Quote Originally Posted by Fire$torm View Post
OK, just be aware that the allow_remote_gui_rpc will open up the client to any machine that can find it. So it is a potential security risk especially since BOINC uses the RPC communication protocol. RPC is horribly insecure ---> http://technet.microsoft.com/en-us/l.../cc751166.aspx
BOINC doesn't actually use Microsoft's RPC calls. Instead, it uses a TCP connection on port 31416 and send/receives XML. The data is not encrypted. Some BOINC info can be accessed without authentication but commands that change preferences, join or detach from projects etc. require authentication. The password is hashed prior to authenticating and the hash is not reusable from one connection to the next.

However, if you open port 31416 to the Internet, someone could do a brute force attack and eventually guess your password since BOINC does not lock anything down after a given number of invalid login attempts.