Friends....

Another Boinc project has come aboard to help us fundraise for Milkyway.

Bitcoin Utopia has agreed to team up with us on fundraising for Milkyway's future. To take part in this type of assistance for our project, please go to their site and follow their procedures.

Their program for Milkyway is Campaign #3.

We truly appreciate their support!

Disclaimer: The Milkyway project staff, students and moderators are not responsible for any issues your computer may have with their WU's. Please follow their recommendations for optimal results (credits are pretty nice too!). Any concerns or questions over how their project raises funds should be posted on their website for their admins to assist.

The Admins of Bitcoin Utopia are fantastic people and my experience shows they will do whatever they can to assist you.

Also remember Bitcoin Mining is not a quick process so the Bitcoin Utopia folks and us want to remind you to still donate in the more direct manner if you wish to.

Any support is appreciated tremendously!

I'm glad they took my suggestion serious. Now if only they could come up with an easier way for supporting other projects as well. Converting to a traditional currency shouldn't be too much of a problem...

http://www.bitcoinutopia.net/bitcoinutopia/forum_thread.php?id=276#1744

---

This is the latest from the BU site:

i guess the people at BU didn't know that ~$19K had already been raised by 7/26/14 (the starting point of their graph), and that the total was up to $23,481.92 by 8/4/14...so that red line needs to be shifted up accordingly...

---

i guess the people at BU didn't know that ~$19K had already been raised by 7/26/14 (the starting point of their graph), and that the total was up to $23,481.92 by 8/4/14...so that red line needs to be shifted up accordingly...

Yes it does. The BU campaign is exactly as stated. I am working to extend the BU campaign.

---

i guess the people at BU didn't know that ~$19K had already been raised by 7/26/14 (the starting point of their graph), and that the total was up to $23,481.92 by 8/4/14...so that red line needs to be shifted up accordingly...

Sunny...they are two separate campaigns so please don't confuse the two. Their $20,000 goal is separate from the efforts here. If MW fundraising via cash donations reaches the $40,000 goal on it's own, then the BU fundraising will go to secure the project for the future.

---

Sunny...they are two separate campaigns so please don't confuse the two. Their %$20,000 goal is separate from the efforts here. If MW fundraising via cash donations reaches the $40,000 goal on it's own, then the BU fundraising will go to secure the project for the future.

my mistake...thanks for clearing up the confusion. i just now realized that BU is an actual independent DC project that just so happens to be helping the MW@H project out by having its own fundraiser.

---

Sunny...they are two separate campaigns so please don't confuse the two. Their %$20,000 goal is separate from the efforts here. If MW fundraising via cash donations reaches the $40,000 goal on it's own, then the BU fundraising will go to secure the project for the future.

my mistake...thanks for clearing up the confusion. i just now realized that BU is an actual independent DC project that just so happens to be helping the MW@H project out by having its own fundraiser.

No problem.

---

Friends....

Another Boinc project has come aboard to help us fundraise for Milkyway.

Bitcoin Utopia has agreed to team up with us on fundraising for Milkyway's future. To take part in this type of assistance for our project, please go to their site and follow their procedures.

Their program for Milkyway is Campaign #3.

We truly appreciate their support!

Disclaimer: The Milkyway project staff, students and moderators are not responsible for any issues your computer may have with their WU's. Please follow their recommendations for optimal results (credits are pretty nice too!). Any concerns or questions over how their project raises funds should be posted on their website for their admins to assist.

The Admins of Bitcoin Utopia are fantastic people and my experience shows they will do whatever they can to assist you.

Also remember Bitcoin Mining is not a quick process so the Bitcoin Utopia folks and us want to remind you to still donate in the more direct manner if you wish to.

Any support is appreciated tremendously!

Please be advised that according to McAfee and Bitdefender - bitcoinutopia website may be risky to visit, so the links to bitcoinutopia (posted in this forum/thread and on the MilkyWay@Home homepage) should be used with caution.

According to McAfee bitcoinutopia website "May be risky to visit" and access to the site is blocked by the McAfee application because "When we visited this site, we found it exhibited one or more risky behaviors."

McAfee SiteAdvisor - Bitcoinutopia Website Safety Report

BitDefender has found malware on the bitcoinutopia website.

