Security question
Moderators: Site Moderators, FAHC Science Team
Security question
I'm a newbie who just installed the client on my MacBook. How should I configure the software for the best security? I use this laptop for all of my personal information.
-
- Posts: 2522
- Joined: Mon Feb 16, 2009 4:12 am
- Location: Greenwood MS USA
Re: Security question
This is what I think I understand.
The software constructs work directories/folders, it would be inadvisable to store any of your personal data in that folder. You may need to omit that folder from your antivirus scanning.
The software has two IP Addresses for Assignment Servers hard coded into it, so it would be very hard for a man in the middle attack to succeed. The assignment servers give the client a work server, also via a hard coded IP Address. So your software cannot easily be deflected to talk to a fake Folding@Home by bad DNS entries. (Any evil intent would have to be in house)
The Client only uses Port 80 and Port 8080, just like a browser, so it has no abilities that IS, Firefox, Safari, or Chrome lack.
Files downloaded have a checksum that has to match, I assume uploads do as well, but I do not see that checksum as I don't run a server.
So if you wish, you can configure your Firewall to restrict fahclient to ports 80 and 8080. In most OSs you can restrict the Folding application to only have read/write permissions in the work folders, and I think that is done by default. Some folks have an overwhelming desire to change the default directories, but I advise against it. viewtopic.php?f=106&t=34226
The software constructs work directories/folders, it would be inadvisable to store any of your personal data in that folder. You may need to omit that folder from your antivirus scanning.
The software has two IP Addresses for Assignment Servers hard coded into it, so it would be very hard for a man in the middle attack to succeed. The assignment servers give the client a work server, also via a hard coded IP Address. So your software cannot easily be deflected to talk to a fake Folding@Home by bad DNS entries. (Any evil intent would have to be in house)
The Client only uses Port 80 and Port 8080, just like a browser, so it has no abilities that IS, Firefox, Safari, or Chrome lack.
Files downloaded have a checksum that has to match, I assume uploads do as well, but I do not see that checksum as I don't run a server.
So if you wish, you can configure your Firewall to restrict fahclient to ports 80 and 8080. In most OSs you can restrict the Folding application to only have read/write permissions in the work folders, and I think that is done by default. Some folks have an overwhelming desire to change the default directories, but I advise against it. viewtopic.php?f=106&t=34226
Tsar of all the Rushers
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
Re: Security question
there has never to my knowledge been any security issue with FAH in its near 20 year history. I understand your concern but there are far more dangerous things out there on the web than this application.
single 1070
-
- Posts: 17
- Joined: Sat Mar 28, 2020 1:09 am
Re: Security question
The FAHClient.exe listens on port 36330 and the FAHControl.EXE User Interface (from the Taskbar icon) connects to that port to display the stats...
BY default the Client will ONLY allow those connections on the local host internal to any particular machine (127.0.0.1).
You CAN alter this set-up to allow connections from e.g. the remainder of your internal network - OR specific IPs (MUST keep 127.0.0.1 in the list)... Say, if you set up FAH on other computers.
Therefore - if you never open up that port to be forwarded in from the internet (unless you want / need to) there is no danger an anybody / anything connecting TO the FAH installation.
In the above scenario, one can set a password as well which needs supplying to be able to connect.
Additionally, you may apply for a password for your Username - and set that up in your client(s) such that nobody else would be able to be use your username - you also get bonus points after 10 WUs for doing so
BY default the Client will ONLY allow those connections on the local host internal to any particular machine (127.0.0.1).
You CAN alter this set-up to allow connections from e.g. the remainder of your internal network - OR specific IPs (MUST keep 127.0.0.1 in the list)... Say, if you set up FAH on other computers.
Therefore - if you never open up that port to be forwarded in from the internet (unless you want / need to) there is no danger an anybody / anything connecting TO the FAH installation.
In the above scenario, one can set a password as well which needs supplying to be able to connect.
Additionally, you may apply for a password for your Username - and set that up in your client(s) such that nobody else would be able to be use your username - you also get bonus points after 10 WUs for doing so
-
- Site Moderator
- Posts: 6986
- Joined: Wed Dec 23, 2009 9:33 am
- Hardware configuration: V7.6.21 -> Multi-purpose 24/7
Windows 10 64-bit
CPU:2/3/4/6 -> Intel i7-6700K
GPU:1 -> Nvidia GTX 1080 Ti
§
Retired:
2x Nvidia GTX 1070
Nvidia GTX 675M
Nvidia GTX 660 Ti
Nvidia GTX 650 SC
Nvidia GTX 260 896 MB SOC
Nvidia 9600GT 1 GB OC
Nvidia 9500M GS
Nvidia 8800GTS 320 MB
Intel Core i7-860
Intel Core i7-3840QM
Intel i3-3240
Intel Core 2 Duo E8200
Intel Core 2 Duo E6550
Intel Core 2 Duo T8300
Intel Pentium E5500
Intel Pentium E5400 - Location: Land Of The Long White Cloud
- Contact:
Re: Security question
Just a minor correction, at F@H usernames are not unique. Thus, there can be multiple Donors with the same username. However, the passkey is unique as it's a combination of username and email address which allows you to find your points as opposed to yours and others. Here's the link if you would like to read more about passkeys: https://foldingathome.org/support/faq/points/passkey/SeanPearce44 wrote:...Additionally, you may apply for a password for your Username - and set that up in your client(s) such that nobody else would be able to be use your username...
ETA:
Now ↞ Very Soon ↔ Soon ↔ Soon-ish ↔ Not Soon ↠ End Of Time
Welcome To The F@H Support Forum Ӂ Troubleshooting Bad WUs Ӂ Troubleshooting Server Connectivity Issues
Now ↞ Very Soon ↔ Soon ↔ Soon-ish ↔ Not Soon ↠ End Of Time
Welcome To The F@H Support Forum Ӂ Troubleshooting Bad WUs Ӂ Troubleshooting Server Connectivity Issues
-
- Posts: 523
- Joined: Fri Mar 23, 2012 5:16 pm
Re: Security question
Unless of course the installer was tampered with (e.g. from downloading via an unofficial source).JimboPalmer wrote:The software has two IP Addresses for Assignment Servers hard coded into it, so it would be very hard for a man in the middle attack to succeed. The assignment servers give the client a work server, also via a hard coded IP Address. So your software cannot easily be deflected to talk to a fake Folding@Home by bad DNS entries. (Any evil intent would have to be in house)
Would it be possible to add PGP signatures for the files so we can verify authenticity?
-
- Posts: 2522
- Joined: Mon Feb 16, 2009 4:12 am
- Location: Greenwood MS USA
Re: Security question
It COULD happen, perhaps after the current programmer retires, one of the about 6 people they will need to replace him will be interested in PGP.iceman1992 wrote:Unless of course the installer was tampered with (e.g. from downloading via an unofficial source).
Would it be possible to add PGP signatures for the files so we can verify authenticity?
Meanwhile, I would stick to getting the installer directly from F@H.
Tsar of all the Rushers
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
I tried to remain childlike, all I achieved was childish.
A friend to those who want no friends
Re: Security question
or you could just download it from the official source.iceman1992 wrote:Unless of course the installer was tampered with (e.g. from downloading via an unofficial source).
Would it be possible to add PGP signatures for the files so we can verify authenticity?
If people choose to download Windows from somewhere other than Microsoft they would be foolish. Same here. It's not for FAH to fix people who choose to do stupid things.
single 1070
-
- Posts: 523
- Joined: Fri Mar 23, 2012 5:16 pm
Re: Security question
We have seen instances where official websites of some software were compromised and the installers were replaced with malicious ones.HaloJones wrote:If people choose to download Windows from somewhere other than Microsoft they would be foolish. Same here. It's not for FAH to fix people who choose to do stupid things.
I'm no security expert but it seems from those events, people who downloaded and checked PGP signatures could avoid installing them, so it's not necessarily only for unofficial download sources.
Re: Security question
people who download software and know to check PGP signatures aren't the people who would download software from unofficial sources.
look, I get the concerns but if massive software companies can't ensure their software doesn't end up on download sites with deliberately corrupted code, how do you expect a science project with one developer to do it?
the issue isn't an absence of PGP signatures. the underlying problem is people who download software from unofficial locations. that's not FAH's problem.
look, I get the concerns but if massive software companies can't ensure their software doesn't end up on download sites with deliberately corrupted code, how do you expect a science project with one developer to do it?
the issue isn't an absence of PGP signatures. the underlying problem is people who download software from unofficial locations. that's not FAH's problem.
single 1070
-
- Posts: 1996
- Joined: Sun Mar 22, 2020 5:52 pm
- Hardware configuration: 1: 2x Xeon E5-2697v3@2.60GHz, 512GB DDR4 LRDIMM, SSD Raid, Win10 Ent 20H2, Quadro K420 1GB, FAH 7.6.21
2: Xeon E3-1505Mv5@2.80GHz, 32GB DDR4, NVME, Win10 Pro 20H2, Quadro M1000M 2GB, FAH 7.6.21 (actually have two of these)
3: i7-960@3.20GHz, 12GB DDR3, SSD, Win10 Pro 20H2, GTX 750Ti 2GB, GTX 1080Ti 11GB, FAH 7.6.21 - Location: UK
Re: Security question
... and they can also debate whether PGP Signatures are the best solution https://crypto.stackexchange.com/questi ... comparison (old post I know but makes the point)
Possibly the most telling part of the linked discussion is tone of the responses "To be honest, regardless of which one you choose, it will likely be the strongest component of your security architecture.".
Yes, FAH software should be moved up to current standards as/when possible (the discussion re Web Server Certificates springs to mind with this) but Security is about defence in depth and all parts of a system play a part - signed software packages landing on a system without AV is as much at risk from what else may also be on the system, or from an "insider risk" within the developer/systems administrators team - AND I AM NOT SUGGESTING THAT THIS EXISTS BEFORE ANYONE SHOOTS ME
A sensible balance of security and usability is important (but usually argued over what is the best balance) and it is up to the FAH team to deliver what/as they can when they deem it appropriate.
