Sites are adding cryptocurrency mining to their sites. Should higher ed?

A higher ed colleague shared this week that his institution noticed that Tint, a social media aggregation and monitoring platform used by many institutions of higher education, is was placing JavaScript code on its client’s public facing Tint pages. This code calls instructions from Coinhive, a tool that allows site owners to use their user’s/site visitor’s computers to mine for cryptocurrencies. Tint was using the CPU of site visitors to mine for currency, in this case the currency Monero.

Coinhive describes their offering this way:

Coinhive offers a JavaScript miner for the Monero Blockchain that you can embed in your website. Your users run the miner directly in their Browser and mine XMR for you in turn for an ad-free experience, in-game currency or whatever incentives you can come up with.

Tint installed code on their client sites to mine cryptocurrency, and didn’t tell those clients or the visitors to those client sites this was happening. I have not read their Terms of Service (TOS), but I would assume this is also a violation of those terms of service.

Before you think I am making this up, the Coinhive code was detected in the site’s view source and resource log, and was confirmed by a Tint customer service representative in an on-line chat.  This was discovered when a developer  noticed that the CPU usage on their computer spiked. Here is a screenshot of the developer tools showing the Coinhive tools:

Screenshot courtesy of @aaronmhill. Click for a large version.

The placement of cryptocurrency tools is a new trend, and several large sites have been found to have installed code similar to this, including Showtime and The Pirate Bay. Here’s a story from The Verge on Showtime’s use of the same code.

How much revenue do scripts like this actually generate, and is it enough to make a difference? For Tint, it’s unclear why they would do this, when their monthly plans start at $500.

At its current price (19 October 2017), 1 Monero is equal to 0.01567800 BTC (Bitcoins) or $88.68 USD. Monero says: “With just 10–20 active miners on your site, you can expect a monthly revenue of about 0.3 XMR (~$27).”

I don’t begrudge companies wanting to make money, and this is certainly one way to do it. I know adblocking is on the rise, and this hurts many sites and their bottom line.  However, companies should notify users or amend/adapt their terms of service and privacy policies when they are going to do things like this. That’s why people have been bent out of shape when they have noticed it running without their approval and with no assurances about their privacy and security of their computers and other data.

Here’s where I got thinking about this. Could cryptocurrency mining be the magical thing we’ve been looking for in higher ed to fix our budget woes?

Think about it — schools have dozens of computer labs in buildings and libraries across campus. Why not have those computers mine bitcoins? After all, they have large periods of being idle. You have websites that gets tens of thousands of visits per day, if you’re a large school.

Could mining, and then investing, cryptocurrencies be a practical revenue stream for IHEs in the future?

UPDATES:

Since I wrote this story, Tint wrote to the person I mentioned at the beginning of this story and apologized for the mining JavaScript. They say it has now been removed from use.

In addition, a story came out from BleepingComputer saying Google’s Chrome browser may require users to approve in-browser cryptocurrency mining.

1 comment

Leave a Reply