NoCoin
NoCoin copied to clipboard
keraf
nice idea... but...
it doesn't detect sites that use coin mining proxy as a disguised 1st party extension..
Thanks for the example. This particular one grabs its script from https://www.2giga.link/hive/lib/ We should just be able to add that to the blacklist to fix it.
That being said looking for a more robust way to block them would be useful.
Made a PR for adding this specific sites proxy to the coin miner.
One thing to note about this proxy is that it also doesn't seem to expose the same commands like stop() like the others ones have. At least on my first look through the source, I wasn't able to find anything.
Checking tabs for high cpu usage should be the way to go since the ones I tested spiked up to 100%.
If there is a way for us to block cryptonight.wasm regardless of the source that would help prevent quite a few miners from running regardless of where they are hosted.
Keraf was about to add it accd. to https://github.com/keraf/NoCoin/pull/44#issuecomment-334443445
I tried to add a URL filter for cryptonight.wasm but I couldn't get it right and I didn't find the time to make it work. If any of you know the right pattern to block a particular file from any domain, you're more then welcome to submit a PR.
I think the pattern(s) should be *://*/*/cryptonight.wasm and *://*/cryptonight.wasm
I think you'll need two patterns to match all the cases. Haven't tested it, just a guess.
A quick explanation: First star matches all protocols, the second one matches all domains, since we want to block https://example.com/cryptonight.wasm as well as https://example.com/js/cryptonight.wasm but not https://example.com/notcryptonight.wasm, I don't see a way to combine the two patterns. So we'll need one pattern to match the case where the file is at the root of the domain and another for a deeper path.
It should be possible to monitor the CPU usage of each tab, perhaps using parts of an add-on such as this one: https://github./scomchomery/cpu-meter Then I would suggest blocking javascript on any page which has CPU usage over x% (customisable with default 95%). When blocking, a small notification should pop-up, with three options: whitelist, unblock temporarily, keep blocking.
Would this be a suitable development for NoCoin, or would it be better to start from scratch?
I'm afraid that project is using the old Firefox extension API, which is not supported in Chrome nor in Firefox 57+. Also, I think your link should be https://github.com/schomery/cpu-meter
I think this Chrome API would be really handy: https://developer.chrome.com/extensions/processes But unfortunately, it is still experimental...
I did wonder about the URL (copy pasted from my taskbar) and the long time since cpu-meter's last update. Thanks for clearing that up.
I agree, that API would be very useful - on chrome and FF. But probably not going to happen any time soon.
https://github.com/stevespringett/disable-webassembly was mentioned somewhere else... this might be the solution for people who completely never ever want to be abused for mining.
Not sure if only the first one needs to be set to disable (what the Steve Springett suggests) or if all three are needed: chrome://flags/#enable-webassembly -> Disable chrome://flags/#enable-webassembly-streaming -> Disable chrome://flags/#enable-asm-webassembly -> Disable
A blocklist is a losing strategy as evidenced by the list of open issues asking for adding sites.
Scan javascript file contents and block if some signature spotted like anti-viruses do. But I know it can be bad for performance parsing every script on the page, sometimes they are so huge.
