Helping Screen Savers - Are They A Threat?

[vescovono]

Ok - here is another question I have.

In prepping for our audit our auditing area wants us to have locking screensavers. Ok - cool. Someone asked about the screensavers for orgs like SETI and cancer research to see if that would be alright as well.

We just found out that apparently those aren't cool to be running at the company as someone could intercept the traffic and manipulate with some code and cause havok. Has anyone heard of this happening? I cannot find any evidence that would support the argument that these types of screensavers are a hole and threat. Just in case anyone has not seen, here are the two big ones I found:

Cancer Research

SETI@Home

It could just be that the auditors and prefer people not to use the company bandwidth for these activities, which is fine. I just want to make sure we have the right reason and not some wonk-wonk-wonk reason.

Thanks in advance.

[Vigge]

Well, I have heard a lot of rumors about this, but atleast for Seti@home, this is just a rumor... You have to check with you IT-guys as some companies does not want this on their machines.

I have been running Seti@home for a long time on and off, all it does is connect to its data server on port 80, that data has been analysed (not by me), nothing seems out of order.

Seti@home is soon too be replaced with boinc and astropulse, read about it here:
http://setiathome.ssl.berkeley.edu/setifuture.html

[ccKid]

I have been using the Seti@Home screensaver/app for a while and others that I know in the industry have also used it with no problems. I have heard rumors that someone somewhere had redirected the servers and that people were getting trojans rather than the correct data packets but that was a while ago and I think it was a bogus rumor anyways. It's been so long that I can't even recall where I had read that.


ccKid

[Tedob1]

if you want to do it on a computer you own and an internet connection you pay for thats up to you but this question should be for the owner of the network, maybe a paper on the value to humanity of sharing his/her processor power would help your cause but i doubt it. it is a potential security hole....anything you allow is a security risk thats why its best to keep it to a minimum. personally i dont think its a good idea.

[xmover]

why to try asking the company about this rumors may be that company are not aware on it.

[Vigge]

Just ass Tedob1 said The hardware and network used is property of the company, another application accessing the network is another sercurity risk.

I think the company has a right to know, and if a kranky admin checks his logs and discover S@H traffic, there could be trouble.
the key phrase here should be: If something doesnt belong to you, ask permission to use it.

[vescovono]

Did some more digging and found out:

1) These type of screensavers in general are considered a security risk == they are not allowed.

2) As a few here pointed out, while not a huge issue, it is not a good use of company resources, even if the cause is deemed good or humanitarian.

So that answered it for me. Thanks for your responses!

V.