Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Space

SETI's Anti-Cheating Strategy 108

Posted by michael from the lots-and-lots-of-proctors dept.
mtDNA writes: "There's an article in the New York Times about the strategies SETI is using to avoid fraudulent reports. One trick they're using is multiple analyses of the same data. Another strategy is the use of "ringer" data, where they send you fake data for which they know the results." One of the researchers has several postscript papers on his home page - Incentives for Sharing in Peer-to-Peer Networks, Uncheatable Distributed Computations, Distributed Computing with Payout. In related news, ProcessTree apparently sent out an email to participants indicating it is closing up shop, so although SETI seems to be chugging along, the idea of distributed computing as a business model is perhaps a bit premature.
This discussion has been archived. No new comments can be posted.

SETI's Anti-Cheating Strategy More

SETI's Anti-Cheating Strategy

Comments Filter:

  • Active punishment? (Score:1)

    by Anonymous Coward
    The problem with anti-cheating measures is that there's little downside to getting caught. The cheater simply creates another account and tries something else.

    Eventually these projects are going to go to identity-based security, and the feds will be only to happy to issue Internet Driver's Licenses.

  • Article text (Score:1)

    by Anonymous Coward
    (not only do you have to register, bastards have POP-UP windows now : )

    May 24, 2001

    The Search for E.T. Yields Earthly Cheats

    By J. D. BIERSDORFER

    THE SETI@home program, the distributed computing project that harnesses the power of
    personal computers to look for signs of extraterrestrial intelligence, signed up its three
    millionth user last week. SETI, which began in 1999, has quickly become the most popular
    public computing project of all time.

    But what may appear to be the search for E. T. phoning home has sometimes turned out to be
    the signals of people cheating the project by falsifying results. Unfortunately for the dishonest,
    Philippe Golle and Ilya Mironov, both doctoral students in the computer science department at
    Stanford University, have come up with a set of security schemes that can help thwart those
    trying to claim computing work that they did not actually complete.

    "It is worth bearing in mind that it takes only one talented or lucky hacker to potentially ruin a
    distributed computation," Mr. Golle wrote in an e-mail message.

    In their recent paper, "Uncheatable Distributed Computations," Mr. Golle and Mr. Mironov
    explain how to verify that the work has been done, by inserting special checkpoints, or
    "ringers," into a unit of distributed data. If the data is returned to the sender without the
    purposely planted material among the results, the organization knows the data was not
    processed and the user is trying to cheat.

    The idea that someone might cheat SETI@home is almost as shocking as the actual discovery
    of little green men would be. SETI@home is a typical example of a large-scale, Internet-based
    distributed computing project: users donate their computers' spare processing time by installing
    software to crunch data from Arecibo Radio Observatory and return the results to the sender.

    The SETI@home people were well aware that some participants might cheat, whether by
    tampering with the data file they were given to process or hacking the program's settings.
    Although fewer than 1 percent of the work units appear to have been tampered with, Dr. David
    Anderson, the project coordinator for SETI@home, estimated that there had been some months
    during the project when half of its resources were devoted to smoking out cheaters.

    "What we ended up doing," Dr. Anderson said, "for a variety of reasons, is to process each
    piece of data several times and wait until all the results get back and compare them."

    The SETI project relies on unpaid volunteers; the cheaters seem motivated purely by a desire
    to get a high user ranking on a project Web page. Dr. Anderson said it was fairly easy to reject
    work submitted by cheaters and to cancel their SETI@home accounts, even though the cheaters
    could get other accounts.

    The potential for cheating is increasingly worrisome as commercial distributed computing
    ventures that offer cash or credit to participants, like Ubero (www.ubero.net), become more
    commonplace.

    "As soon as you offer any kind of incentive, you will invite cheating," said Armin Lenz, a
    former executive at a commercial distributed computing company who is familiar with the need
    for security in online projects. "Be it stats, money or giveaways -- it is just human nature to try
    to get things the easy way."

    In the case of SETI@home, a bigger concern is not that the data unit returned by a user was
    completed or not, but that the result returned was accurate and free of incorrect results from
    tampering or faulty user hardware. "The challenge of being absolutely confident that that result
    is the output of that program and not something else is really, really hard," Dr. Anderson said.
    "The stuff that those guys from Stanford have done -- it doesn't exactly solve that problem, but
    it's a a way of verifying that at least their computer did all the work it was supposed to do. It
    still doesn't guarantee that the answer they give you back is correct."

    Along with Stuart Stubblebine, a vice president at CertCo Inc., an online security firm, Mr.
    Golle has also written a paper called "Distributed Computing With Payout" that complements
    his work with Mr. Mironov and discusses methods to streamline redundant computing for those
    who do not have a surplus of resources.

    "The trick is that while most tasks are only ever assigned once in our scheme, some tasks are
    assigned twice or more, so that it is never possible for a participant to determine when it is
    safe to cheat," Mr. Golle explained. (For those wanting to read them, both papers are available
    on the Web at crypto.stanford .edu/~pgolle.)

    While commercial distributed computing operations may want to incorporate the work of Mr.
    Golle, Mr. Mironov and Mr. Stubblebine into their security measures, at least SETI@home can
    rely on its millions of users to help cross-check results and make sure that any potential
    discoveries are really from authentic aliens, not the ethically alienated.
  • Ah, I love reading Slashdot, it always has the best disinformation! Not two articles away from the big discussion on the Human Extinction Project to boot. What a great website!

