Prevent "Mining" :)

Ask for help about NoScript, no registration needed to post
thomaz
Posts: 6
Joined: Tue Sep 19, 2017 12:24 am

Prevent "Mining" :)

Post by thomaz » Tue Sep 19, 2017 12:30 am

again the world developed a new "amazing" web feature.
"mining" in web browsers.
yesterday news sites reported that tpb starts using it on some parts of their site.
i also found an other site today that does the same (firefox had high cpu usage till i forbid javascript for "coin-hive.com")
i think this will be a real plague in the future.
is there any chance that noscript gets an anti mining option to prevent that firefox starts mining in the background?
Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0

barbaz
Senior Member
Posts: 9691
Joined: Sat Aug 03, 2013 5:45 pm

Re: Prevent "Mining" :)

Post by barbaz » Tue Sep 19, 2017 1:19 am

https://www.tripwire.com/state-of-secur ... s-browser/

NoScript is a security tool, anything else it does is side-effect of its security. I'm not clear on whether in-browser coin mining is a security threat or just annoying.

If it is a security threat, then certainly NoScript should do something. In the mean time, since these mining scripts are third-party, you can Mark the mining sites as Untrusted.
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
GµårÐïåñ
Lieutenant Colonel
Posts: 3353
Joined: Fri Mar 20, 2009 5:19 am
Location: PST - USA
Contact:

Re: Prevent "Mining" :)

Post by GµårÐïåñ » Tue Sep 19, 2017 2:09 am

Pirate bay has been experimenting with it but you can kill it with a blocker, just look for the code. Unless you script kill the whole site, NS can't help you with inline or post injected JS. Meaning, unless you mark as untrusted like @barbaz said, you allow it, you get what you get. NS doesn't think for you, just does what you say and protects you accordingly, the decision is yours. And, while NS sometimes will block things, that's the exception not the rule, meaning it wasn't build to be a content blocker. Now if the site you are using uses a cross domain to do it, then sure, mark that part as untrusted and as long as they don't lazy load a local copy on their own domain as a failover, which you have allowed, then you will be fine.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0

User avatar
GµårÐïåñ
Lieutenant Colonel
Posts: 3353
Joined: Fri Mar 20, 2009 5:19 am
Location: PST - USA
Contact:

Re: NoScript Sightings

Post by GµårÐïåñ » Thu Nov 02, 2017 10:09 pm

morganism wrote:NoScript on Pirate Bay forum to disable a bitcoin mining script

https://pirates-forum.org/Thread-PIRATE ... SITE-MINER
They have been mining to make some funds for the site, it's been known for a long time and over at uBlock it was already blocked with a specialized list that also kills others that have been discovered.

Code: Select all

! uBlock Origin -- Resource-abuse filters
!
! To foil sites potentially abusing CPU/bandwidth resources without informed
! consent. Any such resource-abuse scripts MUST be opt-in, with complete
! informed consent from the visitor.

! https://github.com/uBlockOrigin/uAssets/issues/659
||edgeno.de^$script,third-party,domain=~edgemesh.com
/edgemesh.*.js$script,domain=~edgemesh.com|~edgeno.de

! https://github.com/uBlockOrigin/uAssets/issues/690
||coin-hive.com^$third-party
||coinhive.com^$third-party

! https://github.com/uBlockOrigin/uAssets/pull/706
||jsecoin.com^$third-party

! https://github.com/uBlockOrigin/uAssets/pull/725
||minemytraffic.com^$third-party

! https://github.com/jspenguin2017/uBlockProtector/issues/624#issuecomment-333700969
||kisshentai.net/Content/js/c-hive.js

! https://github.com/jspenguin2017/uBlockProtector/issues/636#issuecomment-334317456
||info^$script,third-party,domain=oload.info

! https://github.com/uBlockOrigin/uAssets/issues/742
||crypto-loot.com^$third-party

! https://github.com/uBlockOrigin/uAssets/issues/746
||2giga.link^*hive$script

! https://github.com/hoshsadiq/adblock-nocoin-list/issues/32
||ppoi.org^$third-party
||projectpoi.com^$third-party

! https://github.com/uBlockOrigin/uAssets/pull/748
||webmine.cz^$third-party

! https://github.com/uBlockOrigin/uAssets/issues/754
||coinerra.com^$third-party
||listat.biz^
||lmodr.biz^
||mataharirama.xyz^$third-party
||minero.pw^$third-party
||reasedoper.pw^$third-party

! https://github.com/uBlockOrigin/uAssets/issues/762
||coin-have.com^$third-party

! https://www.bleepingcomputer.com/news/security/the-internet-is-rife-with-in-browser-miners-and-its-getting-worse-each-day/
||coinblind.com^
||coinnebula.com^

! https://github.com/uBlockOrigin/uAssets/issues/803
||safelinkconverter.com^$script,third-party
NoScript by the virtue of its nature, already breaks them and exposes them to you (of course barring you have allowed the whole site already or do so which would open you up) but perhaps Giorgio can use this list or his own information to build some internal blocking by default, it could be theoretically possible, like much of the XSS and other protections we have. I'll ask him.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0

User avatar
Giorgio Maone
Site Admin
Posts: 8957
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: NoScript Sightings

Post by Giorgio Maone » Thu Nov 02, 2017 10:52 pm

GµårÐïåñ wrote: but perhaps Giorgio can use this list or his own information to build some internal blocking by default
Of course coin-hive.com is already blocked by default, not being in the default whitelist, so nothing seems needed at this moment.
Should some website also check whether the miner actually works and otherwise intentionally break some functionality to force you enabling it, we could devise some Surrogate Script as a work-around.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0

User avatar
GµårÐïåñ
Lieutenant Colonel
Posts: 3353
Joined: Fri Mar 20, 2009 5:19 am
Location: PST - USA
Contact:

Re: NoScript Sightings

Post by GµårÐïåñ » Thu Nov 02, 2017 11:00 pm

Giorgio Maone wrote:Should some website also check whether the miner actually works and otherwise intentionally break some functionality to force you enabling it, we could devise some Surrogate Script as a work-around.
Thank you my friend for so quickly coming to take a look and dropping some knowledge, appreciate it ;) because I know you are busy dealing with a lot of things.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0

barbaz
Senior Member
Posts: 9691
Joined: Sat Aug 03, 2013 5:45 pm

Re: Prevent "Mining" :)

Post by barbaz » Thu Nov 02, 2017 11:04 pm

Merged discussion to here.
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply