Tweet
Tweet

Slide 1

Slide 1 text

Just enough bitcoin to go cryptojacking with Javascript

Slide 2

Slide 2 text

About me Privacy & Security Engineer Vice President

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

Just enough bitcoin to go cryptojacking with Javascript

Slide 6

Slide 6 text

2 parts to this talk • Cryptocurrency • Crypto-jacking attacks with web APIs

Slide 7

Slide 7 text

Bitcoin and Cryptocurrency Technologies A Comprehensive Introduction

Slide 8

Slide 8 text

Khan Acadmy: Journey into cryptography: modern cryptography https://www.khanacademy.org/computing/computer-science/cryptography#modern-crypt

Slide 9

Slide 9 text

This talk will actually cover cryptography

Slide 10

Slide 10 text

⚠ Spoiler Alert: There’s no “encryption” in cryptocurrencies

Slide 11

Slide 11 text


 This talk will not cover the crypto math

Slide 12

Slide 12 text


 (maybe just a little)

Slide 13

Slide 13 text

The “crypto” in cryptocurrency • Cryptographic hash functions • Hash Pointers • Blockchain • Public Key Cryptography • Digital Signatures

Slide 14

Slide 14 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 15

Slide 15 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 16

Slide 16 text

H(message) hash message We the People of the United States … until an election of Representatives shall have intervened. e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Slide 17

Slide 17 text

“hash” function • Maps data of arbitrary size into data of a fixed size • e.g., justTheFirstLetter(string) • justTheFirstLetter(“hash”) // returns h • justTheFirstLetter(“function”) // returns f • justTheFirstLetter(“returns”) // returns r • justTheFirstLetter(“fixed-size”) // returns f

Slide 18

Slide 18 text

cryptographic hash function • resists “collisions” • hides original (plaintext) message

Slide 19

Slide 19 text

“hash” function • e.g., justTheFirstLetter(string) • justTheFirstLetter(“hash”) // returns h • justTheFirstLetter(“function”) // returns f • justTheFirstLetter(“returns”) // returns r • justTheFirstLetter(“fixed-size”) // returns f

Slide 20

Slide 20 text

H(message) hash collision! message “The bearer of this note may redeem it for one dollar by presenting it to me” 51a6b3 We the People of the United States … until an election of Representatives shall have intervened. resist collisions: 2 different messages shouldn’t produce the same hash

Slide 21

Slide 21 text

hiding: “1-way” function

Slide 22

Slide 22 text

51a6b3 hiding: given the hash, not feasible to find the message ? ?

Slide 23

Slide 23 text

H(message) easy-to-find hashes message tails 3e5368 heads hiding: what if there are only 2 possible messages? 22814c

Slide 24

Slide 24 text

tails 3e5368 heads hiding: what if there are only 2 possible messages? 22814c 3e5368 ? heads

Slide 25

Slide 25 text

H(message || nonce) hash message tails dc66ec heads hiding: add random value: “nonce” or “salt” 0f2c72 nonce a a

Slide 26

Slide 26 text

H() hash message tails dc66ec heads hiding: add random value: “nonce” 0f2c72 nonce tails 3e5368 heads 22814c a a

Slide 27

Slide 27 text

tails dc66ec heads hiding: add random value: “nonce” 0f2c72 tails 3e5368 heads 22814c a a tails 8d23aa heads 15db7d b b

Slide 28

Slide 28 text

? message hash dc66ec hiding: given the hash, not feasible to find the message or nonce ? ? nonce ?