    Down that path lies madness. On the other hand, the road to hell is paved with melting snowballs.
  • There's nothing illegal about cheating SETI with fake results. It's not like they're processing IRS forms. What are they gonna charge you with?
  • There are plenty of legal avenues that could be used.

    It hardly seems worth pursuing, even to make an example. A criminal case requires proof (unlike, say, a lawsuit, where the most expensive lawyer wins), which means malice must be proven. If a hacked client is not found (or even if it is, maybe it was downloaded unknowingly from a rogue site) the user will of course plead ignorance, and well, whatcha gonna do then? Such a defense would be valid (and expected), only when it comes to stolen goods is ignorance irrelevant.

    So you have a point, there are always ways to get someone for something if you believe they're doing something bad, but it's not always feasible.

  • I suggest coding up some of William Gibson's "Black Ice", using confirmed cheaters as test subjects.

    Solve the cheating problem =AND= the population crisis at the same time.

  • To prevent cheating... (Score:4)

    by jd ( 1658 ) <imipak@ y a hoo.com> on Thursday May 24, 2001 @06:07AM (#201335) Homepage Journal
    ...You simply remove any incentive to cheat.

    William Gibson's "Black Ice" should do nicely. Failing that, slice or dice the data in multiple directions and compare results.

    (The "different slices" is important, to ensure that you aren't trying to validate one modified client against another.)

    Let's say that you have a grid of data, N x M x B (where N, M is the data, and B is the number of bits per word for that data.)

    The probability that one modified client is doing the rounds, and will be encountered again by chance, is non-zero. It's not high, but it's high enough that nobody is releasing their client code in a hurry.

    On the other hand, you've three simple slices you can do (along each axis), and any number of more complicated ones. That means that you have to hit the correctly-modified client for the slice you've picked, for each slice in each axis, for the data to be marked "valid". Any failure by any one client to return a result that confirms the other 16 clients that would overlap with it, would signal a bogus client.

    With that much redundancy, you could also simply have "client voting". The results that are returned identically by the most clients (in excess of some threshold), regardless of the direction of slice, could be regarded as "true", with a reasonable degree of certainty. (Sure, it's not 100%, but that's the price you pay for having a society that rewards the greedy and the ethically sick.)

    Of course, if you want to go one stage further, there's nothing to stop you "dicing" the data. Instead of taking a single slice through the data, you take random, small chunks from all sections, and feed them in a random order to the client. Again, the server re-constitutes the "valid" results, by merging together the results from multiple clients, taking the generally-accepted results as "correct".

    This would mean that, instead of needing 20+ clients, all with suitable code for cheating "correctly" along each slice, you now need !(N x M x B)/(Size of chunks) such clients. The values don't have to be large to make this a virtual impossibility.

    If you then only credit "confirmed" units (whether "slices" or "chunks"), since cheating becomes impractical, short of a global Internet conspiracy which also included the researchers, nobody is going to bother modifying the clients in any way which produced inaccurate results.

    They =MIGHT= modify them to produce faster, accurate results. But, in that case, who bloody cares? I'm not going to object to someone handing round an honest, genuine client that can plow through 10 times as many blocks in a second, and still deliver the true results back to the central system. And, if the scientists were being honest to themselves, I doubt they would, either. PROVIDED the results could be guaranteed.

    And that gets back to why independent result reviews, using slicing, dicing, or some other method of producing non-duplicate data sets, is very important.

  • I can see it now, some geek going up to a girl to impress her with his falsified SETI numbers).

    Somebody who believes in extraterrestrial intelligences can believe in SETI-impressionable girls.
    __
  • Distributed Science Newsletter
    May 2001

    Dear ProcessTree Network suppliers,
    It is with sadness that I have to announce that this will be the last newsletter you receive from Distributed Science, Inc.

    etc etc etc...

    We will diligently negotiate the sale of the supplier database, with emphasis on the privacy policy under which you signed up. As soon as we came to a result, the new owners will be informing you about any changes they might plan, including an opt-out for those concerned about their privacy under new management.

    EEP!

  • Having a closed source client is not the solution. Cryptography is the solution. Here's how:

    1. For each quantum of the distribution calculation in the range you have been assigned store one or more bits of evidence for the result.

    2. Calculate a Merckle hash tree of this evidence vector

    3. Use cryptographic hashes of the tree root to "randomly" select 64 leaves of the tree

    4. Transmit the branches leading to these leaves as proof that you have performed the full calculations

    To verify, the server verifies the hash chains of the branches, the randomly selected challenges and verifies the evidence for the selected leaves by repeating the calculation for a very small subset (64) of the assigned range.
    You cannot create this evidence without performing virtually all of the calculation assigned to you.

    You can still cheat by finding the solution and not reporting it, but there is no incentive to do this.

    -

  • I assume you mean the largest single telescope in the world?

  • I received ProcessTree's email yesterday, and when I opened it, it was nothing but an html attachment.

    So I trashed it.

