I'm interested in setting up a Folding@Home team for my coworkers, but need to do my due diligence of evaluating Folding@Home's security measures before recommending it to them. I've looked through the about pages from the Folding@Home website on the topic of security, and while I was able to answer some questions, other topics were not covered. If you are willing to answer these questions, I'd greatly appreciate your time and answers!
What is the process for adding projects to Folding@Home? Is there an academic peer review process before new Work Units are made available?
What protections are in place to prevent malware from running within Folding@Home Work Units? If I'm giving up my computing power, it would be nice to have peace of mind that it's actually simulating protein folding and not doing something malicious.
Are Work Units encrypted on disk, or is the connection encrypted? From what I've read on the website, Folding@Home has a 2048 bit digital signature that is verified for incoming data and outgoing results. It also makes some mention of Public Key Infrastructure (PKI), but nothing specific.