back to article Pulitzer-winning website Politifact hacked to mine crypto-coins in browsers

Politifact, the Pulitzer Prize-winning website devoted to checking the factual accuracy of US politicians' words, appears to have been hacked so that it secretly mines cryptocurrency in visitors' browsers. The dot-com is run by the Tampa Bay Times, and already has its work cut out for it given the state of American politics. …

  1. JLV Silver badge

    alternative to micropayments?

    you know, if it was clearly announced, secure, and reasonably throttled, why not let mining happen to support a site you like? it's not like I am a good advertising target.

    beats paying $60/year or the like for Washington Post. I already have a sub to one news mag, don't need another.

    of course, not sure my criteria above would be met.

    one thing the old French Minitel got right was a secure, low-friction, if very very pricey, way for publishers to make money.

    1. DougS Silver badge

      Re: alternative to micropayments?

      I suggested this in another thread about this a day or two ago. I think sites could do this and be above board about it, and people would accept it. I'd much rather they waste my CPU time on something that pays them directly, than waste my CPU on annoying flashing autostart video ads. Or would waste my CPU time on annoying flashing autostart video ads if I wasn't running with an adblock.

      I run with an adblock because the ads are annoying, but even if there was a "mining blocker" I wouldn't run with that so long as they were respectful and limited themselves to one thread that ran in the background while I was on their site, and would shut itself off when I switched off that tab or otherwise switched focus to something else. Then I'm paying them while I'm reading/posting on their site, and they don't have to worry about advertisers trying to control their content, shady ad networks, and so forth.

      This is a win/win as far as I'm concerned. Maybe a viable micropayment system that replaces online ads is the killer app for cryptocoin mining?

      Not sure why you got the downvotes on this, if people have an objection I wish they'd state it rather than doing a drive by downvote.

      1. JLV Silver badge

        Re: alternative to micropayments?

        Well, one drawback I can see is that crypto-mining up is extremely energy intensive. That's not so much an issue wrt batteries, if you could opt out temporarily. But it would be an issue if it was massively scaled up - we need to find ways to reduce our energy footprint, not increase it.

        Re. unexplained downvotes - worrying about that ain't hugely constructive, as any stroll through Stackoverflow meta will attest.

        Though I won't claim my proposal has much practical merit - and hopefully its drawbacks motivate those downvotes - I will say that there is also a strong sense of entitlement threaded through many readers and users of internet publications and services - "don't charge, don't advertise, be grateful for my, non-paying, patronage and be wary of my vocal wrath or criticism should you ever want to monetize, fairly or not. Or change the service in a way that does not suit my, non-paying, use cases ".

        That extends to many users of free software and music too. ;-)

    2. Cuddles Silver badge

      Re: alternative to micropayments?

      "you know, if it was clearly announced, secure, and reasonably throttled, why not let mining happen to support a site you like?"

      Because it won't actually support the site; income from web mining is tiny compared to adverts. And that's when it's all working as intended. Throw in constant price fluctuations so you have no idea what your income will actually be in a given month, and the very real possibility that the pretend-coin you've opted for will simply disappear overnight (Bitcoin is hardly stable, and that's by far the biggest and most reliable one around, other pretend-coins keep popping up and vanishing again in their hundreds so good luck guessing which will still be around a few years from now), and it's hardly a sensible looking business model.

      And even if the one you pick does happen to be around in a few years, how will you mine it then? There's a reason no-one is using Coinhive for Bitcoin - you simply can't mine it using spare cycles in normal home PCs. Pretty much all pretend-coins have a similar mining difficulty curve, they just haven't been around long enough, and aren't popular enough, to have hit the same level. If browser mining ever became popular, it would very quickly make itself obsolete.

      "beats paying $60/year or the like for Washington Post."

      Does it? Have you actually calculated how much you'd pay in electricity costs to support a site this way? And importantly, have you calculated how much income you'd actually generate for them in doing so? It's far from trivial to turn a profit from coin mining. It's extremely likely that both you and the site you want to support would be better off if you just paid them some real money instead of going through a convoluted Rube Goldberg scheme to turn that money into virtual commodities via your electricity bill.

