Pirate Bay is Mining Cryptocurrency Again, No Opt Out

The Pirate Bay is mining cryptocurrency again, causing a spike in CPU usage among many visitors. From a report: For now, the notorious torrent site provides no option to disable it. The new mining expedition is not without risk. CDN provider Cloudflare previously suspended the account of a site that used a similar miner, which means that The Pirate Bay could be next. Last month The Pirate Bay caused some uproar by adding a Javascript-based cryptocurrency miner to its website. The miner utilizes CPU power from visitors to generate Monero coins for the site, providing an extra source of revenue. [...] The Pirate Bay currently has no opt-out option, nor has it informed users about the latest mining efforts. This could lead to another problem since Coinhive said it would crack down on customers who failed to keep users in the loop.

I'm surprised

I would have thought the people who knew about torrents were among the same people who use adblockers and NoScript.

Re:I'm surprised

[ShanghaiBill]

I would have thought the people who knew about torrents were among the same people who use adblockers and NoScript.

People that use adblockers and NoScript want privacy.
People that use torrents want free stuff.
There is some overlap, but they are mostly different groups.

Re:I'm surprised

[war4peace]

People knowing about (and using) torrents are not required to be tech-savvy. They just need to know how to install a torrent client and click on stuff.
Slightly smarter people use private trackers, no TPB stuff.

Re: I'm surprised

[sirber]

You can disable javascript per site with chrome, no addon required.

Re:I'm surprised

[qortra]

People that use torrents want free stuff.

You make it sound so tawdry, perhaps because you failed to identify the most important distinction: free as in beer, or as in speech? Many of the people who want "free stuff" are more than happy to buy their media, but only without DRM. People who don't want DRM and do want privacy actually overlap quite nicely.

Re:I'm surprised

[fisted]

Most people i know who just want free stuff use some sort of pirate streaming website instead of downloading torrents

Re:I'm surprised

That is complete BS.

Most of the people who want "free stuff" are people who are too cheap to pay even $1 to get or rent stuff LEGALLY. In other words, they are cheap and even if the media was DRM free, they would still pirate it.

Re:I'm surprised

Your a dumbass. To think people know how to torrent but not to use adblock. Its usally the other way around

Re:I'm surprised

> Many of the people who want "free stuff" are more than happy to buy their media, but only without DRM.

Don't assume that just because you're some high-thinking technological idealist that everyone else is too. People torrent Game of Thrones because they don't have an HBO GO login to bum off of someone else, not because they're making some statement about DRM.

Re:I'm surprised

You failed to identify the most important distinction: free as in beer, or as in speech?

It's not his fault if english sucks.

Re:I'm surprised

You've basically defined that much-loved contingent of folks who would not have paid for it in the first place.

Re:I'm surprised

[Opportunist]

People who know that probably use private trackers instead of TPB. TPB is basically to torrents what AOL used to be to the internet.

Re:I'm surprised

[Neuronwelder]

I personally would be ecstatic to view a few commercials to get this free, so called, pirate stuff. I don't have infinite money. And a few commercials might even interest me - and I might click on them and buy something. I can't figure out, for the life of me - why "the hungry shark" commercial people don't see a SUPER gold mine opportunity. It's insane!! The commercial people should be defending this pirate stuff teeth, claws, and nails.

Re: I'm surprised

Oh you want cable, tons of commercials there. Have fun with 150 channels of reruns for $100.
Oh you thought commercials make shit free? Sure they generate record breaking revenue year after year but you still gotta pay...

Re: I'm surprised

I bought every game on GoG to make a statement that I support their business model. Downloading stuff for free isn't making a statement other than "I like free stuff!"

Re:I'm surprised

That's because it wasn't worth a $1 in the first place, not because I'm cheap.

Re:I'm surprised

[rtb61]

Hmm, free stuff, a lot of people play free online web games and I have to say, quite a few of them run way, way slower than they need to. I smell crypto currency mining all over web games and that is likely where the idea came from. Keep in mind, people often do more than one thing at a time on the internet and when you hack their CPU you cripple their ability to do so, do it mobile and you kill the battery, no just short term life but also long term life.

Re:I'm surprised

The only time i go to TPB is to find old TV episodes and such.
Demonoid was a gold mine for hard to find material but they had to shut it down cause America.

Re: I'm surprised

"I like free stuff!" This is not entirely accurate. It should read "I deserve free stuff". Today's insufferable entitlement proles would most likely change sides if they were the ones creating and distributing their own unique content and expecting to earn some money a long the way so they can support themselves in creating more content in the future.

Re:I'm surprised

[piojo]

This is a complex issue with lots of sides, but I'm really anti-DRM with regard to books. It must be because I see books as more archival than any other type of media. Since a book should last for at least a hundred years, it feels much less valuable to "own" a book which depends on the bookseller's blessing to open (or perhaps depending on old hardware/software), and it feels wrong to give money to such a system, even though my friends assure me it's easy to strip DRM from e-books.

(Writing this post has inspired me to order a used copy of the latest book I've been drooling over. I'm outside the US, but increased shipping price is the cost of pride—not paying for anti-consumer technologies.)

Re: I'm surprised

[muffen]

You can disable javascript per site with chrome, no addon required.

uBlock Origin and uMatrix are really good addons to have as well in chrome!

Re:I'm surprised

those people that only want free because of money aren't going to buy it anyway. However there is also a considerable population like myself who don't mind paying for a decent service and content as long as it isn't done in insane overpriced overly burdensome ways. I pay for Netflix, I buy other streamed content on an individual basis. I also "pirate" some content because their is no "sane" method for me to purchase that particular content, e.g. requiring me to subscribe to some massive package to get a single show, or like in Australia where you have to subscribe to one of the worst quality systems (Foxtel) to get content and even then they only provide it at compressed sub HD quality (and that is when it works at all).

Re: I'm surprised

the ones creating and distributing their own unique content

There seems to be plenty of people successfully using the patreon thing in addition to sales.