    If someone doesn't have the courtesy to put at least a "please read the attached letter for a very important announcement" in the plaintext portion of an email, I don't read it. Assuming we all use either a Microsoft or a Netscape client for our email belies some kind of ignorance or arrogance, or both.

    And those qualities are also probably also the reason they're failing.

  • Re:Already a business model (Score:3)

    by Lumpy ( 12016 ) on Thursday May 24, 2001 @06:12AM (#201341) Homepage
    Umm no you are actually quite wrong.

    Render programs are free. (povray for example, many many Excellent CG films have came out of povray. Just check the Intertnational Raytracing Competition pages)

    Yes some render programs cost exorberant and insane prices, but places like pixar have programmers that write the software, and most good animation houses have their own programmers, so your cost per copy goes from $30,000.00 from the development of the first one to $0.00 for every copy thereafter. (dont give me any crap that there is a cost associated with the copies afterwards, that is pure bullcocky)

    Do you think that lucasfilms goes to "CG-R_US" and buys a new effect? nooo, they create it, and then they can use it on 94,999 computers for free.

    CG is cheap, and distributed processing (possible in POVRAY for a really long time now) is also cheap.
  • If people are cheating to gain fame, then the fear of of being ridiculed in public after they are caught cheating would probably be effective.

    I wouldn't recommend doing this. In practice, negativity and bad will, even when justified, often backfires injuring the issuer.

  • They'd have to do the same for someone who reports a miss. Oh, wait, they already do that.

  • Maybe I'm not thinking of the same thing, but I don't recall the Black Ice stopping someone from "Burning Chrome" :)

    Caution: contents may be quarrelsome and meticulous!

  • hmmm, just like I've been saying all along (Score:4)

    by ethereal ( 13958 ) on Thursday May 24, 2001 @05:26AM (#201345) Journal

    Their argument against open-sourcing the client has always been that this would allow cheaters and that people would use modified clients that didn't crunch the numbers right. To which I have always responded that with any distributed computational task running on untrusted clients, you would have to do this sort of redundant analysis on each data block anyway. Even a closed-source client can be hacked fairly easily if you really wanted to, so not releasing the source doesn't magically guarantee the validity of any client-side processing. It's nice to see SETI@Home finally acknowledge what some of us have known all along.

    So, when will we be seeing the client source code available for download? I'm all ready to start working on an Xscreensaver [jwz.org] module for it.

    Caution: contents may be quarrelsome and meticulous!

  • Why anyone would want to cheat SETI?

    To suppress knowledge of intelligent aliens that exist. Return false negatives if you have a religeous or industrial reason for wanting to keep Earth out of the galactic economy/society.

    Well, or to create false knowledge of alients that do not exist. But that isn't realistic because any false positive result would obviously be double-checked.


    ---
  • an alternative is the guys from SETI dont say anything to the bad boy and just ignore their results
  • If you've got cpu cycles to burn, why not use it on a worthwhile project like Genome@home [stanford.edu], which strives to improve understanding on the evolution of natural genomes and how they operate. They even have a proven track record. There is also Popular Power [popularpower.com], which continues working towards a more effective influenza vaccine even though they're out of business [popularpower.com].

    A listing of notable distributed computing projects are here [hardcorelinux.com] - (http://www.hardcorelinux.com/distributed-computin g.htm for all you goatse.cx traumatized).

    come off crisp and play up to the cynic
    clean and schooled right down to the minute

  • My questions is Why anyone would want to cheat SETI?

    Yeah, especially when there's the new shared IBM mainframe [slashdot.org] coming out, where anybody can install programs. That's going to be the biggest use of it - a bunch of l33t h4x0rs installing various Distributed.net clients on it, all trying to add more power to their results. Whoop-dee-doo.
  • Hey buddy - newsflash - Europe and North America (esp N. America) no longer have a population crisis... we're not reproducing fast enough to keep up with the death rate. In fact, the only way we can keep out populations stable is to keep immigrating people from other countries.

    Yes, I am assuming that you are from North America or Europe. There is a very good chance that you are from one of these two continents, as Slashdot's user base is primarily made up of Americans (people from the USA and Canada), or Europe. But primarily Americans.

  • Uh, yeah... thats what I said... look over there! *runs away*
  • Hey, I never said that the rest of the world doesn't have a population problem.... but my point was that overpopulation isn't the problem it used to be. North America and Europe have a declining population growth rate. But the rest of the world balances that out.

    We're still growing, globally, but at a declining rate...

  • Two points:

    1. SETI can't afford to buy some massive 'big iron' to get the performance that they get (essentially for free) from SETI@home.

    2. The way that SETI@home has been ripping through the data packets, they were going to run out of data to send to the clients very soon (like sometime next year). Any way that they can slow down the process (while increasing thoroughness and reliability) is welcome.

    Oh - and SETI@home only uses 1 telescope (not even a satellite) to do it's work: the Radio Telescope at the Arecibo Radio Observatory in Puerto Rico (the big satellite dish built into the mountain that was in the James Bond movie) - the largest single satellite in the world.

  • I thought I saw this question answered on the SETI@home [berkeley.edu] page a while ago, but I can't find it now...

    The reason you gave, "I'm 3117", shouldn't be ruled out.
    There may also be some people (yes, I doubt this is common) that don't want to make alien contact, no matter what, so they would send false negatives - they would always want to send a "no pattern" in, even if there is an interesting signal. Yes, lame reason, but it isn't lame to the people that believe that.