  2. Paratrooping Parrot
    Unhappy

    This is the problem with cryptomining on websites

    At the moment, it is the malicious criminals who are exploiting cryptomining. Websites need to get their security beefed up. In times like this, it feels like technology has brought about a lot of woe and worry, that I sometimes wish that I was living in a cave.

  3. Anonymous Coward
    Anonymous Coward

    This is, of course, fake news.

    I called it first, I have no basis for this accusation but by saying that against an anti-political website it must be true.

  4. Ken Moorhouse Silver badge

    Gives new meaning to the words...

    ...cached content

    1. Anonymous Coward
      Anonymous Coward

      Re: Gives new meaning to the words...

      Grab 'em by the scripties.

  5. Anonymous Coward
    Anonymous Coward

    This is supposed to be an alternative revenue stream to placing ads on pages.

    but has turned out to be an additional revenue stream to placing ads on pages. Who would have thought...

  6. Drone Pilot

    It'll be be blocked...

    Sorry, don't understand the problem "it's better than adverts". What about your device battery life?

    I run a fairly busy website and would like to try this but suspect I'll get complaints about it.

    1. Pascal Monett Silver badge

      Re: "suspect I'll get complaints about it"

      Be open. Make a poll. Put a page explaining what and why. Gather the results and then you can decide and be confident that your decision is good.

      If it were me, I would basically say that if visitors agree to cryptomining, then I will take away the ads. From what I read about ad revenue, it's a hassle finding out what is legit and what isn't in the money you are paid. Better to skip the nuisance and go to a system that is clear and fair.

      With readership approval, of course.

    2. Sampler

      Re: It'll be be blocked...

      Why not make it opt-in? Set a cookie, usual ads disappear, mining comes in, hell, you could have a volume slider for the amount of threads it spins up.

      If possible, log work by each user and have a reward for whoever generates the most each month.

  7. Scott Broukell

    Wait, what . . . you mean to say that there actually is 'fact and accuracy' to be found in political speak! No wonder they won a prize for finding that!

  8. Tom 7 Silver badge

    Silently?

    I came across a site that tried to use my laptop for something and the fan went apeshit.

    1. Anonymous Coward
      Anonymous Coward

      Re: Silently?

      Evidently it wanted to use your laptop for fan apeshitting.

  9. The Dogs Meevonks

    What could have been a good idea... was immediately pounced upon, abused and misused by anyone who thought they could earn a few extra $£.

    As such it's now considered nothing more than malware by almost everyone who understands it... and if you're not blocking scripts already... perhaps this is the wake up call you need to start doing so.

    It's not 'dodgy' sites that are using this kind of malware, 3rd party vendors are injecting it into more popular sites that are deemed 'more respectable'... I say 3rd party... because that's who always gets blamed when these things are discovered.,, But who knows for certain... 'we got hacked' is heard all to often to cover up any blunder or fuck up... it's the IT equivalent of crying wolf.

  10. herman Silver badge

    The 'mining' is done in packages - who will stay there long enough to finish processing a package? My guess is that the revenue from such a scheme will be extremely low.

  11. bombastic bob Silver badge

    Just! Run! Noscript!

    disabling scripting will make this kind of crap *meaningless*

    but I'd probably NEVER go to their web site anyway.

    http://www.politifactbias.com/

    and that pretty much sums it up.

    "Pulitzer Prize" is when left-wing journalists do the equivalent of sexual favors to one another by awarding prizes for being the same kind of left-wing hack-job fake-news propaganda mill as the rest of them... it's as bad as academy awards for sucky art/croissant high-brow films that nobody watches.

  12. Anonymous Coward
    Anonymous Coward

    Why the picture of Mr and Mrs POTUS?

    Just asking...

  13. charlypaz

    This javascript mining it's going to change internet platforms like coinHive and coinImp are making peoples change adbys and insert this scripts to monetize their sites in a different and creative way. The only good news is we going to have less annoying adbys but more slower sites.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020