Re:I'm surprised

Slightly smarter people use private trackers

Dozens of seedboxes that could provide for everyone looking for a specific rare media are left idling most of the time so that a bunch of people can play a dick-sucking contest, so smart.

Re: I'm surprised

[Hal_Porter]

True, but this makes the process easier. One click to toggle JS and it autorefreshes the site when you do it.

Actually the amount of fuckery with JS these days - modal popups, paywalls, disabling the clipboard and autoplay video - means you should probably move to a whitelist model. I.e. rather than enabling by default and disabling for sites that abuse it, disable by default and enable it for sites that don't.

Quick Javascript Switcher Extension for Chrome

Re:I'm surprised

[guyniraxn]

That would have been true in the early days of bittorrent but it's nearly mainstream now, any idiot can and will use it. The more advanced users are on private sites that run off of donations and have fast uploads of new releases with any garbage being nuked pretty quickly. No ads or secret scripts.

Re:I'm surprised

[houghi]

So what he said was correct. People want free stuff, be it as in beer or as in speech or as in both.
People who don't want DRM and do want privacy still want free (as in speech) stuff.

Re:I'm surprised

Assuming personal honesty rules does NOT seem like such "high-thinking" idealism. It's how straight-white-Christian western culture is done. What kind of a nibberizing Weinstein/Wasserman/Schumer/Feinsteinesque byte-slut are you ?

Re:I'm surprised

GOG proves you wrong.
Amazon/iTunes music proves you wrong.

Unfortunately I have no other examples, but the ones I have are enough to prove you wrong.

Re: I'm surprised

No, youâ(TM)re cheap. And a thief.

Re: I'm surprised

[barbariccow]

modal popups

I've yet to find one that I couldn't

• Right Click
• Inspect element
• Right click on element in the bottom pane and "Delete Node"

Even big companies like Facebooks "You must login" dialog are easily defeated in this manner.
Used to be a plugin "Nuke Anything" which made this a one-click task, but it's been gone for a while, or at least invisible to me...
Since it's SO SIMPLE to make this not work ( i.e. make the overlays effective ) I like to think that it is so easy thanks to guerilla Free As In Speech programmers at these big corporations who purposefully make easy-to-circumvent blocking. It could be incompetence, but you'd think at least ONE page would do it right.

Re: I'm surprised

[tepples]

Actually the amount of fuckery with JS these days - modal popups, paywalls, disabling the clipboard and autoplay video - means you should probably move to a whitelist model. I.e. rather than enabling by default and disabling for sites that abuse it, disable by default and enable it for sites that don't.

In principle, I agree. So in practice, what steps can the operator of a website take to reassure prospective users that the site does not abuse script?

Re:I'm surprised

[tepples]

What's quiz on identifying lossy compression from a spectrogram used to be the de facto entry point to the private tracker community. But with What gone and its ex-users eating up all the open signup slots elsewhere, how does someone get into private trackers for the first time if he has no IRL friends who openly use a private tracker?

Re:I'm surprised

[phorm]

Possibly, but for a long time stuff that you download from a Torrent actually ran *better* than what you purchased, mainly due to being stripped of harmful DRM. I know plenty of people who used to buy stuff, shelf it, and then go for the downloaded version.

There's also stuff like CD ISO's. For a long time computers came with everything they needed to get back to their initial state in the form of driver and OS discs. Later, it became a "create a recovery image" option which let you burn a CD to reinstall. Then it became a "recovery partition" on the disk. That last option was convenient from a speed perspective, but when one of the most common failures was a dead drive, completely useless.
It was similarly a pain for drive upgrades.

So what happens when you have a computer with a failed drive that's otherwise OK, a legit OS serial # and a replacement drive, but no OS disc to install. Well you hop on a torrent site and grab your OS disk so you can get your computer back.Again, these are computers that had a perfectly legit OS license, but no media was included.

Alternately, computers which sold with massive bloatware were in a similar boat. Even if you used the official OS restore you'd end up with a bunch of shitty additional/unwanted stuff taking up memory and disk space, possibly a backdoor if you include the Lenovo escapades but almost always antivirus, toolbars, "update checkers" etc etc.

Re:I'm surprised

[Opportunist]

Not at all.

Sorry if I sound like an elitist prick, but the masses had their chance. We invited them into our garden, they trampled the flowers and when we kicked them out they sent the cops after us. Don't expect us to make that mistake again.

Re:I'm surprised

[Rakarra]

People who know that probably use private trackers instead of TPB. TPB is basically to torrents what AOL used to be to the internet.

So where does that leave the casual people who might only be interested in downloading something maybe once every year or so? I'm not interested in torrenting anything most of the time, but I might sometime get the urge to look for something that's not available elsewhere. Pretty much all I'd know is how to load up TPB and grab a magnet link.

Re:I'm surprised

paying money to the scum in hollywood is morally wrong.

Re: I'm surprised

in practice, what steps can the operator of a website take to reassure prospective users that the site does not abuse script?

Not much, if anything, I believe. The damage has already been done.

Shocked, simply shocked

[geschbacher79]

How could a website dedicated to helping facilitate the widespread distribution of pirated materials engage in anything unethical? It's almost like they don't give a crap about anything except making money off the backs of other's work.

Re:Shocked, simply shocked

[PPH]

"I'm shocked, shocked to find that gambling is going on in here!"

Re:Shocked, simply shocked

[gnick]

How could a website dedicated to helping facilitate the widespread distribution of pirated materials engage in anything unethical?

Next you'll tell me that Warez producers incorporate exploit code into the products they crack. Or that FB is trying to make money by tracking everything I do. Lunacy!

And now folks, it's time for "Who do you trust?" Hubba, hubba, hubba. Money, money, money. Who do you trust?

Re:Shocked, simply shocked

"I'm shocked, shocked to find that gambling is going on in here!"

Your winnings sir....