  • I poked around on their site [processtree.com], but I couldn't find any sign of them closing up shop. Anyone got the mentioned e-mail care to post it here?

    Though I didn't sign up with them, I found the idea/concept really cool. Too bad to see them go (if that is the case.)

  • What about public ridicule? (Score:3)

    by revscat ( 35618 ) on Thursday May 24, 2001 @06:47AM (#201356) Journal

    I have an idea for how to at least reduce the amount of cheating going on with SETI: ridicule. Because let's face it if you cheat at SETI you deserve ridicule. You're a worthless mess of a human being who probably hasn't been laid in, I dunno, EVER and has to inflate their self-esteem by turning a quest for Contact into a bigger dick contest. No one respects you. Kill yourself and leave your computer running. Your computer is worth more to society than you are.

    Grr. I'm way too high strung today. Where's the bong? But godDAMN people are so freaking simple minded sometimes! What do you gain by cheating at SETI? Higher rankings? So fucking what! Great, now instead of being ranked 39623 your at 32532. RaH. You're my hero. The world is a better place because you cheated. You've fed the hungry and increased our collective wisdom. L0s3r.

    Dump core. And pass the bong.

    - Rev.
  • On Process Tree it was of no surprise that it failed to me for this very reason. A company would not want to risk their important data with average Joe/Joe Q Hacker on the net for him to poke and pry at it. Until they can come up with a uncrackable(yeah right) encryption scheme this will never become mainstream or even backstream. =) . Only way I would ever see it succeeding is if computer manufactures start putting a distributed processing program deep inside their computers hidden from user => .
  • Distributed computing is a core part of businesses like Pixar and PDI ("Shreck" animators). They depend on their internal render farms to build their computer animated films one frame at a time.

    Several companies offer online render farms [ap3d.com] for hire; this is a case where someone is selling cycles and presumably, making money.

    The difference between these render farms and other distributed projects is the complexity and cost of the client application. To be useful, the render farms have to run copies of 3D animation software that can cost up to USD$15,000 per seat. Add that to the security concerns of the copyright holder, and you probably won't see a free, downloadable Pixar Renderman client anytime soon.

    Seems a solution to this would be a client that performs the raw math required for the render software and sends it back to a render controller. Even if it's only 1/100 as effecient as a copy of Lightwave running locally, the sheer numbers of participants can make up for it. I'm sure a studio in a crunch wouldn't turn down the help of 40,000 otherwise idle CPUs!

    Someone smarter than me will have to write that particular piece of software. So get to it!
  • ...if you're not running the client, do. If you are running the client and you're not affiliated with any other team, please join team Slashdot.org [distributed.net], if for no other reason than to spite these twits, [distributed.net] who are ahead in daily counts these days (from their team page: "The best people. The best effort. The best platform. RC5 will fall again....")

    --

  • distributed.net does the same (Score:4)

    by mattvd ( 44096 ) on Thursday May 24, 2001 @05:23AM (#201360) Homepage Journal
    As far as I know this is nothing new, distirbuted.net has always done this on thier projects (RC5, DES) to make sure people are actually checking the blocks.
  • [Re: "why cheat"]

    > Wouldn't _you_ want to be the one who discovered a cell call from ET?

    Don't you think that SETI would verify the calculations on their own boxes before rushing off to the NY Times with the news?

    However, the other way of cheating, namely reporting false negatives is almost impossible to detect, and I'd think that is what the article is concerned about.

  • > Believe it or not, people cheat when playing quake too.

    Well, quake is a game, so it is a little bit more understandeable (although still not excusable) that people . Seti, on the other hand, was supposed to be a cooperative effort, so this seems odd.

    Unfortunately, in order to make it more interesting, and attract the public, SETI's organizers spized it up with high-score lists. Which not only brought more participants, but also provided an incentive to cheat...

    A simple solution would be to pull the lists or to only publish aggregate data ("so many blocks calculated by all participants combined")

  • ... and I received no such email.
    ------
  • There are some analogies between distributed networks where there is a participant faking and intelligence networks where one person may be an informer or trying to introduce false data.

    Using different paths through the network to see which one leaks or which message gets warped

    Sending extreme data (that the informer has to act upon) through the network (this may be true or false)

    The informer may end up ironically being a trusted part of the network as there is too much risk in the informer being found out if they act as an informer (i.e. leak or subvert information).

    But then I suppose people may act in an extreme manor under normal circumstances to try to be part of a gang/clan/subculture.

  • Actually you're half right.

    Pixar doesn't have to pay per license because
    they wrote Renderman so they get it for free.
    But POVRAY? Please, this hasn't been used
    on any films that I know of (and yes I work
    in the film visual effects industry).

    There is a free version of Renderman called
    BMRT (www.bmrt.org) but many many
    visual effects companies do pay $10,000
    US per copy for Renderman render licenses
    or slightly less than that for Maya or
    Mental Ray render licenses.

  • No not always. Back when CSC started they had a big furor when they pulled a few clients, invalidated results, and revealed that they were actually sending the same blocks to multiple people to check for cheating.

    The end result was that the number of CSC blocks processed was greater than the number of CSC blocks in the possible solution set.

