theSkyNet goes rogue, leaks user details

Summary:The project theSkyNet, aimed at harnessing users' spare computing cycles to analyse radio signals from space, has been inadvertently publicly broadcasting the details of users that have been contributing to the project.

The project theSkyNet, aimed at harnessing users' spare computing cycles to analyse radio signals from space, has been inadvertently publicly broadcasting the details of users that have been contributing to the project.

A concerned reader alerted ZDNet Australia to the fact late last week when he realised that he could navigate to the status page for the project after finding the URL in a configuration file. The same URL could also have been determined by looking at the source code for the open-source project.

The status page provides a list of connected users' IP addresses, their operating system, CPU architecture, the number of cores running, how much RAM they have installed, how much they have contributed to the project and the amount of time that they have spent online.

Further information about users' browser version (if they were running the web applet) and installed Java version were also available via the page.

Malicious users would be able to easily write a script to periodically poll the server, retrieve the information, and compare it to a list of known vulnerabilities, effectively forming a list of machines that could be used for a botnet.

While the centre removed the IP addresses from the website on Friday, when it was informed by several of its users that had discovered the issue, the information reappeared later that evening and over the remainder of the weekend until this morning, when ZDNet Australia contacted the International Centre for Radio Astronomy Research (ICRAR), which is responsible for the servers, and informed it of the privacy issue. The centre said that the information was visible due to a mistake made during testing.

"ICRAR takes privacy very seriously, and had no intention of releasing users' private information from theSkyNet. Due to an error, the IP addresses and operating system types of some users were listed on a publicly accessible URL over the weekend as part of a debugging exercise," the centre said.

"The information did not contain any personal information, and as soon as ICRAR became aware of the lapse, measures were taken to immediately secure the information. ICRAR will now conduct a full security and privacy review to ensure all information relating to theSkyNet community is secure."

ICRAR immediately removed the IP addresses of users from its main status page after being made aware of the mistake; however, further information was still publicly available elsewhere on the website. After ZDNet Australia alerted ICRAR of this additional method of viewing users' information today, it has taken its main status page offline and removed identifying information from other parts of its website.

ICRAR has also launched a beta client for Linux users after receiving several requests from its user base.

Topics: Open Source, Security

About

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.