Slide 29

Slide 29 text

cryptographic hash function
 for cryptocurrency • resists “collisions” • hides original (plaintext) message • for cryptocurrency: “puzzle friendly”

Slide 30

Slide 30 text

puzzle friendliness Given hash output and part of input (i.e., the nonce), it’s “hard” (but not infeasible) to find the input

Slide 31

Slide 31 text

hiding vs. puzzle-friendly https://stackoverflow.com/questions/42042840/properties-of-a-cryptographic-hash-function

Slide 32

Slide 32 text

“hard”/“difficult”
 vs.
 “infeasible”

Slide 33

Slide 33 text

message hash dc66ec puzzle-friendly: given the hash and nonce, hard to find a message lots of work nonce 123456 message lots of work

Slide 34

Slide 34 text

openssl to hash messages echo “The bearer of this note may redeem it for one dollar by presenting it to me” | openssl sha256 51a6b38fd78e5e20246bd0103668056a2a8981274e9487ea3f18158e59b690e7 echo “We the People of the United States … until an election of Representatives shall have intervened.” | openssl sha256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Slide 35

Slide 35 text

sha256: Secure Hash Algorithm (with 256-bit digests)

Slide 36

Slide 36 text

Note: sha256 is what bitcoin uses!

Slide 37

Slide 37 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 38

Slide 38 text

H( ) = e3b0c4 We the People of the United States … until an election of Representatives shall have intervened. hash pointer: where full plaintext data is stored, AND a cryptographic hash of the data

Slide 39

Slide 39 text

hash pointers enable everyone else to verify the truth of the data

Slide 40

Slide 40 text

so, hashes might give us confidentiality - i.e., to keep something secret

Slide 41

Slide 41 text

but these hash pointers give us integrity … … NOT confidentiality

Slide 42

Slide 42 text

Remember: there’s not necessarily “encryption” (i.e., confidentiality)
 in cryptocurrency

Slide 43

Slide 43 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 44

Slide 44 text

prev: H()
 e3b0c4 block chain: linked list of hash pointers prev: H()
 f4c1d5 data data prev: H()
 05d2e6 data

Slide 45

Slide 45 text

Now we can have a tamper-proof ledger (of digital dollars)! prev: H()
 e3b0c4 prev: H()
 f4c1d5 “The bearer of this note may redeem it for one dollar by presenting it to me” prev: H()
 05d2e6 “The bearer of this note may redeem it for one dollar by presenting it to me” “The bearer of this note may redeem it for one dollar by presenting it to me”

Slide 46

Slide 46 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 47

Slide 47 text

Public Key Cryptography It gives us public & private keys!

Slide 48

Slide 48 text

Khan Acadmy: Journey into cryptography: modern cryptography https://www.khanacademy.org/computing/computer-science/cryptography#modern-crypt

Slide 49

Slide 49 text

The quick version …

Slide 50

Slide 50 text

… nevermind, the quick version was still too long.

Slide 51

Slide 51 text

1-way mathematical function: modular exponentiation

Slide 52

Slide 52 text

Symmetric Encryption requires extra communication overhead in Diffie-Hellman Key Exchange

Slide 53

Slide 53 text

Alice has to exchange extra messages to establish a unique key with everyone

Slide 54

Slide 54 text

Alice has to manage tons of keys

Slide 55

Slide 55 text

Instead, Alice needs a
 public “lock” she can copy and share with anyone, and a single private “key” …

Slide 56

Slide 56 text

… to do this, you need a “trap door 1-way function”

Slide 57

Slide 57 text

… a “trap door 1-way function” is a 1-way function that is infeasible to reverse …

Slide 58

Slide 58 text

… a “trap door 1-way function” is a 1-way function that is infeasible to reverse … unless you have a secret piece of information

Slide 59

Slide 59 text

mathematical trapdoor 1-way function: modular exponentiation and phi

Slide 60

Slide 60 text

math math math • Phi function of large numbers is infeasible to calculate, *except* for prime numbers • Multiplying large prime numbers is infeasible to reverse • The “Prime Factorization” problem • Euler’s Theorem shows that mphi(n) ≅1 mod n.

Slide 61

Slide 61 text

math and keys!