Re:Shocked, simply shocked

[sexconker]

Next you'll tell me that Warez producers incorporate exploit code into the products they crack.

They don't. Proper scene releases are clean.

Re:Shocked, simply shocked

Many executables distributed as warez do not qualify as "proper scene releases". If you're going to run something from a shady source, it's a good idea to scan it.

Re:Shocked, simply shocked

[Entropius]

Do scene releases include things like SHA-1 checksums?

Re:Shocked, simply shocked

[sexconker]

He said "warez producers". The vast, vast majority of people making WaReZ are part of a scene, and they do it right.
Miscreants who take the releases, inject malware, and redistribute them are not the WaReZ producers, are not part of the scene, won't have their .nfo indexed, will have any "release" they try to pass off nuked, etc.

Re:Shocked, simply shocked

[sexconker]

Depends on the scene and group. Many still do RAR packaging.

Re:Shocked, simply shocked

[Opportunist]

If you buy your coke in Colombia it's probably also cleaner than the shit you get from your street dealer...

Re:Shocked, simply shocked

[Opportunist]

Funny how nothing changed in the past 20 years... I would've thought by now the more reputable cracker crews would digitally sign their stuff.

Re:Shocked, simply shocked

[KiloByte]

How could a website dedicated to helping facilitate the widespread distribution of pirated materials engage in anything unethical?

For a good part of us here, piracy is not only nothing morally wrong, but even a much-needed preservation and dissemination of culture. I'd go as far as calling copyright a crime against humanity: culture is what makes us different from non-human animals. Like animals, we need to eat, breathe and reproduce. Unlike them, we convey ideas from each other. Thus, culture pretty much is humanity, thus copyright, greatly hindering creation and dissemination of culture, is directly a crime against humanity.

For some, the likes of Snowden or Elbakyan are criminals, for me they're biggest heroes of present day. So is Anakata. That some of Anakata's replacements use a dodgy method to defray some of costs leaves a bad taste, but that's not an argument against piracy.

Re:Shocked, simply shocked

[barbariccow]

Funny how nothing changed in the past 20 years... I would've thought by now the more reputable cracker crews would digitally sign their stuff.

That would defeat plausible deniability.

Re:Shocked, simply shocked

[Opportunist]

How? By you finding the private key to the signature with me? Please. You really think that key isn't gone with the wind the second that door flies in my face?

There's so many ways to keep incriminating evidence in a very volatile yet stable state, it's surprising that investigators still find anything.

Re:Shocked, simply shocked

"I'm shocked, shocked to find that gambling is going on in here!"

Your winnings sir....

Oh, thank you very much. Everybody out at once!

Re:Shocked, simply shocked

[Agripa]

Next you'll tell me that Warez producers incorporate exploit code into the products they crack.

Next you will tell me that Microsoft incorporates exploit spying code and government backdoors in Windows.

Duh

[barrywalker]

Turn Javascript off, dummies.

Re:Duh

I wounder how anyone can still visit tbp without javascript disabled, it's been the last non-porn-site on the internet that constantly tried to open pop-up/over/under....

Re:Duh

[qortra]

Maybe this works for TPB, but increasingly, websites won't work when you do that. I say this as the lead developer of a single-page-app that most certainly requires javascript. Plus, even without making it a single-page-app, TPB could be trivially rewritten to require js.

Re:Duh

> as the lead developer of a single-page-app that most certainly requires javascript

Stop that.

Re:Duh

Are they going to rewrite it so the torrent filename doesn't appear in the page source?
Then who would use TPB anymore?

Re:Duh

[Celarnor]

Its a relatively common business requirement now, although the stakeholders usually don't know what they mean. "Its like the page reloads every time I do something. $site_of_competitor doesn't do that."

Re:Duh

You can avoid reloading the page every time without making it completely unviewable when javascript is disabled. The reason web designers don't do that is that they want the page to be broken when you have js disabled, because the tracking they're using can't work without it.

Re: Duh

A greasemonkey script could presumably be used to kill off the bits of JavaScript users donâ(TM)t want to run without impacting other stuff

Re:Duh

[Waccoon]

Even if this is possible now, it's not a long-term solution. It would be nicer to be able to throttle scripting. Everything is moving away from document design and towards application design, and with WebAssembly coming, I'm pretty sure it will soon be impossible to browse the web without scripting support.

Re:Duh

[barbariccow]

> as the lead developer of a single-page-app that most certainly requires javascript

Stop that.

But what about aJax?

Re:Duh

He said, "STOP THAT!"

Re:Duh

[tepples]

Then make a single-page version for the stakeholders, which automatically falls back to a "page reloads every time I do something" version for script abstainers if the script fails to load.

Re:Duh

Now you need to implement everything twice - once in Javascript and once without. And you have to create different workflows to account for the fact that the page is refreshing every time and can't be updated on the fly. And then you have to explain to the stakeholders why you're taking the time to rebuild the whole app when there are like five people in your entire user base who don't use Javascript.

Re: Duh

[Rakarra]

A greasemonkey script could presumably be used to kill off the bits of JavaScript users donâ(TM)t want to run without impacting other stuff

It could, unfortunately greasemonkeying with a website is like shooting a moving target. Website changes slightly, greasemonkey script breaks and has to be updated, repeat.

Re:Duh

[tepples]

there are like five people in your entire user base who don't use Javascript.

Is this a guess, or do you actually have analytics that only five people have visited your site without attempting to load the script?

NoScript

[93+Escort+Wagon]

I assume one could "opt out" using NoScript.

It's annoying to be put in that position... but it's not as if it's particularly novel for end users to be forced into taking action to stop web sites from doing things we don't want them doing.

Re:NoScript

[jwhyche]

There is also a opt out by simply not going to the site. I have yet to see anything that pirate bay has to offer that a carefully worded google search won't fine.

Re:NoScript

Adblock plus, "coin-miner" filter at the bottom of the https://adblockplus.org/subscriptions page. It seems to block it but I don't have "all configurations" tested obviously.

