Bugtraq mailing list archives
RE: A comment on using CPU resources
From: "Scott Marburger" <s_marburger () ip3 org>
Date: Sat, 9 Jul 2005 16:23:31 -0400
Several thoughts- I am reminded of some responses concerning "social engineering", and marvel as I see people with seven or eight browser windows open and minimized- in order to maintain "productivity". I have noticed on my own machine after having two or three windows open and closing all, that the machine seems sluggish. Going to task manager, I see one or two copies of Firefox still running, sucking up 30 or 40 percent when they should have closed. Shake thoughts well, add pinch of paranoia- Would it be possible to mask or disguise firefox to appear to be closed while still running it's java payload? Spitting back it's chunk of data when done? Scott Marburger Director, ICT The Institute for Public-Private Partnerships, Inc. Waterfront Center 1010 Wisconsin Avenue Washington, DC 20007 -----Original Message----- From: Raghu Chinthoju [mailto:raghu.chinthoju () gmail com] Sent: Saturday, July 09, 2005 2:54 PM To: Gandalf The White Cc: bugtraq () securityfocus com Subject: Re: A comment on using CPU resources This isn't a new thing, stealing CPU cycles this way is known for some time now. The following are the reasons I guess why this isn't feasible: 1. No anonymity. The code is directly visible to the victim. 2. As long as any script is running, the browser shows that the page is still being loaded. This might drag suspicion to view whats in the page or the user might simply cancel loading (ie the java script). Time consuming scripts might have less chances. 3. There are many better ways for a determined CPU thief. For example, there are plenty of vulnerable machines connected to Internet offering their everything to hackers in a silver plate. 4. If CPU cycles were really in huge demand, some one could just start a business offering to pay for in return to lending idle CPU. Guess not a bad idea ;-) cheers! Raghu On 7/9/05, Gandalf The White <gandalf () digital net> wrote:
Greetings and Salutations: I had an issue with my Firefox browser. The browser was static, yet it
was
using 70% or 80% of the CPU of the system. It got me to thinking. Java is a programming language. What would
prevent
companies from running a java script on your computer while you are
viewing
their page that uses your CPU to do some computing for them? Instead of selling (or in addition to selling) advertising the company could also
sell
CPU to other companies. Is this feasible? Ken --------------------------------------------------------------- Do not meddle in the affairs of wizards for they are subtle and quick to anger. Ken Hollis - Gandalf The White - gandalf () digital net - O- TINLC WWW Page - http://digital.net/~gandalf/ Trace E-Mail forgery - http://digital.net/~gandalf/spamfaq.html Trolls crossposts - http://digital.net/~gandalf/trollfaq.html Woodworking For Geeks - http://digital.net/~gandalf/woodmain.htm
Current thread:
- A comment on using CPU resources Gandalf The White (Jul 09)
- Re: A comment on using CPU resources Jeroen van Rijn (Jul 09)
- A comment on using CPU resources, addendum. Jeroen van Rijn (Jul 09)
- Re: A comment on using CPU resources Steven Champeon (Jul 09)
- Re: A comment on using CPU resources Security (Jul 09)
- Re: A comment on using CPU resources Andreas Bartelt (Jul 09)
- Re: A comment on using CPU resources Raghu Chinthoju (Jul 09)
- RE: A comment on using CPU resources Scott Marburger (Jul 09)
- Re: A comment on using CPU resources Steven Champeon (Jul 09)
- Re: A comment on using CPU resources Joachim Schipper (Jul 09)
- Re: A comment on using CPU resources Christian (Jul 09)
- <Possible follow-ups>
- RE: A comment on using CPU resources Joseph Finley (Jul 09)
- RE: A comment on using CPU resources Martin Konold (Jul 09)
- Re: Re: A comment on using CPU resources securityfocus (Jul 09)
- Re: A comment on using CPU resources Jeroen van Rijn (Jul 09)