Jump to content

AdGuard fights stealth cryptocurrency mining on websites


Matsuda

Recommended Posts

apps.jpg

 

The news broke recently that more and more websites make money by mining cryptocurrencies on their visitors’ computers. A person browses a site, unaware that their CPU is loaded more than normally, working on a task they didn’t put.

The device slows down, making its owner less happy and productive.On the other hand, this type of mining can let websites earn money without selling ads. 

The Pirate Bay, that had been recently caught mining cryptocurrencies on the visitors’ computers, shows the type of ads that annoy people a lot. A part of its audience might be ready and willing to lend some of their computer power in order to support the website and get rid of the ads.

One of the tools that now gain popularity for enabling mining on a website is Coinhive. They provide a JavaScript miner for the cryptocurrency called Monero.

We at AdGuard taught our desktop apps to detect the Coinhive miner on websites and ask users whether they would allow it to use their computer.


hiveen.PNG



We believe that it is not right to simply block it, but warning the user and asking for his or her consent is necessary. We work at detecting other mining tools as well. So if you notice any websites that use your device for mining without warning you and asking for permission, please report us.


 

Source

Link to comment
Share on other sites


  • Replies 33
  • Views 1.9k
  • Created
  • Last Reply
Quote

We believe that it is not right to simply block it, but warning the user and asking for his or her consent is necessary. We work at detecting other mining tools as well. So if you notice any websites that use your device for mining without warning you and asking for permission, please report us.

 

 

Quote

 

gorhill commented 9 days ago edited

Apparently, pirate-bay is doing it now too: https://betanews.com/2017/09/16/pirate-bay-secret-bitcoin-miner/

Anything that abusively auto-opt-in users deserve to be blocked by default. Now the problem I am having is, in which filter lists does this go?

Given this previous issue, and the one here, maybe it's time to create a new filter lists for anti-users auto opt-in abusive behavior. Name? "Dark patterns"?

 

Most any ad blocker has  a disable  per page if you want too support sites for coin mining or ads but if  they don't ask my permission i'm blocking it  and don't need popups telling me do i want allow it or not only one site i seen so far offered a way  to opt out of it  and they have coin miner free domain if you don't agree too it.   

 

 

Quote

 

gorhill commented 6 days ago edited

And no, I'm not here to shit-talk or attack anyone personally.

Users can easily opt-in to the respectful implementation (disabling uBO for the site/page), they can't easily opt-out of the abusive implementation -- hence the only safe approach is to block known miners by default.

As in, if there's perhaps a website that does both, but I only want the miner to run and not the ads to show?

Having ads served along with the miner kind of defeat the rationale of having the miner, which is being marketed as a way to monetize without resorting to ads. In any case, you are free to design your web sites as you wish, and users of uBO are free to opt-in to whatever you serve them. Talk to your users, they are the one making the decision, uBO is just a tool they use to get back the ability to decide.

 

https://github.com/uBlockOrigin/uAssets/issues/690?_pjax=%23js-repo-pjax-container

It's  not open too debate   with me  and already there is a list you can block them with.

 

NoCoin adblock list

https://github.com/hoshsadiq/adblock-nocoin-list

Already uBlock  list  is blocking it  and others are too

 

https://s7d7.turboimg.net/sp/8cdf98929a0f248b4cdf090bc2f413a3/list.png

 

 

 

 

Link to comment
Share on other sites


Quote

We at AdGuard taught our desktop apps to detect the Coinhive miner on websites and ask users whether they would allow it to use their computer.



hiveen.PNG



We believe that it is not right to simply block it, but warning the user and asking for his or her consent is necessary.

Asking . . . . . . . is such a waste of time (not to mention the extra click/s) — have set my Adguard to block, without asking. ^_^

Link to comment
Share on other sites


5 minutes ago, dcs18 said:

My Adguard is blocking dozens of xmlhttprequest and websocket non-stop requests, without any prompt.

Yes, I know you use very strict blocking rules. But that's not for me, I already told you the reason in our chat back sometime.

Link to comment
Share on other sites


6 minutes ago, Undertaker said:
12 minutes ago, dcs18 said:

My Adguard is blocking dozens of xmlhttprequest and websocket non-stop requests, without any prompt.

Yes, I know you use very strict blocking rules. But that's not for me, I already told you the reason in our chat back sometime.

 

Spoiler

tx38TOr.gif

 

Link to comment
Share on other sites


14 hours ago, Matsuda said:

We at AdGuard taught our desktop apps to detect the Coinhive miner on websites and ask users whether they would allow it to use their computer.

 

That's the right way to go. High five to Adguard. 

Link to comment
Share on other sites


Just now, dcs18 said:

 

  Reveal hidden contents

tx38TOr.gif

 

:P BTW I found out while trying to adapt the uBlock-Adguard transition thingy that, using ADG extension rather than the ADG program makes for a comfortable and easy transition.

Link to comment
Share on other sites


I see — on a parallel note, my personal experience is that uMatrix Users would find Adguard more worth a transit than uBlock Users since those 2 ad. blockers employ almost identical filter syntax.

Link to comment
Share on other sites


1 minute ago, dcs18 said:

I see — on a parallel note, my personal experience is that uMatrix Users would find Adguard more worth a transit than uBlock Users since those 2 ad. blockers employ almost identical filter syntax.

You ever tried going back to prev setup of uBlock or Umatrix?

Or have another profile with that setup?

How would you compare that combo with Adguard, now having used both(answer this only if you have gotten back to combo at some point after trying out Adguard program)?

Link to comment
Share on other sites


After embracing Adguard, have never gone back to the (uBlock + uMatrix) combination on my own systems which IMO is a truly sweet one.

 

That said, most of my Customers are still on the older (uBlock + uMatrix) combination as I'm yet to deploy Adguard on many client machines.

Link to comment
Share on other sites


Just now, dcs18 said:

After embracing Adguard, have never gone back to the (uBlock + uMatrix) combination on my own systems which IMO is a truly sweet one.

 

That said, most of my Customers are still on the older (uBlock + uMatrix) combination as I'm yet to deploy Adguard on many client machines.

To truly embrace it, you should go back atleast once to the previous setting and you'll know why I was insisting you for Adguard.

For you customers, I would advise that once 6.2 reaches stable(later this week), you put them on a stable release channel. Don't put them on 6.1 stable because that doesn't support the $app modifier.

What about the ones that already have Adguard, they complained of anything?

Link to comment
Share on other sites


1 minute ago, Undertaker said:

For you customers, I would advise that once 6.2 reaches stable(later this week), you put them on a stable release channel. Don't put them on 6.1 stable because that doesn't support the $app modifier.

We always use the latest release regardless of whether stable or beta — an image of my own system is deployed and then customized for a less stringent user-case.

 

 

1 minute ago, Undertaker said:

What about the ones that already have Adguard, they complained of anything?

The few of those who've been beta-testing the Adguard deployment keep filing plenty of reports — Adguard does block much much more than any other ad. blocker that I've ever used.

Link to comment
Share on other sites


2 minutes ago, dcs18 said:

The few of those who've been beta-testing the Adguard deployment keep filing plenty of reports — Adguard does block much much more than any other ad. blocker that I've ever used.

Try the extension thingy(that I just told above) for that stringent blocking rather than the Program and I think even if you copy the rules as it is, it will be already much much better.

Link to comment
Share on other sites


3 minutes ago, dcs18 said:

I've managed to get the extension semi-compliant with my Adguard program.

Using the extension in integration mode or as a standalone?

Link to comment
Share on other sites


2 minutes ago, dcs18 said:

The extension is on integration mode.

Personally, I'm not a great fan of the integration mode.

So, I have always used it as a standalone extension in cohesion with the AG program.

Link to comment
Share on other sites


1 hour ago, dcs18 said:

What advantages do you notice when using it as a standalone?

In my last testing,

I noticed that if in integration mode, the rules which are presently only in addon are not applied.

You remember we discussing how it's blocking even the HTML in program, that doesn't happen in the extension(even with the same rule). So extension behaves better even in that strict rule situation.

For filtering I used the program, and for site specific(read uMatrix converted rules) I used the standalone extension.

 

p.s. Here, by standalone I don't mean the standalone version available at AG github page, I meant that the extension is running exclusive of the program.

Program does its own thing and extension does its own. This setup I tested in the beginning stages of our discussion about adblockers.

 

 

 

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...