting frequently. Also it is possible that this client version will
be ignored by our current network at sometime. Please only use it on the
beta network.

We have a large number of bug fixes and changes included in this version
so we need you to keep a sharp eye out to see that everything works in
your environment.

For changes check out http://www.distributed.net/download/changes.txt.

I’ll be working hard on all this in the next few days and will try to keep
everyone up to day.

Thank You for your patience.

:: 10-Apr-2000 23:15 (Monday) ::

Thanks to everyone who responded to my request for PDA/AvantGo users in
my last plan. I am no longer accepting emails for help. Thanks to those
who offered.

:: 10-Apr-2000 13:39 (Monday) ::

Olah Gyula, one of our participants, noticed an error with the team summary
pages. If you look at an old team today, it will show they had been active
for 901 days, whereas the main statspage shows that the contest has been
active for 900 days.

To fix this error, I’ve made a change to the statsrun code so that the
number of days a team is working is now based on the first and last days
that the team had blocks submitted. This used to be the difference between
the first day a team had submitted blocks and the day of the statsrun, so
even if a team hadn’t received any blocks for the past month, the number
of days working for that team would continue to increase.

With this change, the number of days working will not increase durring
tonights statsrun (teams that have been working since the beginning of
the contest will show 901 days working again), and teams that havn’t
submitted blocks recently will have their days working count go down
accordingly.

Sorry for the confusion; hopefully this new method will make more sense.

:: 10-Apr-2000 05:56 (Monday) ::

Ok, if anyone out there has a Palm head device (Palm Pilot, Handspring
Visor, WinCE Device) and is subscribed to AvantGo Service
(http://www.avantgo.com/) wants to try something new, send me an email.
(thebigo@distributed.net)

Note: Please don’t email me asking me where or how to get either of these
things as you will be ignored.

:: 08-Apr-2000 23:24 (Saturday) ::

I haven’t said anything in my .plan in quite sometime so I figured I’d
make some sort of announcement. Moonwick and I are currently finishing up
the first part of a series of projects I currently have planned. Stay
tuned to this space in the next day or so for details.

:: 08-Apr-2000 01:48 (Saturday) ::

As an update to my previous plan I thought I would inform those of you
who have open share or who are wondering if you are open to attack.

So with that said, here is some info. You might want to take a look at
http://www.grc.com/ and use the ShieldsUP utility to test your computer
for vulnerabilities and information about how to secure yourself. This
web site has some great info on how secure your machine and info on products
you might want to look into. Follow the sheilds up links and read carefully.

ZoneLabs also has a free for personal-use firewall at
http://www.zonelabs.com/ that you may wish to consider installing. This
product is very easy to use and best of all is free for your personal use.

With this info to read and look at, we should get to the root of the
problem. Open windows shares. You might have thought it a great idea to
be able to share files with your freinds, family, coworkers, and the like.
But when you set up your windows shares, you decided that you wanted these
people to be able to write, change, and share data. So you said no when
windows gave you the option to set a password on the share.

So now you can share your files with others without needing them to know
a password. Great! Wrong! You have now completely opened your computer to
anyone who has net access to you. You should consider the need for shares.
If you do not need share at all, turn them all off. If you need to just
make info available to people you might consider sharing a single folder
and making it read-only. If you need to share data and need someone to
alter that data, you might want to consider sharing a single folder and
password protect that share. After that you should remove all share that
you do not need.

So what do you do to close your shares? Well first of all, you can shut
your shares off buy going to Control Panel–>Network and turn off file
sharing, or unbinding it from the TCP/IP interface totally.

If you think you were infected please contact help@distributed.net

Well I hope I didn’t bore you too much.

:: 07-Apr-2000 16:26 (Friday) ::

OK, I know I’m supposed to be getting OGR stats working, but I couldn’t
stand it any longer.

I’ve made some tweaks to the RC5-64 stats processing to eliminate some
unnecessary bottlenecks and resource usage. Things like eliminating
“distinct” in the same query with “group by”, since “group by” will return
distinct groups anyway. And like updating three fields at once instead of
three separate queries.

Also, I changed the ranking scripts so, in the case of a tie for rank,
the newest participant (largest id) will be listed first. This should
allow new members to see themselves in the ranking list sooner. Before,
they were sorted low-to-high ID.

Apart from the sorting, the only visible impact should be a slight (and
I do mean slight) increase in processing speed.

On a personal note, I wanted to apologize that the OGR stats are taking
so long. The rewrite is turning out to be more involved than I thought.
I’m trying to control the scope-creep, and also juggle my time with work
and now, buying a house. I have been making inroads, but I’ve still got
some work before we can start testing.

Thanks for your patience, and for all the cycles!

:: 03-Apr-2000 20:44 (Monday) ::

It has come to our attention that a user has been using a derivative of
the back orifice VBScript/open windows share hole to install the
distributed.net client on unsuspecting machines. The basic hole is described
at http://vil.mcafee.com/vil/vbs98477.asp, where the user attaches to an
open share and places the VBScript on the users hard drive for execution
on the next reboot and installs the executable and configuration files.
After infection the trojan attempts to find other insecure machines to
install itself on.

Infections can be verified by looking for a network.vbs and a
microsoft_office.lnk in the Startup folder. The dnetc.exe and dnetc.ini
files will be present in the c:\windows\ directory, and a network.log is
frequently found in the root directory (c:\).

We are still working to track down the user responsible for this act.
Information is still being gathered at this time.

It is against distributed.net policy to install and run the distributed.net
client on machines where authorization has not been given. Please see
http://www.distributed.net/legal/policy.html for our policy concerning
usage of the distributed.net client.

Users should be aware that this attack is not specific to distributed.net.
This attack can be used to install any software on a users workstation,
such as Back Orifice or any other application. This attack depends on
finding machines that have open (no password is set) Windows Network
Neighborhood shares. Users should disable file and printer sharing if
possible, and if not, ensure that all of their shares are password
protected.

:: 01-Apr-2000 20:54 (Saturday) ::

“Ich bin drin.”