[39537] in bugtraq
Re: A comment on using CPU resources
daemon@ATHENA.MIT.EDU (Joachim Schipper)
Sat Jul 9 17:09:55 2005
Message-ID: <16e05a8687a1c696228f7007e1c63bf1@jschipper.dynalias.net>
Date: Sat, 09 Jul 2005 20:55:21 +0200
From: "Joachim Schipper" <j.schipper@math.uu.nl>
To: Gandalf The White <gandalf@digital.net>
Cc: <bugtraq@securityfocus.com>
Reply-To: <j.schipper@math.uu.nl>
In-Reply-To: <BEF556EF.1B9BB%gandalf@digital.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
On 5:26:55 pm 07/09/05 Gandalf The White <gandalf@digital.net> wrote:
> Greetings and Salutations:
>
> I had an issue with my Firefox browser. The browser was static, yet
> it was using 70% or 80% of the CPU of the system.
>
> It got me to thinking. Java is a programming language. What would
> prevent companies from running a java script on your computer while
> you are viewing their page that uses your CPU to do some computing
> for them? Instead of selling (or in addition to selling) advertising
> the company could also sell CPU to other companies.
>
> Is this feasible?
>
> Ken
The short answer is yes.
The long answer is yes, but there are a number of other ways to achieve the
same goal, without having people look at your web page all the time. More
specifically, botnets can be used for computation too...
The moral of this story, of course, is to turn off executing remote
commands (java, javascript, whatever). But that's good practice anyway.
Joachim