    It'll be in one of the finger archives on d.net if they go that far back.

  • Yeap, dead... And if you gave your e-mail to them by any mean, as far as a foreigner I can undestand they mailed to us in a polite way that they will sell our adresses to another company :-(
  • get a glue?... I'm rubber you're glue
  • Just what kind of nurdz are cheating at seti@home? Get a fucking life!
  • For those of you who don't know, there is a SETI@home team composed of Slashdot netizens here [berkeley.edu]. There are currently almost 2200 members in Team Slashdot that have contributed 700,000+ work units to the SETI@home project, for a team rank [berkeley.edu] of 17th. Teams from HP, IBM, Microsoft, Intel, Compaq and Sun are ahead of us! Personally, I'd like to see Team Slashdot show these slackers a thing or two about what nerds can do. A little effort by an individual goes a long way in Team Slashdot. I've got SETI@Home running full time on a crappy little Pentium computer that has churned out only 35+ units and has taken almost a year to do it, and I've still contributed more units than half the Team Slashdot members. I'm gonna upgrade my input to SETI@home. Join me! Let's get a discussion / confessional / pep rally going here about what we can do to upgrade the Team Slashdot effort for what we all agree is a worthy cause!
  • SETI has, at least as far as I understand it, one advantage with respect to cheaters versus RC5, DES, et al. With SETI, one would hope that there would be more than just one signal of intelligence being captured, so that if someone cheats, claims to have searched a region containing an intelligent signal, but does not, there will still be other intelligent signals to be found elsewhere. In contrast, with DES or RC5, there is only one needle in each haystack, and if a cheater happens to claim the section where the needle actually is, no one will ever find the needle (well, at least until they check the rest of the pile, and then start rechecking sections.)
  • You can't say though, that most people aren't signing up for the novelty of being in the race. if it weren't for the stats, I wouldn't be participating at all, and neither would 90% of their userbase. I'm contributing for the good of the Halo Seti Marines, and damned proud of it.Get rid of scorekeeping, you get rid of the major motivation.

    What you really can't say is that 90% of the people are in it because of the stats. That wouldn't be allowed in a court of law, and won't be allowed here.

    I still say get rid of them. Competition brings out the WORST in people, not the best, as evidenced by the cheaters who hacked their clients to download work units, and immediately (after NO analysis) send back a blank results file. These people were "crunching" thousands of units per day and really stinking things up.

    If SETI loses any people from having no stats, I can assure you they won't be missed.

    Rich...

  • The reason people are cheating. (Score:3)

    by Crixus ( 97721 ) on Thursday May 24, 2001 @07:23AM (#201373)
    The reason people are cheating is because they decided to make a contest out of who procressed more workunits.

    I for one wish they would get rid of the scorekeeping entirely. I crunch SETI units because I enjoy the idea of helping them with their science.

    Any users they lose because they were to get rid of scorekeeping would be no great loss. They were probably the losers who were compromising the datapool anyway. (talk about having no self esteem, I can see it now, some geek going up to a girl to impress her with his falsified SETI numbers).

    I was one of the first 10,000 people to sign up, and I'll help them with their science as loing as they need me to, scorekeeping or no.

    Rich...

  • So what your saying is that we need a distributed form of cheating. We check out a block from SETI, check with cheatingseti.com to see if that block has been checked in before. If not we make up the results and report them. Either way we can be done immediately.
  • BMRT [exluna.com] - Blue Moon Rendering Tools, is a free, downloadable RenderMan-compliant radiosity renderer, which was written by Larry Gritz, a former employee of Pixar's. It's not exactly Pixar's Renderman [pixar.com] (PhotoRealistic Renderman), but it's not bad - and it actually gets used by many of the same people who use Pixar's RenderMan.
  • How do we know that the 1% of data that's not been processed didn't contain proof of ET? We don't. And you know why? It's a government conspiracy, that's why! And they're out to get anyone who lets the secret out!

    [sniff, sniff]Hey, what's that funny smell? Urrrggh, eyelids....heavy....soooo sleeepyyyy.....

  • problem with processtree was that they had bunch of users that thought that they were going to make money on buying computers and using them for processing corporate data. they failed to understand that companies choose to use distributed computing only when its cheaper for them to do so.
  • Once you change your username, your statistics start over; which I assume would be the only reason a person would want to cheat.

    --

  • The "you use our email, so we're stealing your spare processing power and renting it out and you agreed to this with a click-thru agreement so screw you" company...distributed computing seems to be quite a bargain for them..

  • I'd argue that SETI@home *is* worthwhile, although I admit that the return is more uncertain. The genome isn't going off anywhere soon, whilst a reasonably tranisent ET radio signal (i.e. they broadcast at a star for 10 years then off to the next candidate star) would arguably be a greater discovery.

    Genome@home is the 10-year investment bond, whilst SETI@home is the lottery ticket.

    Ack. Time for coffee.
  • Argh.
    'put a bunch IBM Z series boxes straight to the satellites'
    That kind of quote really works me up. Ok, so they take a a performance hit checking accurancy, what makes this any different from Anything Else We Do With Computers?? Most things use error checking in some form or another. Yeah i know thats on a smaller scale, but still.