Slide 62

Slide 62 text

Most important to us: math says the public key can be public 
 while the secret key stays secret

Slide 63

Slide 63 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 64

Slide 64 text

digital signatures: required properties • Only you can sign your signature, but anyone can verify that it’s valid
 
 
 • The signature is attached to a single document - it can’t be used to indicate you agree to a different document

Slide 65

Slide 65 text

signature = sign(secret key, message) “The bearer of this note may redeem it for one dollar by presenting it to me” -with love, from Luke

Slide 66

Slide 66 text

valid = verify(public key, message, signature) “The bearer of this note may redeem it for one dollar by presenting it to me” -with love, from Luke

Slide 67

Slide 67 text

where do secret & public keys come from?

Slide 68

Slide 68 text

from decades of “math math math” written into libraries

Slide 69

Slide 69 text

openssl to create secret & public keys openssl ecparam -genkey -name secp256k1 -rand /dev/urandom -out \ /Users/lcrouch/secret_key openssl ec -in /Users/lcrouch/ secret_key -pubout -out \ /Users/lcrouch/public_key

Slide 70

Slide 70 text

openssl to sign & verify openssl dgst -sign secret_key message -out luke_dollar.signed openssl dgst -verify public_key 
 -signature luke_dollar.signed valid

Slide 71

Slide 71 text

digital signatures enable everyone else to verify the authenticity of the data

Slide 72

Slide 72 text

authenticity the person writing the data

Slide 73

Slide 73 text

The “crypto” in cryptocurrency gives us … • Integrity, from • Blockchain, from • Hash pointers, from • Hash functions • Authenticity,
 Non-repudiation, from • Digital Signatures, from • Public Key Cryptography … not encryption for confidentiality

Slide 74

Slide 74 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 75

Slide 75 text

Now we have enough cryptographic primitives to build a (really bad) cryptocurrency

Slide 76

Slide 76 text

“Goofycoin” cryptocurrency

Slide 77

Slide 77 text

Goofycoin 1. Designated entity - Goofy - can create new coins anytime and coins belong to Goofy 2. Whoever owns a coin can transfer it to someone else

Slide 78

Slide 78 text

Goofy creates coins • Generates unique coin ID: 001 • Makes message: “CreateCoin 001” • Hashes and signs message as H(1) with secret key

Slide 79

Slide 79 text

Goofy transfers coin to Alice • New message:
 “Starting at H(1), PayCoin 001 to Alice” • Note: Alice = Alice’s public key / address • Hashes and signs message as H(2) with secret key

Slide 80

Slide 80 text

Alice transfers coin to Bob • New message:
 “Starting at H(2), PayCoin 001 to Bob” • Note: Bob = Bob’s public key / address • Hashes and signs message as H(3) with secret key

Slide 81

Slide 81 text

Now we can have a tamper-proof ledger of transactions! CreateCoin 001 Goofy PayCoin: 001 Alice Goofy H( ) Alice H( ) PayCoin: 001 Bob

Slide 82

Slide 82 text

Goofycoin 1. Designated entity - Goofy - can create new coins anytime and coins belong to Goofy 2. Whoever owns a coin can transfer it to someone else 3. Anyone can verify coin ownership by following block-chain back to Goofy

Slide 83

Slide 83 text

Security problem: Double-spend

Slide 84

Slide 84 text

Alice can pay the same coin to Chuck CreateCoin [12345] Goofy PayCoin: [12345] Alice Goofy H( ) Alice H( ) PayCoin: [12345] Bob Alice H( ) PayCoin: [12345] Chuck

Slide 85

Slide 85 text

How do we decide which ledger is the truth?

Slide 86

Slide 86 text

“Scroogecoin” cryptocurrency

Slide 87

Slide 87 text

Scroogecoin • Goofycoin + • Designated entity - Scrooge - publishes the canonical public ledger of all transactions • Everyone broadcasts coin transactions to Scrooge • Only accept coins in Scrooge’s public ledger

Slide 88

Slide 88 text

Scroogecoin • Scrooge builds block chain to digitally sign • Each block has a transaction in it • ID • contents • hash point to previous block • Scrooge signs final hash pointer • Scrooge publishes signature and block chain

Slide 89

Slide 89 text

Scroogecoin Transactions • CreateCoins • PayCoins

Slide 90

Slide 90 text

CreateCoins number value recipient 1 3.2 Scrooge 2 1.4 Goofy 3 7.1 Alice CreateCoins transID: 1

Slide 91

Slide 91 text

PayCoins number value recipient 1 1 Bob 2 6.1 Alice PayCoins coins: 1(3) transID: 2 Which coins are being consumed?

Slide 92

Slide 92 text

number value recipient 1 1 Bob 2 6.1 Alice PayCoins coins: 1(3) transID: 2 number value recipient 1 3.2 Scrooge 2 1.4 Goofy 3 7.1 Alice transID: 1 CreateCoins 1(3)

Slide 93

Slide 93 text

Scrooge signs off on everything prev: H()
 e3b0c4 transID: 1 prev: H()
 f4c1d5 transID: 2 H()
 05d2e6 Scrooge number value recipient 1 3.2 Scrooge 2 1.4 Goofy 3 7.1 Alice number value recipient 1 1 Bob 2 6.1 Alice PayCoins coins: 1(3) CreateCoins

Slide 94

Slide 94 text

Now, when Alice tries to double-spend …

Slide 95

Slide 95 text

Alice tries to re-spend coin from Block 1 after Scrooge signs Block 2 prev: H()
 e3b0c4 transID: 1 prev: H()
 f4c1d5 transID: 2 H()
 05d2e6 Scrooge number value recipient 1 3.2 Scrooge 2 1.4 Goofy 3 7.1 Alice number value recipient 1 1 Bob 2 6.1 Alice PayCoins coins: 1(3) CreateCoins prev: H()
 f4c1d5 transID: 2 number value recipient 1 1 Chuck 2 6.1 Alice PayCoins coins: 1(3)

Slide 96

Slide 96 text

Scrooge catches her

Slide 97

Slide 97 text

Scrooge rejects Alice’s double-spend transaction prev: H()
 e3b0c4 transID: 1 prev: H()
 f4c1d5 transID: 2 H()
 05d2e6 Scrooge number value recipient 1 3.2 Scrooge 2 1.4 Goofy 3 7.1 Alice number value recipient 1 1 Bob 2 6.1 Alice PayCoins coins: 1(3) CreateCoins prev: H()
 f4c1d5 transID: 2 number value recipient 1 1 Chuck 2 6.1 Alice PayCoins coins: 1(3)

Slide 98

Slide 98 text

So, we’ve got a cryptocurrency …

Slide 99

Slide 99 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 100

Slide 100 text

but Scrooge … • maintains the ledger of transactions • has authority over which transactions are valid • creates new coins

Slide 101

Slide 101 text

How do we get rid of Scrooge?

Slide 102

Slide 102 text

Without Scrooge … • Who maintains the ledger of transactions? • Who has authority over which transactions are valid? • Who creates new coins?

Slide 103

Slide 103 text

Coin miners!

Slide 104

Slide 104 text

Coin miners • maintain the ledger of transactions • have authority over which transactions are valid • create new coins

Slide 105

Slide 105 text

Who are coin miners?

Slide 106

Slide 106 text

Let’s look at Bitcoin specifically

Slide 107

Slide 107 text

Bitcoin is a peer-to-peer network

Slide 108

Slide 108 text

You can participate!

Slide 109

Slide 109 text

No content

Slide 110

Slide 110 text

It will take up all your disk space

Slide 111

Slide 111 text

To pay Bob, Alice broadcasts a transaction to all Bitcoin nodes

Slide 112

Slide 112 text

Alice Bitcoin Node Bitcoin Node Bitcoin Node Bitcoin Node Bitcoin Node

Slide 113

Slide 113 text

Bitcoin nodes (maybe) include Alice’s transaction in the next block

Slide 114

Slide 114 text

A block is just a large grouping of transactions

Slide 115

Slide 115 text

Bitcoin nodes are governed by a Distributed Consensus Protocol

Slide 116

Slide 116 text

Skipping: Distributed Consensus Protocol tl;dr: it needs a majority of nodes to behave honestly, and to pick a random node from the network for each block

Slide 117

Slide 117 text

How do you make a majority of nodes behave honestly?