Re:NoScript

I assume one could "opt out" using NoScript.

Yes

It's annoying to be put in that position... but it's not as if it's particularly novel for end users to be forced into taking action to stop web sites from doing things we don't want them doing.

I agree that it might be annoying, and that it is not novel. You, and only you, have ever been responsible for, or in control of, client-side javascript running on your computer.

Block it, and move on. Nothing more to see here.

Re:NoScript

[radarskiy]

This is in fact the reason I have script blockers and ad blockers: to prevent malicious third-party code from running on my machine. That the primary cases of this involve advertising is incidental.

Re:NoScript

Ditch NoScript and use uMatrix. It gives you much more control.

Re:NoScript

[cciRRus]

... I have yet to see anything that pirate bay has to offer that a carefully worded google search won't fine.

That might have been an appropriate typo "error". :)

Re:NoScript

[AmiMoJo]

I'm surprised that this Javascript can make any money. When I visit it's usually for just a few seconds, often following a direct link to the content I want (via Google or a TV calendar). I click on the magnet link to start downloading and then close the site.

Is that even long enough for the miner to get initialized or do any useful work?

Re:NoScript

Some people just leave the tab open without thinking about it. A system like this doesn't have to work for 100% of "users" in order to make money.

Who cares? It's better than advertising.

[ErikTheRed]

Seriously. Most of us have cores sitting idle. Instead of being abused / tracked / annoyed / occasionally infected by advertising, why not let sites do a small amount of mining while we visit?

Re:Who cares? It's better than advertising.

It's the most wasteful way of donating ever. You're throwing dollar bills out the window (electricity) to donate pennies.

Re:Who cares? It's better than advertising.

Because some of us live places where electricity costs close to $0.40 USD per kWh? I very closely monitor my PC usage and definitely do not idle it like I did during college when someone else was paying.

Re:Who cares? It's better than advertising.

More like throwing away less than a penny to donate a tiny fraction of a penny... How long would someone be on the pirate bay website, maybe 5 seconds to search for something, download the torrent close the browser and allow the torrent program to do the work.

Re:Who cares? It's better than advertising.

Because I'm running this crap in VM through VPN/tor to avoid tracking.

Re:Who cares? It's better than advertising.

[blahbooboo]

So, close the tab when youre done finding and starting the torrent.

Re:Who cares? It's better than advertising.

Because the javascript is a terrible resource hog. The miner doesn't limit itself to just your idle core(s).

Re:Who cares? It's better than advertising.

[viperidaenz]

The Pirate Bay doesn't require Javascript to function. Turn it off and the ads are less intrusive too.

Re:Who cares? It's better than advertising.

[fabriciom]

I don't mind it, but the problem is that I'm still getting popups every time i click on a link...

Re:Who cares? It's better than advertising.

Because some of us live places where electricity costs close to $0.40 USD per kWh? I very closely monitor my PC usage and definitely do not idle it like I did during college when someone else was paying.

Holy bat poop sir.. $0.40 per kWh? I'm paying $0.12 per kWh and I'M getting taken. Why on earth are you having to pay that much?

If it's some government idea, I'm sad for you..

Re:Who cares? It's better than advertising.

[gravewax]

For the me the site is completely unusable with the piece of shit coin miners, they take every ounce of CPU horsepower they can steal even to the detriment of using TPB. In the past I let pirate bay display its dodgy ads so they got a little something from me, but ever since this change all Ad's and mining their is blocked.

Re:Who cares? It's better than advertising.

But you're ok with downloading pirated content at $0.40 USD per kWh... stfu.

Re:Who cares? It's better than advertising.

The price of living in paradise. Going back and forth between Hawaii and Germany makes German electricity rates look generous :-)

Re:Who cares? It's better than advertising.

Welcome to California? The entry level rate for heating a hovel is 14 cents, but if your house is large enough to have separate rooms, you will be paying 25-35 cents a kWh depending on time of day. 40cents if you don't do time of day pricing.

Re:Who cares? It's better than advertising.

[ctilsie242]

I think it is better than ads. On desktops, it isn't a big deal. Portable devices where battery life is critical... different story. However, I would say that some CPU time spent mining coins for a site is a lot better deal than full page pop-up Flash ads with malware served underneath.

Re:Who cares? It's better than advertising.

[BronsCon]

a CPU @ 1% to run a torrent client != a CPU @ 100% running a javascript coin miner

Re:Who cares? It's better than advertising.

[K.+S.+Kyosuke]

But you're bypassing the silly advertising agencies that pay pennies to those sites, too.

Re:Who cares? It's better than advertising.

[K.+S.+Kyosuke]

Shouldn't it be possible to limit a process' duty cycle somehow? Some applications like POV-Ray offered this as an application switch (vital for rendering in space! ;)) but I could think of a similar limit imposed from the outside. SIGSTOP and SIGCONT have existed for the longest time and maybe today there's better options specifically on Linux.

Re:Who cares? It's better than advertising.

Living in Hawaii? Why? Yea, the weather is nice and assuming you are getting away from the tourist garbage the location isn't that bad looking, but it is wholly too expensive for EVERYTHING. It's a nice place to visit for a week, but there are places which are just as nice and cost a LOT less to actually live. A million dollars buys you a hell hole hovel in most of Hawaii.

Germany is OK, but why anybody would choose to live in the EU is beyond me.

I'm hoping this is some job related thing, because I'd rather live in Costa Rica where you could actually afford something nice..

Re:Who cares? It's better than advertising.

[fisted]

More like throwing away less than a penny to donate a tiny fraction of a penny... How long would someone be on the pirate bay website, maybe 5 seconds to search for something, download the torrent close the browser and allow the torrent program to do the work.

You forgot the part where the luser closes the TPB browser-tab so the javash^Hcript stops executing. I wonder why....

Re:Who cares? It's better than advertising.

[bobbied]

I left Cali long long ago. Too rich for my blood to actually live in a nice place and the rest of the working stiffs are stuffed into the suburbs like cord wood, house poor and struggling to make ends meet on 2 $100k/year salaries.

I'd suggest you move to "fly over" country where $100K/year actually gets you a decent standard of living.

Re:Who cares? It's better than advertising.

Because they don't pay me to. Duh. These are MY cores. I decide what they do, not something else.

Re:Who cares? It's better than advertising.

Most of us have rooms sitting idle when we are away from home visiting other people. Instead of , why not let your friend tell their other friends do a small amount of meth cooking while we visit?

The point is you don't know what your extra cores are doing, you don't know why and you don't know for who. The issue isn't exclusive to TPB, torrents and bitcoin mining.

Re:Who cares? It's better than advertising.

[tlhIngan]

Seriously. Most of us have cores sitting idle. Instead of being abused / tracked / annoyed / occasionally infected by advertising, why not let sites do a small amount of mining while we visit?

What's the real difference? How do you know the miner script isn't doing tracking / infesting your PC with malware? The javascript behind it is exactly the same - whether it's annoying displaying an ad, or mining.

If you say it's because it's first party, remember advertising started out that way too - every site handled their own advertising. Then came along ad networks which made it easier for website creators to have ads. It's only a matter of time before mining becomes a network and all you have to do is join a mining network. Said mining network can also track you across the web like ads do, as well as potentially be infected with dodgy scripts that install all sorts of weird crap, like ads do.

Re:Who cares? It's better than advertising.

[CaptainDork]

Find a goddam light bulb to unscrew to compensate.

Shit.

Re:Who cares? It's better than advertising.

[GameboyRMH]

TPB is intolerable with JS on. Pop-ups and pop-unders everywhere. So this miner won't bother me, although opt-in mining isn't a bad idea.

Re:Who cares? It's better than advertising.

[UnknownSoldier]

Fuck off with your false dichotomy.

/sarcasm Would you like to be raped or murdered?

NO! **Both** suck.

Just because some of _my_ CPU cores are idle doesn't give you any right to use it.

Re:Who cares? It's better than advertising.

Seriously. Most of us have cores sitting idle. Instead of being abused / tracked / annoyed / occasionally infected by advertising, why not let sites do a small amount of mining while we visit?

I have a VM I use specifically for ... adult purposes. 2 of 8 cores allocated to the VM. I went to several of my regular sites and saw the CPU on chrome inside the VM spike to 100%. My host OS went to 25% so I wasn't completely hosed. Closed out each tab one at a time until I found the site that was acting up. Inspected said site - lo and behold - it was a bitcoin miner. Notified the site admins - they indicated this was NOT intentional - fixed within a few days.

To parent comment - they can use some of my spare CPU cycles, fine, just not ALL of them.

Re:Who cares? It's better than advertising.

[antdude]

But that uses more power and makes more heat. Some of us don't want those!

Re:Who cares? It's better than advertising.

Because I pay for my electricity and they don't.

I also paid for my hardware and don't need it to be worn out quicker.

Re:Who cares? It's better than advertising.

[thegarbz]

Same reason we don't mine directly. Horrendous waste of power. Not to mention I do like my computer quiet and it doesn't take much for the CPU fan to start kicking on the turbos.

Re:Who cares? It's better than advertising.

But you're bypassing the silly advertising agencies that pay pennies to those sites, too.

Coinhive isn't much better, they charge 30% of the profits.

Re: Who cares? It's better than advertising.

[pD-brane]

Maybe, but now you get both advertising and mining.

Re:Who cares? It's better than advertising.

[Rakarra]

Fortunately, in most of California, you rarely need to heat your home in the first place. Unless you're up in the foothills or mountains, it just doesn't get that cold, and almost no house is going to use electricity for heating -- natural gas furnaces are most common.

Air conditioning is another situation. Many don't have it, but some locations like the central valley will be miserable if you don't have AC.

Re:Who cares? It's better than advertising.

If you want to view a torrent's file listing, or browse through the comments (on torrents that have more than one page of them), it *does* require JavaScript to function.

Not that those are particularly necessary to use the site...

the root of all evil

Javascript.

That explains some network usage

anyone else having windows crash from a thread error ?

this code may be causing it.

not even the worst thing...

[citylivin]

If you have been there recently, every second link you click has code injected to open a BUY VPN NOW! page. even magent links do this so i have to close the popup tab and click again.

still a valuable resource. Lots of torrent websites shut down recently. no script makes quick work of these sorts of things so no biggy for me, but i no longer recommend the site to normal users.

Re:not even the worst thing...

Even if you do allow scripts, you can copy the magnet link instead of clicking on it.

Pirates stealing resources?

Feel like there might be a joke or two out there.

Best wordplay wins. And go.

Re:Pirates stealing resources?

Birds got to fly, fish got to swim and Pirates got to pirate...

Does it only run when visiting? Searching?

[aliquis]

.. after having closed the tab?

I couldn't even reach it but got stuck in some proxy to site thingy but could access through some cloudflare always on thingy by also search on it so maybe the first thing with not accessible was just a short thing.

I think our government here in Sweden want the ISPs to block it and that they are forced to do it so I don't know why I can't access it at all really. (Without VPN that is.)

Re:Does it only run when visiting? Searching?

[Zontar+The+Mindless]

Jag har hört talas av att unblocktpb.com blockeras inte...

Payback

Someone will figure out how to corrupt the results of these distributed mining operations. And then there goes your precious Bitcoin.

Get in, get out, no problem

[fluffernutter]

Just get what you need and remember to get out. Annoying, but not really a problem worth going on about.

Re:Get in, get out, no problem

if only it were that simple. This method makes things like small VM's unusage for the site as the coin miner steals so much that the site becomes unusable. The correct answer is turn off javascript or block Ad's/miners. I put up with the Ad's previously, now though the site is much better as with the miners I was forced to take action so they get fucking nothing form me now.