    Plus this isn't 'throw up a few boxen to check the data off the sattelites, problem solved' Pick up a Guiness Gook of World Records, this years edition. Take a look for worlds most powerful supercomputer. Know what it is? Seti@Home. And last time i checked, the gov't isn't really throwing seti Huge dumps of cash, so re-building the worlds most powerful supercomputer isn't really an option for them. And since they Still want more users, more cycles, i'd say downsizing their system in favour of a more secure, local computer cluster, is out of the question.

    So maybe we'll just chalk it up to the 'not too familiar with SETI' thing and move on.
  • For something like distributed cryptanalysis or "SETI at home", it would work almost as well if, when a client asked for some work, it was given a random chunk, with no checking for whether it had been done before. This statistically doubles the computational load, but eliminates coordination problems. Yes, you might miss something, but it's unlikely.

  • More than once I've got a clear signal that was obviously extra terrstrial in nature. The distribution was so far away from random noise that it had to be artificial. I run the data through the Seti program, and what does it come out with? Nothing.

    SETI@home beams known signals to the radio telescope as a check to make sure the whole system is still working properly and to call out clients that give false negatives. There are a few on constant frequencies; there are probably others on frequencies that change daily.

  • Or just some really spoiled kids with some massive Alphas.

  • Bragging rights. Those with weak confidence attempt to validate themselves through cheating and the belittling of others.

    See also: antisocial behavior [slashdot.org]

  • SETI is less worried about punishing cheaters, and more worried about getting accurate results back from the clients. Without control over the data, the entire dataset would be skewed and would have a huge impact on its scientific value.
  • I always wondered how people were getting an average of 1 hour per work unit. Then I realize there's some good hackers and programmers out there!

    Anyone know where I can buy a seti card?

  • the results don't have to be VERY correct. They use the results just as a hint where to look closer. I bet the REAL analysis will be done inhouse.

  • I don't understand how sending rouge data sheets will "catch" the bad guys

    Well its well known that "bad guys" can't resist make-up.

  • the idea of distributed computing as a business model is perhaps a bit premature.

    Premature? Premature?! Of course it's not premature, it's about 30 years too late. Distributed computing used to be nice and profitable, but processors are just too cheap now for it to work. For large-scale, nonprofit efforts like SETI, sure, but if someone's actually going to pay to rent computer time, it would just be cheaper to buy the processors themselves. Or, if it was truly profitable to rent computer time, specialized computers with intel/amd clusters would pop up to provide it with less overhead.
    --
  • You can't say though, that most people aren't signing up for the novelty of being in the race. if it weren't for the stats, I wouldn't be participating at all, and neither would 90% of their userbase. I'm contributing for the good of the Halo Seti Marines, and damned proud of it. Get rid of scorekeeping, you get rid of the major motivation.
  • You've got my support on that one. I agree entirely. Seti can have that much of my personal info, and if they catch a cheater in my area they can call on me to 'take out the trash'. :-)
  • Another Excellent idea. Kudos on this one! This way everyone wins except the cheater who's killing his cpu for nothing :)

  • Re:Active punishment? (Score:4)

    by Kingfox ( 149377 ) on Thursday May 24, 2001 @07:11AM (#201394) Homepage Journal
    God, I loved that old feature on Telegard/Renegade and the like. Though most people figured it out when noone responded to their flames, and then made a fake account/logged on as a guest, to find out the truth. But this would work with seti, where there is no 'feedback'. Hell, they've even disabled 'see my last 10 packets' as of late, so as long as they kept on incrementing the person's records to their eyes, it wouldn't matter. As far as the problem that you present - a broken computer being innocent as compared to malicious data. That really isn't a problem. Not to sound like an arrogant fuckwad, but the end result is the same to seti. Data that's just wrong as a result of a computer going tits-up or data that's wrong from a computer being messed with - it really doesn't matter. They're going to need to reject both.
  • Only way I would ever see it succeeding is if computer manufactures start putting a distributed processing program deep inside their computers hidden from user => .

    Ahh, you are, of course, referring to Juno.

  • The difference between these render farms and other distributed projects is the complexity and cost of the client application. To be useful, the render farms have to run copies of 3D animation software that can cost up to USD$15,000 per seat.

    Actually, 3DS lets you run as many render engines as you want. It's only the GUI you must run one of per license. It's all the same software, and talks with itself nicely over networks.

  • it went belly-up not long ago as well, citing the "economic downturn" as the main reason...

  • Re:Why bother? (Score:3)

    by TeknoHog ( 164938 ) on Thursday May 24, 2001 @05:44AM (#201398) Homepage Journal
    If someone reports a hit, cant they just re-check that data?

    They do. What the client programs do is something of a preliminary analysis, filtering the most interesting packets of data from the usual junk. In the further analysis it often turns out that lots of interesting signals originated on Earth, while many others are inconclusive.

    --
    I hit the karma cap, now do I gain enlightenment?

  • Comment removed based on user account deletion
  • Comment removed based on user account deletion
  • In their recent paper, "Uncheatable Distributed Computations," Mr. Golle and Mr. Mironov explain how to verify that the work has been done, by inserting special checkpoints, or "ringers," into a unit of distributed data. If the data is returned to the sender without the purposely planted material among the results, the organization knows the data was not processed and the user is trying to cheat.

    I think this is probably the easiest way to keep the users honest. Instead of having each unit processed twice, by two different people and diffing the results to hopefully catch a cheater, they simply add a little overhead to each unit and have a little section of the unit that they check for upon completion. Essentially each unit will have a section of the results which matches up with known info about that unit. If it comes back without that section matching the original key section, then it can be assumed false.

    Of course, there is a caveat to this. If J. Random Hacker is a true follower of Discordia and finds out how/where these "authentication" blocks are stored in the unit, he can fake those as well. I think these authentication blocks of unprocessed code should be generated pseudo-randomly with different positions in the unit and lengths each time. Hopefully they will be able to avoid detection by jerks who wish to falsify data. Now why someone would want to mess with a project like this one anyway is beyond my comprehension, but that's another question entirely.

    Steven
  • Instead of the news about ProcessTree shutting down being related news, it's directly mentioned in the article.

    "As soon as you offer any kind of incentive, you will invite cheating," said Armin Lenz, a former executive at a commercial distributed computing company who is familiar with the need for security in online projects. "Be it stats, money or giveaways -- it is just human nature to try to get things the easy way."

    Armin Lenz was one of the founders of ProcessTree. In this article they call him a former executive. Voila, two news pieces in one, Seti@Home trying to stop cheaters and ProcessTree gone. Now ProcessTree needs to update their website [processtree.com] to reflect their closing. But at least they did a good thing [processtree.com] as one of their last gestures. The full text of the press release, Acrobat reader required, is here [distributedscience.com].

    Steven
  • Perhaps they watched Contact too many times. Wouldn't _you_ want to be the one who discovered a cell call from ET? (Of course SETI would claim all the glory, but you could still try for your 15 nano seconds of fame --> I mean wouldn't it be just like Slashdot to report "The NYTimes has this [slashdot.org]article up about the computer of the guy who discovered the message from Andromeda [slashdot.org] last week [slashdot.org]. When asked what his number crunching secret was, its owner, Joe Milkdud, said "My advantage? Well I think it was when I overlocked my Athalon to 800 MHz... that just put me over that computational edge. And the extra 256 MB RAM helped too.")
  • More than once I've got a clear signal that was obviously extra terrstrial in nature. The distribution was so far away from random noise that it had to be artificial. I run the data through the Seti program, and what does it come out with? Nothing.

    I repeatedly try to get interest from the government over this, but they aren't interested. I mentioned it to the roman catholic church, and they were horrified. I think it mut interere with their religious dogma or something. I sent it to Carl Sagan. He mysteriously died.

    The truth is out there. They don't want you to hear it!

  • Why not inject nuggets of data from previous (valid) packets randomly thoughout each new work packet? Keep track of where this injected data goes, and check to see if the returned packet contains the right data. Or put a random false signal in each one, and check for it. If not there, you know something is wrong. There are probably more effective way around this though.
  • Why??? Why would anyone cheat at this? What is there to gain from it? I don't go checking the scores to see who has the greatest computer. It's not the point of the exercise. I don't have PC envy, and I'm surprised if anyone else does too.

  • Re:Why bother? (Score:3)

    by KarmaPolice ( 212543 ) on Thursday May 24, 2001 @05:39AM (#201407) Homepage
    If someone reports a hit, cant they just re-check that data?
    You're missing the point with SETI. There is no such thing as "a hit" when analysing these massive amounts of data. Your computer will never give a message like: "Analysis detected a HOW ARE YOU GENTLEMTN, ALL YOUR BASE ARE BELONG TO US from outer space". What your computer does is just an analysis and then the SETI-folks will do the real exciting stuff with the resulting data from your computers work.

    The problem before SETI@Home was that the data wasn't analysed completely to detail because these analysis take a shitload of time so they just did a rough analysis, trying to find extreme peaks but no checking for patterns over longer periods of time.

  • I should have known (Score:4)

    by tenzig_112 ( 213387 ) on Thursday May 24, 2001 @06:00AM (#201408) Homepage
    Somebody sent me something strange from his SETI at home setup. I don't know for sure, but it looked a little like a hoax to me.

    Here are some warning signs that you may have a SETI hoax on your hands:

    • a midi file of the
    • Close Encounters tones.
    • A .gif of Leonard Nemoy as Spock with the caption "Live long and ... whatever."
    • The astral baby from 2001 rendered in ASCII graphics.
    • "Hello, people of earth" in a voice that sounds suspiciously like Homer Simpson.
    • Anything resembling "Goatse.cx"

    In other news: Bi Curious: The Senator Jim Jeffords Story [ridiculopathy.com]

  • Some people take a lot of pride in such, as a mark of their ability to squeeze the maximum performance out of their server farm. If you get signficantly interested in such to join a particular team, a fair amount of kudos can be gained among like minded folk by contributing a large tally on joining or ramping up the production, helping them to push closer/ahead of rivals. Thus the potential for temptation.
  • Distributed computing as a business model will never be feasible. The organizations that might take advantage of such a business are probably capable of using the hundreds or thousands of in-house computers to do something like this with equipment they already have. For example, at my job, we have been asked to install a program on our system that will basically allow the system to be used for distributed processing when it isn't busy.

    Why pay for the cow when you can get the milk for free?

  • Your comment acutally kinda proves there is a market for distributed computing? Who wrote the program to install on your computer? Sure, there might not be a market for interaction between untrusted peers, but there definitely is a market for internal use of distributed computing amongst trusted peers.

  • AH! (Score:5)

    by HongPong ( 226840 ) <hongpong&hongpong,com> on Thursday May 24, 2001 @06:45AM (#201412) Homepage
    But the problem is not ordinary punks hacking the client to create false positives. No, the problem are those Beowulf clusters in underground NSA facilities making all the false negatives!

    --
  • I think you are wrong with that mindset. We are already seeing companies like M$ working with distributed applications. How long till we are on completely distributed systems? People often forget the Ross Perot got rich off selling all these cycles. :)

  • Why? (Score:5)

    by clinko ( 232501 ) on Thursday May 24, 2001 @05:19AM (#201414) Journal
    My questions is Why anyone would want to cheat SETI? I could just see the guy now:

    "LOOK! i'm high on the hours list with 31337 years of data done on my computer for SETI. I RULE! Oh god, I wish I were dead..."


  • Re:Active punishment? (Score:4)

    by telstar ( 236404 ) on Thursday May 24, 2001 @05:50AM (#201415)
    Instead of locking out a cheater, a better solution is to continue to feed data to that cheater, but ignore any results they submit. This will help prevent the cheater from simply creating a new account, as they will be unaware that their false results have been detected.
  • I don't know why this seems surprising to people. If you're working with a distributed project of this nature you'll always get some joker that will stuff up the data, just to see what happens. Any results that this project gets has to be VERY correct, otherwise they're all gonna look like bunch of tits. I just assumed that they would be doing this when I started helping out ...
  • Pretty good article about SETI researcher Kent Cullers in Business Week [businessweek.com].
  • this was a posted right after ./ ran a story about IBM sharing BIG Iorn with the public. I ment to put a link to that story [slashdot.org] in my post. The getting a Z server think was just a joke, but the fact is that getting/leasing/borrowing/stealling one would help secure their stuff.

    Sorry to work you up, but it was just a post. It got 8 replys, and made my karma higher.

    So maybe we'll just chalk it up to the 'not too familiar with SETI' thing and move on. -- Done


    TEN

  • Double Resources (Score:3)

    by tenman ( 247215 ) <`moc.iausten' `ta' `gro.todhsals'> on Thursday May 24, 2001 @05:26AM (#201419) Journal
    I admit that I am not terribly familure with seti, but I know that they use huge amounts of collective cpu time via the distribution of processing to remote processors. My comment relates to who decides how much of a performance hit do they want to take to insure accuracy. Do you send sheets of data out twice, and reduce your net performance by half? I don't understand how sending rouge data sheets will "catch" the bad guys, wouldn't the one that get caught just change their IP/User Name and start sending bad data again? I'm afraid that if SETI really wants security, put a bunch IBM Z series boxes straight to the satellites, and let little instances of Linux churn over the data.
    TEN
  • Comment removed based on user account deletion
  • Comment removed based on user account deletion
  • Comment removed based on user account deletion
  • The closed-source SETI@home client *was* hacked, several times, by people trying to get faster performance (not outright cheating)... the SETI folks went pretty ballistic when they found out, sadly they had to explain in very short words that science is about repeatable experiments, and that requires that all the data is processed in *exactly* the same way. Otherwise the parameter-space searched by the programme would be subtly skewed - for example, a faster algorithm might mean that signals at the far end of the gaussian spectrum they're looking at would be missed or included for only the hacked clients.

    However there are tons of unofficial add-ons that *are* allowed: see here at the SETI@home site [berkeley.edu].

    This and much more info in the unofficial SETI FAQ... infuritatingly, I've got a copy saved at home but can't find a link to it anywhere. (Think this was the Usenet FAQ.) Anyone?
    --
    "I'm not downloaded, I'm just loaded and down"

  • Got it [faqs.org]: the other SETI FAQ.
    --
    "I'm not downloaded, I'm just loaded and down"
  • I think as long as these sites keep stats and "score" individuals or teams you're going to get cheating. It's kind of sad when you think about what can come out of the SETI program and people are out there sending false data just to make them look good. This won't stop 100% of the cheating, but I believe not showing or ranking individual stats might cut it back some.
  • Why bother kicking bad users off? Why bother to let them know they've been caught? Just start feeding them bogus or real data - and then ignore their results. Let them figure out they've been caught.

    John

  • Shocking! (Score:5)

    by s20451 ( 410424 ) on Thursday May 24, 2001 @05:48AM (#201429) Journal
    So somebody's trying to manipulate the system in order to artificially inflate a meaningless number in a database! How shocking! (Score=5, Insightful)
  • ...we'll never find out if there is intelligent life out there or not.

    While SETI and NASA are jumping the gun and declaring a fake packet to be a sign of "intelligent life out there" and awarding some loser a lot of money for making the find, any real signals that for no apparent reason which are aimed specifically at us, won't be processed because the SETI@Home project will have achieved its goal.

    Now if only CounterStrike games could end so vividly.

    "Cheater detected, cheater wins, GAME OVER."

    Heh.

Slashdot Top Deals

It is easier to write an incorrect program than understand a correct one.

Close