BitDefender - Bitcoinutopia Website Safety Report (Using VirusTotal)

Note: VirusTotal About VirusTotal is a Google owned company that provides free file, URL, and website safety scanning, using many popular free and commercial antivirus software and website scanning tools.

While most other antivirus/scanners did not find any problems with bitcoinutopia (or perhaps they performed their scans when the bitcoinutopia website didn't contain malware, or didn't exhibit risky behaviour - it is no guarantee of safety).

The fact that two reputable antivirus/site scanners did find a serious problem with the site (McAfee and BitDefender) is enough reason to advise caution - for me personally it's two strikes and you're out.

It is often people who visit risky sites, or download potentially risky files, that end up with malware or spyware on their PCs.

I think Milkyway@home users (and your project administrators) should be made aware of this possible risk.

---

CZ,
PLEASE READ POST# 62152 "Message boards : Number crunching : Malware Concerns over Bitcoin Utopia"

Both Adaware and Spybot tell me that the BitCoin Utopia download contains a Trojan,so much as I'd love to contribute, I think I'll pass


keputnam Bitcoin Utopia does not contain a Trojan. It is a false flag. Just exclude the Boinc directories and it'll stop.

---

The fact that two reputable antivirus/site scanners did find a serious problem with the site (McAfee and BitDefender) is enough reason to advise caution - for me personally it's two strikes and you're out.

Yeah, we all know that big companies like McAfee, F-Secure or Google never make mistakes...

Henri.

---

The fact that two reputable antivirus/site scanners did find a serious problem with the site (McAfee and BitDefender) is enough reason to advise caution - for me personally it's two strikes and you're out.

Yeah, we all know that big companies like McAfee, F-Secure or Google never make mistakes...

Henri.

There HAVE been ALOT of false positives over the years due to the fact that Boinc often receives units from one web address and then returns them to a different one, causing the 'heuristic' stuff to flag it. Add in the constant link required for Bitcoin Utopia and if ALL the anti-virus programs don't flag it before you get a chance to exclude it, it makes one suspicious of the quality of their anti-virus! My AVG, I use the free one, flagged it right away and STILL flags it if I get too many errors and it goes into the next 'slot'!! I now have 2 'slots' excluded, so it is mostly okay, I'm guessing if I actually paid for it I could exclude it prior to it BU using another 'slot'.

I think that the last few posts have displayed very poor judgement, to the point of gullibility and possibly culpable neglect.

Yes, the majority of BOINC malware reports are false positives - I've debunked a few myself, and mostly used a clean virustotal scan to do so. But I don't think that justifies ignoring reports without investigation. Use skill, judgement and best security practices to evaluate a potential threat and decide on your course of action.

Rightly or wrongly, Bitcoin Utopia has established a love-hate relationship with the rest of the BOINC community. Some people love it because of the funds it is raising for scientific projects like this one, and for the credits it awards. Other people - sadly - come close to hating it: the funds raised are actually very small, and the credits have skewed the cross-project statistics. It is just possible (but reprehensible if true) that someone in the latter group may have injected malware. Proceed with caution.

One of the arguments I use to support a 'false alarm' judgement on virus scares is: "if the file has been deployed many hundreds of thousands of times from a secure project server over a period of years, and not been detected as a virus over all that time, then it probably doesn't contain a virus". Bitcoin Utopia is a relatively young project, and its applications are rapidly changing: I don't think it can shelter behind that defense.

There was discussion on the BOINC developers mailing list within the last 24 hours - I quote verbatim:

*Deprecated*: mysql_pconnect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in
*/home/boincadm/projects/bitcoinutopia/html/inc/db.inc* on line *52*

The error message is on the front page and also on ops front page. How to
fix it?

Did you ever figure this out? I too am seeing this annoying message. I
recently upgraded both the web code and the server code, and I am still getting
it.

We changed this line in util.inc:
ini_set('display_errors', true);
to this:
ini_set('display_errors', false);

That removed some of the messages but there are still pages where it shows
up.

Henri.