Slide 118

Slide 118 text

NOT crypto … incentives!

Slide 119

Slide 119 text

“… Bitcoin works better in practice than in theory.”

Slide 120

Slide 120 text

“… Bitcoin works better in practice than in theory.” • Consensus over time • Incentives

Slide 121

Slide 121 text

Can we give nodes an incentive to behave honestly over the long term?

Slide 122

Slide 122 text

No real identities, so we can’t exactly mail them cash

Slide 123

Slide 123 text

If only there were a digital currency we could give them without having to know their real identities …

Slide 124

Slide 124 text

Block reward: CreateCoins transaction

Slide 125

Slide 125 text

Alice mines a block, and gets to create new coins to herself number value recipient CreateCoins 0 25 Alice (dc3c6e) PayCoins from 1(1) 1 1.1 Bob (e5ceb5) 2 6.1 Alice (dc3c6e) transID: 2

Slide 126

Slide 126 text

Financial incentive to be honest: miners only include valid transactions, because they want their own CreateCoins transaction included in the long-term consensus block-chain

Slide 127

Slide 127 text

A distributed consensus protocol 1. New transactions are broadcast to all nodes 2. Each node collects new transactions into a block 3. In each round, a random node adds its block to the end of the block-chain 4. Other nodes accept the block only if all transactions in it are valid - i.e., unspent coins with valid signatures

Slide 128

Slide 128 text

In each round, how do you pick a random node?

Slide 129

Slide 129 text

Proof of Work

Slide 130

Slide 130 text

Proof of work • Approximate random selection in proportion to a scarce resource • In Bitcoin, it’s computing power • Nodes compete with each other on computing power

Slide 131

Slide 131 text

Hash puzzles

Slide 132

Slide 132 text

puzzle friendliness Given hash output and part of input (i.e., the nonce), it’s “hard” (but not infeasible) to find the input

Slide 133

Slide 133 text

message hash dc66ec puzzle-friendly: given the hash and nonce, hard to find a message lots of work nonce 123456 message lots of work

Slide 134

Slide 134 text

Hash puzzles in bitcoin mining • To create a block, a node is required to find a nonce such that when you combine … • nonce • previous block’s hash • list of transactions • … the hash output should be a string that falls into a certain range

Slide 135

Slide 135 text

H(nonce || prev_hash || tx || tx || … || tx) < target

Slide 136

Slide 136 text

In Bitcoin the target is a string that starts with some number of 0’s

Slide 137

Slide 137 text

sha256 is “puzzle-friendly”, so the only way to solve this puzzle is to just try random nonces

Slide 138

Slide 138 text

In Bitcoin the target is a string that starts with some number of 0’s

Slide 139

Slide 139 text

blockchain.com

Slide 140

Slide 140 text

No content

Slide 141

Slide 141 text

Yay! We made it to Bitcoin!

Slide 142

Slide 142 text

Public Key Cryptography Digital Signatures Hash Pointers Blockchain Cryptocurrency Bitcoin Cryptographic Hash Functions

Slide 143

Slide 143 text

So, to mine cryptocurrency you need: • Lots of efficient processing to complete the proof-of-work hashing • Lots of efficient networking to communicate with the distributed peer-to-peer nodes

Slide 144

Slide 144 text

Efficient processing Are CPUs good enough?

