BOINC uses digital signatures to allow the core client to authenticate executable files.

It is important that you use a proper code-signing procedure for publicly-accessible projects. If you don't, and your server is broken into, hackers will be able to use your BOINC project to distribute whatever malicious code they want. This could result in the end of your project, and possibly the end of all BOINC projects.

There are less-secure variants; e.g. you could keep the private key on a CD-ROM that is only mounted during signature generation, on a machine that is disconnected during signature generation. But we do not recommend this; a hacked computer could be running a hidden program that steals the private key and transmits it when the computer is connected again. "; page_tail(); ?>