The only truly secure was to protect your systems (and even then only with current technology ) is to have it ground up into sub-micron particles and then "shot into the centre of the sun"/"diluted in the oceans of the world", but regrettably that isn't a particularly user friendly
Possibly the most telling part of the linked discussion is tone of the responses "To be honest, regardless of which one you choose, it will likely be the strongest component of your security architecture.".
Yes, FAH software should be moved up to current standards as/when possible (the discussion re Web Server Certificates springs to mind with this) but Security is about defence in depth and all parts of a system play a part - signed software packages landing on a system without AV is as much at risk from what else may also be on the system, or from an "insider risk" within the developer/systems administrators team - AND I AM NOT SUGGESTING THAT THIS EXISTS BEFORE ANYONE SHOOTS ME
A sensible balance of security and usability is important (but usually argued over what is the best balance) and it is up to the FAH team to deliver what/as they can when they deem it appropriate.
The only truly secure was to protect your systems (and even then only with current technology ) is to have it ground up into sub-micron particles and then "shot into the centre of the sun"/"diluted in the oceans of the world", but regrettably that isn't a particularly user friendly
2x Xeon E5-2697v3, 512GB DDR4 LRDIMM, SSD Raid, W10-Ent, Quadro K420
Xeon E3-1505Mv5, 32GB DDR4, NVME, W10-Pro, Quadro M1000M
i7-960, 12GB DDR3, SSD, W10-Pro, GTX1080Ti
i9-10850K, 64GB DDR4, NVME, W11-Pro, RTX3070
(Green/Bold = Active)
Xeon E3-1505Mv5, 32GB DDR4, NVME, W10-Pro, Quadro M1000M
i7-960, 12GB DDR3, SSD, W10-Pro, GTX1080Ti
i9-10850K, 64GB DDR4, NVME, W11-Pro, RTX3070
(Green/Bold = Active)
Re: Security question
If an official website gets compromised, so does the PGP signature.
Windows and Mac won't install unsigned software, but it's not unheard of signing keys being stolen.
Windows and Mac won't install unsigned software, but it's not unheard of signing keys being stolen.
-
- Posts: 523
- Joined: Fri Mar 23, 2012 5:16 pm
Re: Security question
But that does add an extra step for attackers. Supply chain attacks are getting more common.ipkh wrote:If an official website gets compromised, so does the PGP signature.
Windows and Mac won't install unsigned software, but it's not unheard of signing keys being stolen.
Security is about minimizing risks after all, not completely eliminating them.
I don't know how much effort adding PGP signatures will take, but it might be worth considering adding to future updates - lower priority than other tasks of course.
-
- Site Moderator
- Posts: 6986
- Joined: Wed Dec 23, 2009 9:33 am
- Hardware configuration: V7.6.21 -> Multi-purpose 24/7
Windows 10 64-bit
CPU:2/3/4/6 -> Intel i7-6700K
GPU:1 -> Nvidia GTX 1080 Ti
§
Retired:
2x Nvidia GTX 1070
Nvidia GTX 675M
Nvidia GTX 660 Ti
Nvidia GTX 650 SC
Nvidia GTX 260 896 MB SOC
Nvidia 9600GT 1 GB OC
Nvidia 9500M GS
Nvidia 8800GTS 320 MB
Intel Core i7-860
Intel Core i7-3840QM
Intel i3-3240
Intel Core 2 Duo E8200
Intel Core 2 Duo E6550
Intel Core 2 Duo T8300
Intel Pentium E5500
Intel Pentium E5400 - Location: Land Of The Long White Cloud
- Contact:
Re: Security question
That's correct so let's investigate the supply chain for F@H (simplified view):iceman1992 wrote:...Supply chain attacks are getting more common...
GORMACS (open source) -> F@H Team (researches plus developer) -> FahCore_a7 (closed source)
OpenMM (open source) + OpenCL (open source) -> F@H Team (researches plus developer) -> FahCore_22 (closed source)
F@H Team (researches plus developer) -> FAHClient (closed source)
F@H Team (researches plus developer) -> FAHControl (open source)
F@H Team (researches plus developer) -> FAHViewer (open source)
I am omitting the dependencies from above as I am not fully aware of it but they are open source AFAIK. Thus, if we see the above, if a supply chain attack were to occur, it would not just impact F@H, it would impact a significant portion of GROMACS/OpenMM/OpenCL userbase. Plus, F@H doesn't jump to the newest release of those standards, only when there's a significant improvement to the science and it's worth developing it to use the new features, etc. The closed source stuff is managed by trusted people and do note that V7 was completely written from the group up and doesn't use any existing code from the previous versions.
ETA:
Now ↞ Very Soon ↔ Soon ↔ Soon-ish ↔ Not Soon ↠ End Of Time
Welcome To The F@H Support Forum Ӂ Troubleshooting Bad WUs Ӂ Troubleshooting Server Connectivity Issues
Now ↞ Very Soon ↔ Soon ↔ Soon-ish ↔ Not Soon ↠ End Of Time
Welcome To The F@H Support Forum Ӂ Troubleshooting Bad WUs Ӂ Troubleshooting Server Connectivity Issues