I wonder if this might not be a viable revenue model for "premium" services. IE: service is "free", but we're gonna use your CPU cycles for our own benefit.
I honestly think this could be a great alternative to ad-funding once the economics improve enough to start making it more feasible.
As long as browsers had a way to distinguish crypto-mining usage from regular site functionality and is able to throttle it separately when the site opt-into the appropriate APIs, and in other cases detect suspicious levels of sustained CPU activity, perform site-specific throttling and warn users about it.
I'd much rather support content creation on the web using processing power than with my privacy and limited attention span.
Imagine if you will that I do freelance work for a client. In addition to the CRM system that they paid for, I also put a little mining module in there that mines with otherwise idle CPUs.
My question is, would I simply be sued by the client, or do the Feds get involved with some kind of “hacking”/“unauthorized use” charge? If not the latter, how egregious does it need to be before da FBI comes a’knockin’?
Point is, if I put unauthorized code on a machine I don’t own, I go to jail.
CFAA would definitely classify this as unauthorized access or exceeding the access to which you were authorized and for personal gain. The client would try to sue you for theft and breach of contract, but they would be in line behind the government for what remains of your personal savings and retirement money.
I've seen coinhive scripts running on a few sketchy sites including tpb, but to see it on a billion dollar enterprise e.g. UFC is pretty surprising. It's not ethical at all considering running a cpu mining script which might cost the user $1 in electricity might net the controller maybe a penny of that in crypto.
8 comments
[ 4.0 ms ] story [ 40.0 ms ] threadAs long as browsers had a way to distinguish crypto-mining usage from regular site functionality and is able to throttle it separately when the site opt-into the appropriate APIs, and in other cases detect suspicious levels of sustained CPU activity, perform site-specific throttling and warn users about it.
I'd much rather support content creation on the web using processing power than with my privacy and limited attention span.
My question is, would I simply be sued by the client, or do the Feds get involved with some kind of “hacking”/“unauthorized use” charge? If not the latter, how egregious does it need to be before da FBI comes a’knockin’?
Point is, if I put unauthorized code on a machine I don’t own, I go to jail.
CFAA would definitely classify this as unauthorized access or exceeding the access to which you were authorized and for personal gain. The client would try to sue you for theft and breach of contract, but they would be in line behind the government for what remains of your personal savings and retirement money.