Raevenlord
News Editor
- Joined
- Aug 12, 2016
- Messages
- 3,755 (1.23/day)
- Location
- Portugal
System Name | The Ryzening |
---|---|
Processor | AMD Ryzen 9 5900X |
Motherboard | MSI X570 MAG TOMAHAWK |
Cooling | Lian Li Galahad 360mm AIO |
Memory | 32 GB G.Skill Trident Z F4-3733 (4x 8 GB) |
Video Card(s) | Gigabyte RTX 3070 Ti |
Storage | Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB |
Display(s) | Acer Nitro VG270UP (1440p 144 Hz IPS) |
Case | Lian Li O11DX Dynamic White |
Audio Device(s) | iFi Audio Zen DAC |
Power Supply | Seasonic Focus+ 750 W |
Mouse | Cooler Master Masterkeys Lite L |
Keyboard | Cooler Master Masterkeys Lite L |
Software | Windows 10 x64 |
This here is an issue that this editor has been fearing for a while, and that we here at TPU have called our users' attention to in the past. It's bad enough when websites willingly implement web mining scripts absent of users' consent or simple knowledge. Opt-in mining as a contribution to a website's revenue would be the best way to go around the issue; however, absent that, a simple opt-out capability wouldn't be much worse. But if stealth usage of a site viewers' computing resources is bad, what then can be said when the site managers themselves are unaware of the implementation of a web miner?
This is what happened with Politifact, the US politics fact-checking website, which is but one of hundreds of the world's top traffic websites that have seen the stealth introduction of these web mining scripts - against the will of the site managers. In the meantime, Politifact has brought down the offending code and has vowed to investigate, but this opens up Pandora's box, really. Generally speaking, these JavaScript apps are running code hosted on another server that the end user - and sometimes even the site hosts - can't inspect or don't expect to have to inspect. And this is easier to do than one would imagine; there's a lack of protection against JavaScript routines like this one. And where there's potential for profit, there's abuse; and that's what we're seeing. It also doesn't help that injecting the necessary JavaScript into the front page of a website is much easier than a full blown hack into a website's databases; and once the code has been shoehorned into a website's code, it runs itself, hijacking users' CPU cycles and putting the resulting Monero coins into a designated wallet.
Ad-blocker company AdGuard has released a blog post in which they presented some results on the state of web mining; in it, the company found that 220 websites launch mining algorithms when a user opens their main page - and these aren't your end of the Internet websites. These are estimated to boast of an aggregated audience of 500 million people from all over the globe - the Internet is mostly borderless, for everything that's positive about that - and negative. And this has happened in barely more than a month - Coinhive started offering their "mining as a service" code just a month ago, in the 14th of September. AdGuard estimates that these 220 sites' joint profit currently stands at over US $43,000. Those aren't millions - yet. But keep in mind this is money that has been made in three weeks at almost zero cost.
As we've mentioned before, if you want to be protected from such shenanigans, use an adblocker. These usually get the job done in blocking those extraneous bits of code, and will generally be enough to block this kind of scripts. uBlock Origin, AdBlock, AdGuard, or even some mining-specific blockers like AntiMine, NoCoin, and others. The choice is yours. Web based mining, however, is increasingly looking to be a dark cloud for users' rights on the Internet, and while the problem is a mere smoke column on the grand scheme of things right now, expect this trend to spread like wildfire.
View at TechPowerUp Main Site
This is what happened with Politifact, the US politics fact-checking website, which is but one of hundreds of the world's top traffic websites that have seen the stealth introduction of these web mining scripts - against the will of the site managers. In the meantime, Politifact has brought down the offending code and has vowed to investigate, but this opens up Pandora's box, really. Generally speaking, these JavaScript apps are running code hosted on another server that the end user - and sometimes even the site hosts - can't inspect or don't expect to have to inspect. And this is easier to do than one would imagine; there's a lack of protection against JavaScript routines like this one. And where there's potential for profit, there's abuse; and that's what we're seeing. It also doesn't help that injecting the necessary JavaScript into the front page of a website is much easier than a full blown hack into a website's databases; and once the code has been shoehorned into a website's code, it runs itself, hijacking users' CPU cycles and putting the resulting Monero coins into a designated wallet.
Ad-blocker company AdGuard has released a blog post in which they presented some results on the state of web mining; in it, the company found that 220 websites launch mining algorithms when a user opens their main page - and these aren't your end of the Internet websites. These are estimated to boast of an aggregated audience of 500 million people from all over the globe - the Internet is mostly borderless, for everything that's positive about that - and negative. And this has happened in barely more than a month - Coinhive started offering their "mining as a service" code just a month ago, in the 14th of September. AdGuard estimates that these 220 sites' joint profit currently stands at over US $43,000. Those aren't millions - yet. But keep in mind this is money that has been made in three weeks at almost zero cost.
As we've mentioned before, if you want to be protected from such shenanigans, use an adblocker. These usually get the job done in blocking those extraneous bits of code, and will generally be enough to block this kind of scripts. uBlock Origin, AdBlock, AdGuard, or even some mining-specific blockers like AntiMine, NoCoin, and others. The choice is yours. Web based mining, however, is increasingly looking to be a dark cloud for users' rights on the Internet, and while the problem is a mere smoke column on the grand scheme of things right now, expect this trend to spread like wildfire.
View at TechPowerUp Main Site
Last edited: