Stealing Computing Power from Web Users to Generate Bitcoins
There is real money to be had in generating Bitcoins. If you are lucky enough to mine 50 BTC from the Bitcoin peer-to-peer network, you would be able to sell them for $675.50 at currency exchange rates list on Mt. Gox. Our guess is that the exchange rate will fall after the initial buzz of Bitcoin fades away, but right now, there’s a real profit motive to generate Bitcoins. Unfortunately, the generation of Bitcoins involves a lot of power usage. In fact, Bitcoin Miner suggests that the electrical usage generated by several computers used to mine Bitcoins could be mistaken as a marijuana grow operation. Ouch.
There are a number of issues which make distributed Bitcoin generation by way of a website impractical. Most users only stay on a website for one to three minutes at a time and unless you have a substantial number of users on your website (tens of thousands per day), you would likely generate more Bitcoins by just letting your own system generate Bitcoins. My guess is that any? website popular enough to generate a substantial number of Bitcoins would take down the BitCoin Plus website before that happened.
Bitcoin generation is also very CPU intensive which would make the Bitcoin generation process less hidden to users. Users that are generating Bitcoins unknowingly will know that something is going on when their system slows down and that their computer’s fan kicks into high gear. It doesn’t take more than a quick trip to the Windows Task Manager to figure out that something is going on and that it’s happening because of the web-browser.
Both FireFox and Internet Explorer will run the Bitcoin generation software without notifying users, however, Chrome’s security setting will warn users that a “Java plug-in needs your permission to run” and will force users to click “Run this time” or “Always run on this site” for users to start generating Bitcoins.
You can avoid unknowingly generating Bitcoins for other users by blocking the Bitcoinplus.com domain name. In Internet Explorer, you would add that site to your list of restricted sites. In Chrome, you could set your web-browser to not accept scripts from that domain. In FireFox, you could use NoScript to prevent the software from running. You could also prevent it across all web-browsers by mapping the domain Bitcoinplus.com to 127.0.0.1 in your “hosts” file.