TBP killed my media box

I recently had a media box with a seized fan die on me. I didn't know about it until just now and the CPU fan had clearly been seized for awhile and was playing video just fine. I was using the system as a light duty media box. Makes me wonder if I left it on the pirate bay site and the CPU activity caused it to die.

Re:TBP killed my media box

Probably not. All modern CPUs have thermal throttling. Large spikes of heat will just cause it to run really slow. What generally kills CPUs with no cooling is constantly running in overheat situations, which is caused by any usage at all. TPB didn't kill your computer, a lack of any reasonable cooling did.

Re:TBP killed my media box

what you say is only partly true. plenty of small media boxes have no real need of cooling as the expected load placed on them by streaming/playing media is so low that cooling fans don't need to kick in (I have an Asrock CoreHD that is in that situation, hell I didn't even realise the fan it is was noisy till a few weeks ago when it kicked in for the first time during a reimage), media boxes are also regularly sitting places with poor ventilation and cooling as it really isn't a necessary thing. Now come in the cunts from TPB deciding to drive your little box to its limits, the heat rises rapidly and basically turns it into a miniature oven, eventually something is going to fail.

Theft

They steal from you, they steal from others, you steal from others.

Enjoy your time in hell.

Re:Not a big deal

[rogoshen1]

i think the issue is that they aren't notifying users, nor providing a way to opt out.

if they were up front about it, i'd think most people would consider it a fair trade.

See below:

crooks don't play fair: news at 11.

simple don't allow it to run

"No Script" add-on to your browser.. adds a whitelist blocker, stops all scripts unless you specifically allow it. I allow just the ones required for a site to run.. nothing else. I get no pop-ups, no pop-under, streaming video ads, JavaScript ads... nothing. And no stupid attempts to use my machine to mine shit like this. course I haven't been to pirate bay in something like 4 or 5 years but still. other site try shady shit and it doesn't work. add in virus protection and regular cleaning tools like malware bytes ect.. and you're golden.

Re:Who cares?

[TurboStar]

Seriously. Most of us have cores sitting idle. Instead of being abused / tracked / annoyed / occasionally infected by advertising, why not let sites do a small amount of mining while we visit?

Seriously. Most web pages have whitespace and other useless areas. Instead of being pestered for subscriptions, why not put something to generate revenue there.

It's a slippery slope. I expect we'll have miner-blocker add-ons by the end of the year.

Why is this bad?

[goombah99]

It seems pretty reasonable to me, especially if they let you know they are doing it. Many people would love to donate their cpu cycles to worthy causes like protein structure prediction. In winter at least, it's just creating heat which you were going to pay for anyhow.

Re:Why is this bad?

[nospam007]

"Many people would love to donate their cpu cycles to worthy causes like protein structure prediction. "

Not to mention that it beats crappy ads and pop-ups and unders any day.

Re:Why is this bad?

[fisted]

I don't really see how maxing out your CPU (which in turn generates heat and as a consequence, noise, as well as raising your electricity bill) beats crappy ads and pop-ups...

Re:Why is this bad?

[mrbester]

And yet there's BOINC projects with the numbers of those who contribute growing daily. If TPB stated they were part of a protein folding project with the aim of curing cancer no one would have a problem with maxed out CPU. I'd prefer they did that, but mining helps pay their bills, the alternative being compromised ad servers getting your system backdoored harder than the entirety of the anal sluts category on xhamster.

Re:Why is this bad?

[tepples]

In winter at least, it's just creating heat which you were going to pay for anyhow.

Unless you live somewhere where burning natural gas produces a kilojoule of heat at a lower price than a kilojoule of electric power.

*Now* You Care?

[ewhac]

So. Some people are using your PC to mine cryptocurrency for someone else's benefit.

That's what it took? That's what had to happen for you idiots to finally realize that indiscriminately loading and running code from a constellation of reputation-less sources is -- and always was -- a FUCKING STUPID IDEA?!?!!

Here. Install it. Use it.

Yes, you can

[aglider]

Use of a good ad blocker and some JavaScript filtering out.
You control your browser.
Unless it's by a "rather big company". In this case it controls you.

Re:Yes, you can

[CaptainDork]

To effectively disable Java, locate the breaker box for your house/apt and flip the ckt brk labeled, "Main" from the ON position to the OFF position.

Re:Not a big deal

[CastrTroy]

You can opt out by not visiting the site. Same as a regular business. You opt out not by trying to change their business practices but by not doing business with them. If you think something is too expensive, you don't take the product without paying, you just leave it on the shelf, or don't enter the store in the first place.

Day vs night, and is there really a cost?

[LyingDown]

Too bad it's using my CPU cycles during the day, when I want them for my own work. I would be happy (in principal) to donate my idle night-time CPU cycles to worthy causes. But that seems incompatible with this approach.
Which leads me to a question: When running Windows (in my case, under VMWare Workstation), does my computer really use additional power if its running some CPU intensive JavaScript code? Versus whatever other idling behavior Windows might be doing?
Because it would be intriguing to mine bitcoin for worthy causes during my computer's idle hours, if there's not a real, proportionate (perhaps disproportionate) electrical cost.

Re: Day vs night, and is there really a cost?

Yes there is a cost. No you can't mine bitcoin without a special machine. This type of coin you can but its very wasteful

Re:Day vs night, and is there really a cost?

[K.+S.+Kyosuke]

You should be able to limit the additional power required by lowering the maximum allowed CPU power state for the duration of the computation since your CPU will run more efficiently at lower voltages and frequencies. At desktop CPU power levels, as you decrease the operating frequency, the power required decreases faster than the computational performance. This is a natural feature of the manufacturing technology and logic used.

Re:Day vs night, and is there really a cost?

[CaptainDork]

Yes.

It's available as an Easter egg if you unplug the computer, pop the box and remove the coin battery and short the terminals for 10 seconds, 3 times.

