Your smartphone browser: A ZOMBIE in password-crunching botnet Computer scientists in the US have discovered a potential means to abuse cloud-based web browsers. Cloud-based web browsers such as Amazon Silk on the Kindle Fire feature a split architecture that means some processing associated with rendering web-pages is offloaded onto server farms in the cloud. Some smartphone browsers, …
Christian Berger: What you describe is the opposite of what this team has done. The site you mentioned offloaded work onto the client machines (by having them run Javascript[1] worker roles). This research describes tricking HTML-rendering servers into performing computations.
Rick Giles: Your comment is so awesomely, stunningly irrelevant to the story that it's difficult to believe you actually read the piece before responding. Customer data is in no way involved in this exploit; nor does it have anything to do with hosting private data in the cloud.[2] It's about abusing a particular class of publicly-accessible computation resources by coopting their protocols and disguising one type of workload as another.
I can only assume the two people who upvoted you are similarly so keen to grind this particular axe that they too can't be bothered to see whether it's relevant to the story. The Internet echo chamber at work.
[1] Technically ECMAScript, unless it used extensions proprietary to Mozilla's implementation, which is what the "Javascript" trademark describes.
[2] In fact, it's arguable that the researchers shouldn't have used the "cloud" terminology at all - what they're talking about are basically publicly-accessible HTML rendering farms, which can be implemented using a "cloud"[3] approach, but don't have to be.
[3] I.E., utility computing, with an opaque abstraction layer between workloads and the hardware clusters they run on.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
