Support » Everything else WordPress » cryptocurrency mining scripts (coinhive, monero)

  • since The Pirate Bay was found to have been running a cryptocurrency mining script on parts of its site, this tech has re-exploded (it’s not new) and suddenly several WP plugs have been developed to leverage crypto-mining which utilize as a provider of a JS file to mine Monero

    personally, i do not feel this is necessarily a bad thing and, actually, i see this tech in general as potentially excellent way to monetize web content without having to subject visitors to ads or begging for donations

    HOWEVER, the way that every single one of the devs are implementing the Coin Hive miner in all of the WP plugs as of this writing is HIGHLY UNETHICAL in my opinion insomuch as they all are allowing the mining script to run WITHOUT even making the visitor aware, much less offering an opt-in solution

    Coin Hive seems like they have a solid ethic and a very good privacy policy and and i think they’re in this for the right reasons, one of which is to de-clutter the web of annoying ads and other unethical monetization schemes

    here’s some quotes from the Coin Hive blog (The Way Forward), emphasis added…

    Our goal was to offer a viable alternative to intrusive and annoying ads that litter so many websites today. These ads are not only a distraction to end users, but also provide notoriously unpredictable and non-transparent revenue numbers. We set out to change that.

    […]

    We’re a bit saddened to see that some of our customers integrate Coinhive into their pages without disclosing to their users what’s going on, let alone asking for their permission. We believe there’s so much more potential for our solution, but we have to be respectful to our end users.

    […]

    It’s probably too late to do anything about the adblockers that already prevent our current JavaScript from loading. Instead, we will focus on a new implementation that requires an explicit opt-in from the end user to run. We will verify this opt-in on our servers and will implement it in a way that it can not be circumvented. We will pledge to keep the opt-in in tact at all times, without exceptions.

    with that said, i would very much like to ask WordPress to please consider disallowing ANY cryptocurrency mining plugin for WP which utilizes the computing power of site visitors without asking the visitors permission, as in opt-in, not opt-out

    i see this tech as an excellent opportunity and perhaps a revolutionary change in how content is monetized, but any developer who acts unethically by employing such tech without asking permission first is, i think, a great threat to the future of something that may have enormous potential

    already AV companies and ad-block devs are blacklisting these mining scripts because of unethical developers such as those offering the WP plugs i spoke of

    • This topic was modified 2 years, 10 months ago by Steven Stern (sterndata).
    • This topic was modified 2 years, 10 months ago by atomizer. Reason: slight changes
    • This topic was modified 2 years, 10 months ago by atomizer.
    • This topic was modified 2 years, 10 months ago by atomizer. Reason: added CH blog link, minor edits
    • This topic was modified 2 years, 10 months ago by Jan Dembowski. Reason: Removed external links. This forum is not anyones blog
Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    @atomizer, if you have evidence that any WP plugins are including these scripts, please email plugins@wordpress.org.

    @sterndata – thanks – will do

    every Coin Hive plug for WP imports the mining script (it has to) and, again, this is not necessarily a bad thing as long as the visitor is 1) made aware of this fact and 2) that an opt-in option is offered

    there is no malware involved here, at least not with the Coin Hive script so far as i can tell, but AV companies are essentially labeling it as such and i think that’s because of unethical developers who run the script without asking – they’re giving this tech a bad name before it even gets rolling

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Plugin Review Team Rep

    FWIW, I’ve restored this post for historical reasons, and to allow a visible explanation of things.

    HOWEVER, the way that every single one of the devs are implementing the Coin Hive miner in all of the WP plugs as of this writing is HIGHLY UNETHICAL in my opinion insomuch as they all are allowing the mining script to run WITHOUT even making the visitor aware, much less offering an opt-in solution

    I agree. But I don’t point at the devs here, I point at the people who have installed this plugin without that action.

    To make this a tl;dr the responsibility of disclosure is on two ends

    1) Did the developer disclose what the plugin does and how it works?

    2) Does the site running the plugin disclose what the SITE is doing?

    The first one is absolutely our responsibility, and we’ve made sure everyone is. If we missed anyone, PLEASE email plugins@wordpress.org with a link to the offending plugin.

    The second one is not our responsibility or purview. While I can wish the plugin devs made it easier, it’s exactly the same as running ads on your site. Its your job to inform your visitors what your site is doing.

    Also I’d watch out running these in general, some web hosts prohibit this sort of thing.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘cryptocurrency mining scripts (coinhive, monero)’ is closed to new replies.