If anything is amiss, turn on Java and go to TPB help site and grab the help torrent file.

Re:Day vs night, and is there really a cost?

[gravewax]

yes it uses considerably more power. When your machine is idle (depending on age, CPU etc) your machine will be lowering the core speed of the CPU or putting cores to sleep to lower power usage, a javascript maxing out your CPU will drive up the processor speed and chew power. worse yet this sort of shit is one of the most inefficient methods to mine coins, but then what do they care, it isn't their resources they are wasting.

Don't care...

Only the truely stupid allow sites to run javascript without good reason.

And a pirate site has no good reason.

Re:Don't care...

> truely stupid

Indeed.

RTFA you screwball editors

"No Opt Out" does not equate to TFA:

"The miner is not directly embedded in the site’s core code but runs through an ad script. Many ad blockers and anti-malware tools are stopping these request, but people who don’t use any will see a clear spike in CPU usage when they access the site."

this is fucking hilarious

buy your content. torrent is pointless for anything other than copyright infringement.

Re:this is fucking hilarious

[gravewax]

If I could buy all my content in HD I would (and do when available). Reality is it isn't available for purchase due to the exclusive deals with crappy providers, a movie industry that cares more for money than quality and an attitude that still thinks it is the 1980's for content distribution models.

Re:this is fucking hilarious

[barbariccow]

getting Archlinux isn't copyright infringement...

Re:Not a big deal

The lack of transparency is the bigger problem. Ignore for the moment that it's a torrent site. I don't want to be visiting *any* site where their business model depends on hiding what they're doing from their users.

Who pays the energy bill?

[tomxor]

Seriously. Most of us have cores sitting idle. Instead of being abused / tracked / annoyed / occasionally infected by advertising, why not let sites do a small amount of mining while we visit?

You're not paying in cores, your paying in watts, usually a directly quantifiable cost to the user. Alternatively you are also paying in battery life for mobile devices.

Re:Who pays the energy bill?

Kids and gen-MEs don't pay bills or care about pollution. They're also exceedingly dim when it comes to "free", and have no understanding that javascript is the shittiest way to perform this mining bar punched-cards and paper tape machines.

good torrents are dead

[FudRucker]

there is no more music and movies to be had via torrents, the only thing torrents are good for anymore is grabbing a Linux iso from a popular distro when the seeding is hot

Re:good torrents are dead

[geekymachoman]

I found ETTV torrents to be quite good, quality wise.

Re:good torrents are dead

Other than full blu-ray folders and ISOs, and 24bit audio music, and the latest applications for mobile, PC and mac. Yes indeed, there are no good torrents.

Browser makers: Let us slow down Javascript

Preferably I want to have a global as well as a per-site configuration option which lets me choose how much CPU pages can use. Not running Javascript at all is often not a realistic option, but web programmers really need to get their act together and write more efficient pages. Not giving them 100% CPU could do that, and it would also allow us to throttle these CPU thieves.

Re:Not a big deal

[brantondaveperson]

If bitcoin mining is their chosen economic model to support their site, then an "opt out" policy is equivalent to providing their services for free. Paying for a service via a bitcoin mining operation running briefly on your computer is a much more sustainable income stream than advertising - even though bitcoin mining itself might be highly economically questionable, and may very well be little more than a pyramid scheme, it's still better than advertising.

They do need to be upfront, but they don't need to provide an "opt out", and nor should they.

Why not just ask

[eaglesrule]

Those who seed files are already giving up some bandwidth and cpu cycles, for the sake of others that want to download them. Letting TPB mine bitcoin at a reasonable rate, while inefficient, would still be a method of supporting the site without donating to them directly.

I'll be sad the day TPB isn't around to show their middle finger in the face of the RIAA and the DRM pushers. It'll mean the wild wild web just became that much more pacified and regimented.

Is it even worth the time?

[snoozy355]

What's the minimum amount of runtime the script needs before it can return something useful (ie: profitable) ?

If a user comes and goes in 5 minutes, is there any benefit to mining for such insignificant amounts of time?
Or are they hoping some users will leave the browser open and forget about it, allowing the hours of mining.

Re:Is it even worth the time?

[raynet]

The miner checks millions of hashes per second, so any time it can run is beneficials to them.

What is the big deal.

[Kuruk]

It only runs on the page when you're pirating. I use javascript off and adblock and privacy badger all on by default and only whitelist what site I want.
Stop whining about mining being worse than ads. There there same and annoying and turn them off.

Re:Not a big deal

[iggymanz]

or we opt out by blocking the crypto sites.

you're funny with all your prattle about "don't take the product without paying" since they're a torrent file distribution site. my sides.

Use an AdBlocker

[Archon]

Tested & verified uBlock Origin stops whatever TPB is cookin'. Why in the hell WOULDN'T you use an adblocker nowadays?

Re:Use an AdBlocker

Add uMatrix too.

3-10 pixels along right edge of magnet link.

They have 'clear hover' stripes covering the magnet link and the same amount of space on the right side of the description/link box.

Once I figured that out I just started right clicking a little further over and it worked fine.

TPB is pretty much dead at this point. They only have two working trackers on all their magnet links (despite the fact that you can dynamically change trackers on magnets without affecting the magnet content, so dead trackers can be removed and live trackers added as needed on a day by day basis.) Furthermore with hijinks like these and the javascript coin mining, who would want to use them?

The problem is there are not many public alternatives left anymore and solutions like Tor or I2P trackers have not resulting in the expected uptick in users that was was expected for either network, both of which are either stagnating or shrinking in regards to expanded node or user counts, which is a major concern for the current and future anonymity of traffic on the networks.

