[kerkeslager]

Man, this is a complicated story. The strategy of protesting Krebs' writing by donating to an German anti-cancer website (Krebs = cancer in German) is definitely interesting.

At the surface level, it's an attack on Krebs, but there's a secondary thing going on here.

Krebs' main investigation was on Coinhive, a group which embeds Monero mining scripts in pages which run on page visitors' machines. But in his criticism of Coinhive and its association with Pr0gramm, it seems he may have cast too wide a net, doxxing and accusing Pr0gramm users who may not have anything to do with Coinhive. Instead of apologizing for this, he doubled down on it, typifying Pr0gramm users as basement dwellers who anonymously post nastygrams and threaten journalists with death.

Donating to cancer research is a direct response to that: it shows that Pr0gramm users are at least not only bad--they also do things generally considered altruistic, like donating to cancer research.

Both sides have definitely dirtied their hands: at least some Pr0gramm users are mining cryptocurrency on other people's machines through Coinhive, and Krebs has definitely made the false insinuation that Monero's anonymity is only useful for criminal activity. The open question is whether this behavior is typical of Pr0gramm or Krebs has actually accused Pr0gramm users who weren't involved in Coinhive.

I don't know who is in the right here--I simply don't have enough information to know. What information I do have comes from sources which are clearly biased. But it's interesting to see how even at this level, security cases are being tried in the court of public opinion.

[kerkeslager]

An aside to this story which I find interesting:

I definitely think that mining cryptocurrency on other people's machines without their consent is malicious, and I am glad that the security industry is treating this as an exploit. This shares similarities with ads in webpages, which run without my consent.

However, unlike ads, mining scripts don't grab my attention without my consent, they only use my processing power, which is something I would be willing to negotiate for the right website. I'd be happy to click a button which says "Allow nytimes.com to mine cryptocurrency on your browser while you browse their website", for example. There would need to be secure systems in place around this sort of mechanism--I'd rather have this implemented by the browser than as a JS script--but this might provide an alternative to pay models which sites seem unwilling to try, and ad models which I am unwilling to agree to.

[lweber]

This is exactly what happened on Pr0gramm.

The users of the platform are not the people who include Coinhive on hacked websites. Pr0gramm simply allowed its users to voluntarily mine in their browsers and be rewarded with a premium account. The main benefit of a premium account is, that no ads are shown on the site.

[Fnoord]

> The users of the platform are not the people who include Coinhive on hacked websites.

They're apparently basement dwellers. Hint: basement dwellers don't pay their own electricity bill.

[narcisius]

yup, at least pr0 gives you something back and you do NOT do it without consent... unlike some websides where I wonder why the hell does this site need 50% of my 4GHz processing power....

[pessimizer]

As long as it's implemented in an open-source browser and I get some fine grained control over my processor time dedicated to each site, I'd consider it a pretty killer feature.

[SlowRobotAhead]

>I'd be happy to click a button which says "Allow nytimes.com to mine cryptocurrency on your browser while you browse their website",

Ya know, I wonder if poeple hat agree to this have made comments online about global warming and how serious a threat it is, and how dirty deniers are stupidbadpeople?

Because being proCrypto in my mind, is just like that same type of hippy type being anti-nuclear, just with more irony and ignorance.

And I’m not someone that believes 1/2 the gloom and doom, just that I like the hypocrisy of “climate informed” types being pro-crypto which is the biggest waste of power we’ve ever made.

[sli]

You're judging all cryptocurrencies against Bitcoin, which is already inaccurate. They don't all work the same way or consume mass amounts of power like Bitcoin does.

[kerkeslager]

That only makes sense if you ignore the fact that most "climate informed" people think renewable energy is the solution to climate change rather than luddism.

[meuk]

Great to see somebody actually acknowledge that he simply doesn't know in a world full of know-it-alls. ;)

[kerkeslager]

I try. I definitely have know-it-all tendencies but I'm trying to reform. :)

[eropple]

> Donating to cancer research is a direct response to that: it shows that Pr0gramm users are at least not only bad--they also do things generally considered altruistic, like donating to cancer research.

I don't know any particulars of this specific situation, but I would caution folks against accepting this sort of claim at face value. The GamerGate "movement" sprinkled donations to charity in with telling women that they wanted to rape and kill them. There are gradations here.

[rvschuilenburg]

I think the difficulty with GamerGate, and in this case with Pr0gramm, is that "users" or "members" is not a singular entity. The GG-people that donated to charity are not the same people that threatened women. Same goes for these Pr0gramm users i assume.

[eropple]

Maybe--until it became fully and completely obvious that GamerGate was just grievance against "the SJWs", there were certainly some people who actually bought that it was about some kind of ethics. (That has obviously since changed to the point where "ethics in games journalism" means you're probably fitted out for some Hugo Boss.) But--and why I pointed it out--is that those donations are then used by the shitheads to shield their behavior and legitimate themselves, and clearing that tactic in the open is useful and important.

[pessimizer]

> The GG-people that donated to charity are not the same people that threatened women.

I think this is just an assertion without evidence.

[usernam33]

This is so right. Userbases can not be boiled down to some core attributes everybody shares.

[kerkeslager]

I think we can agree that donating to charity doesn't excuse bad behaviors.

The point which Pr0gramm users are making is that the Pr0gramm users donating to cancer research and the Pr0gramm users mining through Coinhive might be different people, and lumping them together because they all use Pr0gramm would be unfair (this is the argument they're making--I don't know whether it's true).

[lweber]

The thing is, Pr0gramm users are not the people that add Coinhive scripts to hacked websites.

Before Coinhive was launched, users on Pr0gramm were able to activate mining and be rewarded with a premium account on the site. They weren't even forced to do so but were able to opt-in voluntarily.

So the relation between Coinhive and Pr0gramm merely is, that the people behind each website know each other and used Pr0gramm as a testbed for Coinhive before it became publicly available.

[lawl]

>The critical point which is being made is that the Pr0gramm users donating to cancer research and the Pr0gramm users mining through Coinhive might be different people, and lumping them together because they all use Pr0gramm would be unfair (this is the argument they're making--I don't know whether it's true).

I think you misunderstood something. Pr0gramm users can use something like coinhive voluntarily, on their own machine only, unless they like blasting their login data out into the internet. This can be used to get premium time for this pr0gramm account and nothing else.

The connection here is, that this was the prototype for what is now coinhive, which has been developed by the former pr0gramm admin.

This is the connection between pr0gramm and coinhive. I don't think anyone ever claimed (not even Krebs) a lot of pr0gramm users would be involved in blackhat usage of coinhive. It's an imageboard with thousands of users. I mean, seriously, the amout of people on HN proportionally that use coinhive in a blackhat way is probably higher than on pr0gramm. Simply because most people here have the technical skill to do it, where pr0gramm is simply a website for shitposting.