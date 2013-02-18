from the plosives-galore dept.
Thousands of websites around the world – from the UK's NHS and ICO to the US government's court system – were today secretly mining crypto-coins on netizens' web browsers for miscreants unknown.
The affected sites all use a fairly popular plugin called Browsealoud, made by Brit biz Texthelp, which reads out webpages for blind or partially sighted people.
This technology was compromised in some way – either by hackers or rogue insiders altering Browsealoud's source code – to silently inject Coinhive's Monero miner into every webpage offering Browsealoud.
For several hours today, anyone who visited a site that embedded Browsealoud inadvertently ran this hidden mining code on their computer, generating money for the miscreants behind the caper.
Source: https://www.theregister.co.uk/2018/02/11/browsealoud_compromised_coinhive/
(Score: 5, Insightful) by DavePolaschek on Tuesday February 13, @03:06PM
My last prediction was that I'd be browsing without JS within a year. This might move that date a little closer.
(Score: 0) by Anonymous Coward on Tuesday February 13, @03:39PM (1 child)
They're full programs which execute arbitrary code on your computer which is typically outside the control of the site operator, so how much you trust the site is irrelevant.
It's time we stopped collectively pretending they're just documents, admitted they're programs, and took some sane security precautions like blocking internet access by default.
Just because idiocy is grandfathered in doesn't mean we have to live with it, disable JS, disable web access, and boycott shitty programs which require an always-on unfiltered internet connection to function. Treat them and their absurd demands no differently to a normal program making those same demands.
(Score: 2) by bob_super on Tuesday February 13, @06:06PM
Browsing websites without NoScript is like visiting the street ladies without wearing rubbers. You will eventually catch something unpleasant.
Yes, it's often inconvenient, but unlike sex with condoms, NoScript browsing is often a more pleasurable experience.
(Score: 2) by arslan on Tuesday February 13, @11:29PM
The users didn't see it coming!