Furthermore many people scoff at concerns surrounding Intel ME, ARM Trustzone, AMD PSP(A Trustzone implementation on an ARM core in newer AMD x86_64 systems and video cards), or Nvidia's firmware signing, and the possibility that any one or all of these could in fact be backdoored and be used to collect symmetric or asymmetric keys and exfiltrate them in a manner a user without complete DPI traffic monitoring equipment could discover and alert about, nevermind mitigate. If this is possible, or already happening, then *ALL* computer systems must be assumed compromised and all the current privacy networks collapse given that the majority of Tor, I2P, FreeNet, bittorrent, etc nodes are running x86 or ARM processors, and the capability is there for compromises that would provide up to 98 percent traffic compromise from under a few dozen to few hundred mostly related exploitable platforms. The only mitigation is either using slower processors without those backdoors (and ensuring none of the other necessary peripheral devices are network accessable and compromised), or designing and funding new hardware from the ground up to mitigate it, whether ASIC designs, or FPGA designs for devices with open toolchains (at this point the iCE40, Spartan 2 (partial?), and maybe partial support for one or two other FPGAs currently available. None of which have the clock rates or LUTs available to compete with even 20 year old ASIC hardware at this point.

Re:Who cares?

[KiloByte]

I expect we'll have miner-blocker add-ons by the end of the year.

You mean...?

I LOVE this idea

I couldn't think of something more needed, on the internet, than a way to monetize websites without spying on and advertising to users.
I fucking hate ads. I think the level of advertising we are exposed to is legitimately hurtful to our mental health, and I'll sacrifice a little extra heat and power draw to keep my favorite websites in business (ad free) any day.

Coinhive

This could lead to another problem since Coinhive said it would crack down on customers who failed to keep users in the loop.

What exactly is Coinhive going to do?

Where is the Ad opt out on other sites?

[BabyAndTheButterfly]

Serving possibly malware-containing links seems like a bigger issue than crypto mining which is at least safe.

How do you detect this?

Beyond intense CPU utilization, any tips on identifying this in firefox?
Mlive.com is a news site and their re-write of their comment system a few months back was awful. It always pegs a cpu at 100%, and this article makes me wonder if they are doing something like this to generate revenue.

How to ensure originality?

[tepples]

Today's insufferable entitlement proles would most likely change sides if they were the ones creating and distributing their own unique content

What can said ex-proles do to reliably determine that their own content is in fact "unique," not unwittingly a substantial copy or derivative of an incumbent's work?

IMO mining is preferable to everything else

[ilsaloving]

While not informing the user is definitely bad, I think having sites do crypto mining is actually a preferable option compared to everything else out there.

If I am doing something where every cpu cycle is critical, I probably wouldn't be browsing around anyway. If I'm browsing, that means I have cpu cycles to spare. The website operator makes some money from me so that they can stay operating, but unlike advertising, I don't have to worry about unknown entities surreptitiously tracking my movements and collecting personal data.

And if people *really* don't like it, as others have stated, they are already using noscript or similar tools.

If I could trust that the only thing a site is doing is running a crypto mining too, then I would have no problem leaving javascript running. Unfortunately thanks to all the idiocy of the various ad agencies and other malicious actors, I don't think it's possible for me to blindly trust *any* website ever again. Especially when the site is doing stuff without telling the user first.

Publisher refuses to take my money

[tepples]

People that use torrents want free stuff.

Or they want stuff but the publisher is unwilling to take the going price for a copy of a given type of work. Where's the legit U.S. home video release of the film Song of the South in any popular format?

Is this a bad thing?

[nanospook]

Is this a bad thing? Pirate bay needs to fund itself and make money. None of the users are paying them for the services.. Other than using cpu cycles, is there a down side to this?

A big ball of iframes?

[tepples]

You can avoid reloading the page every time without making it completely unviewable when javascript is disabled.
How is that done? With a big tree of nested <iframe> elements, such that each navigation reloads only a fraction of the page (and doesn't change the URL in the location bar because the history API is unavailable)?

Three ways to reach script abstainers

[tepples]

There are three ways you can make your app available to script abstainers. If you have separated your model from your view, at least one should be practical.

• A. Produce a multiple-page front-end that accesses the same back-end as the single-page app.
• B. Produce a native app in Qt, using the same web service that your single-page app accesses, and test it on Windows, Mac, X11/Linux, Android, and iOS. Then distribute its source code and executable packages to the public under a free software license. You already had to test your single-page app in Windows 10, macOS, and iOS anyway because of Edge and Safari.
• C. Publicly document the web service that your single-page app accesses and allow third parties to develop applications against your web service.

Ads without third-party scripts

[tepples]

But you're bypassing the silly advertising agencies that pay pennies to those sites, too.

If by "agencies" you mean ad exchanges, why does advertising have to go through ad exchanges? Why can't advertisers buy ad space directly on each publisher's site? This way, the money would go directly to the publisher, and serving them wouldn't require third-party scripts or even scripts at all.

Simple Opt Out...

[MercTech]

A simple way to opt out of this is to set the Java extension to ask for permission prior to each run.
Doing this for Java and Flash both disables those irritating automatic start videos as well.

A better adblocker & far more vs. UBlock

Hosts protect where addons can't (or as well):

Bad sites (past ads)
Botnet C&Cs
DNS down or poisoned
Trackers (dns logs/ads/transparent ISP proxy)
Dns blocks
Spam/phish payload
Slowdown 2 ways: adblocks & hardcodes
Hosts = Ez edit.

AB+ 151mb https://www.google.com/search?q=Adblock+memory+consumption&btnG=Search&hl=en&gbv=1/

UBlock 64MB https://www.google.com/search?q=UBlock+memory+consumption&btnG=Search&hl=en&gbv=1/

Hosts~16mb

Addons = ClarityRay defeatable & crippled http://www.businessinsider.com/google-microsoft-amazon-taboola-pay-adblock-plus-to-stop-blocking-their-ads-2015-2/

NoScript tag parses. Hosts block script prior to it!

No 1 addon does as much.

Stacked addons slowup.

ADDONS = EXPLOITABLE https://news.slashdot.org/comments.pl?sid=11166303&cid=55266729/

APK

P.S.=> APK Hosts File Engine https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/