I'm sorry, but when the response to a security warning is to shoot the messenger - closely related to burying your head in the sand - then I don't have confidence that a proper anti-malware security protocol is demonstrably in place. Again, another reason for urging caution.

http://www.bitcoinutopia.net/bitcoinutopia/forum_thread.php?id=235&postid=835#835

Henri.

---

Sadly, you are not alone in your complacent attitude. Please remember: not every alarm is a false one. I invite you to read these two write-ups (of the same event), which as you will see I was personally involved in.

http://www.zdnet.com/bt-mails-virus-to-customers-3040139746/
http://www.computerweekly.com/news/2240043325/BT-Openworld-sends-virus-to-customers

Edit: and when lax security attitudes meet the social engineering skills of malware-writers, the results can be significantly damaging. Follow-up to the same story:

http://www.theregister.co.uk/2002/01/31/badtransb_tops_virus_charts/
http://virus.wikia.com/wiki/Badtrans

I have never had an issue with BU's website and I access it from home and work.

---

I have never had an issue with BU's website and I access it from home and work.

I'n sorry, Blurf, but - and without meaning any disrespect to you - that means absolutely nothing.

I hadn't ever received a virus from the British Telecom support desk mail server until that night, either - but their lack of vigilance allowed a virus into their systems, and they very generously shared it with me and several thousand other customers.

I mentioned "the social engineering skills of malware-writers" last time. This is what I meant - and I actually quite admire them for it.

I was working late, around 9pm, alone on a client's site (commissioning a new server, IIRC). I saw the infected email incoming on my personal laptop, thought it was suspicious, checked it with my (up-to-date) AV software - no detection. I forwarded the attachment to the Symantec reporting portal - received automated acknowledgement, but nothing further. This was all happening on the Friday of the US Thanksgiving weekend, and I received the infected email within about an hour of what was later reported as the time of first detection in the wild. My feeling is that the time of release was very carefully chosen as one where global security watchfulness was at one of its lowest points in the year. That, and the chosen release vectors (BT, plus NTL - at that time the largest cable service provider in the UK) is highly unlikely to be random.

I was on the phone to BT until well after midnight that night, trying to persuade them that they had a serious problem, but sadly failing.

The next morning, Saturday, I rang a UK security specialist, Sophos, and received what I feel was an exemplary response (I'm not connected with the firm in any way: I just rang as any ordinary joe public).

The person who answered the phone seemed technically astute: listened to my description, and said 'sounds like it's worth a look - I'll call in an engineer', and gave in instructions for secure submission of the sample. A couple of hours later they rang back to say it was definitely malicious, carried two separate payloads, and was previously unknown and undetected by their existing product. By about 1 pm, they had a definition hotfix available, and asked me to test it: by 4 pm, the finished hotfix was available for their customers to download. Meanwhile, BT were still refusing to acknowledge that they had a serious problem. The rest you can read in the links I posted earlier.

I tell that story at some length (and with feeling) because it's a very clear example of why heuristic (behavioural) scanning was added to the anti-malware arsenal - at that time (almost 13 years ago), almost all virus detections depended on the signature-matching which failed so dismally in the BadtransB case.

And that's why I, personally, would never disregard any malware report without investigation. Some users here may recognise my name from the SETI@Home user forums: I am the person responsible for the final assembly and distribution of the "Lunatics" optimised application installer package. Like BOINC itself, I provide a Windows executable file for users to download and run: it requests Administrator privileges while running, and drops a payload of other Windows executables. That makes me a perfect virus distribution vector: you may have got some inkling by now of the responsibilities that I accept that my volunteer role places on me.

No worries Richard. I respect your opinion.

I will restate my request that issues with the Bitcoin Utopia website and/or crunching system should be directed to their admins on their website please where they can respond.

Thank you for your understanding.

---

I'm currently supporting MilkyWay@home with Bitcoin Utopia and investigated the security warning issue before and now what I'm using the project.

So far the machine running the project is working non stop without any problem and without any problem in my network either, Bitcoin in general is still largely under appreciated and even with bad press because it's representing a new way for a global economy,

---

This has been my effort to date, I stated 21 Nov.
Milkyway (Campaign #3) credit 491,240,320 total (2741 tasks)
Looking for 1 Billon by the end of the year.

Under CrunchForCoin