Slide 145

Slide 145 text

https://www.slideshare.net/AmazonWebServices/aws-reinvent-2016-deep-learning-3d-content-rendering-and-massively-parallel-compute-intensive-workloads-in-the-cloud-cmp317

Slide 146

Slide 146 text

CPU mining Bitcoin ~20M h/s = several hundred thousand years to get a block https://99bitcoins.com/20-insane-bitcoin-mining-rigs/

Slide 147

Slide 147 text

GPU mining Bitcoin ~200M h/s = hundreds of years http://blog.whitesites.com/GPU-miners-vs-USB-ASIC-Miners-for-Bitcoin__635096680766259765_blog.htm

Slide 148

Slide 148 text

ASIC mining Bitcoin 2,100,000M h/s and 0.43 watts/Gigahashes http://blog.whitesites.com/GPU-miners-vs-USB-ASIC-Miners-for-Bitcoin__635096680766259765_blog.htm

Slide 149

Slide 149 text

ASIC mining Bitcoin 2,100,000M h/s and 0.43 watts/Gigahashes https://99bitcoins.com/7-awesome-asic-bitcoin-miners/

Slide 150

Slide 150 text

ASIC mining Bitcoin 2,100,000M h/s and 0.43 watts/Gigahashes https://seekingalpha.com/article/4140062-bitcoin-transaction-fee-issue-going-get-worse

Slide 151

Slide 151 text

So how could a victim’s computer ever mine cryptocurrency?

Slide 152

Slide 152 text

You would need to “infect” 105K CPUs or 10.5K GPUs to compete with a single ASIC

Slide 153

Slide 153 text

ASIC-resistant puzzle hashing algorithms Since ASICs include very little memory, use a memory-intensive hashing algorithm

Slide 154

Slide 154 text

scrypt http://www.pointsoftware.ch/en/the-importance-of-hashing-passwords-part-4-the-hardware-threat/

Slide 155

Slide 155 text

scrypt & Litecoin • scrypt hashing function • Fill a large buffer of RAM • Mutate the memory in pseudo-random order • O(N2) function • Choose N large enough to make memory faster • Litecoin • ASICs already out for Litecoin param of N=128KB • 504M h/s at 1.58 w/MH • (Remember Bitcoin was 2,100,000M h/s and 0.43 watts/Gigahashes) https://www.hashespersecond.com/asic/

Slide 156

Slide 156 text

CryptoNight https://4.bp.blogspot.com/-NJddW0tx9j0/U_6C2wgXSAI/AAAAAAAAkDk/nyKkOESWgwI/s1600/cryptonight.png

Slide 157

Slide 157 text

Memory-hard hashes • CryptoNight hashing function • Monero • 2MB memory buffer • Uses AES-NI found on most modern x86_64 CPUs • ASICs: 0.2M h/s @ 2.27 w/KH • Litecoin ASIC: 504M h/s @ 1.58 w/MH • Bitcoin ASIC: 2,100,000M h/s and 0.043 w/MH • Also, Monero adjusted PoW algo. so these devices don’t work for Monero anymore https://www.hashespersecond.com/asic/

Slide 158

Slide 158 text

So, a victim’s computer could feasibly mine Monero

Slide 159

Slide 159 text

Oh yeah, Javascript

Slide 160

Slide 160 text

With Web APIs you get: • Efficient processing to complete the proof-of-work hashing • Web Workers & WebAssembly • Efficient networking to communicate with the distributed peer-to-peer nodes • Web Sockets

Slide 161

Slide 161 text

Cryptojacking!

Slide 162

Slide 162 text

coinhive.min.js

Slide 163

Slide 163 text

CoinHive Malware Analysis • Creates WebWorker with number of threads == number of CPU cores available (up to 8 max) • Loads WebAssembly program into worker for mining (default throttle to 100% CPU usage!) • Creates WebSocket connection between server and browser • Server notifies browser if new blocks are found and sends new transactions to browser

Slide 164

Slide 164 text

• threads - number of WebWorkers to use; defaults to using as many cores as possible • throttle - fraction of time threads should be idle; defaults to “0” https://webcache.googleusercontent.com/search?q=cache:https://coinhive.com/documentation/miner

Slide 165

Slide 165 text

Check if already loaded; if not, download; _startNow() when ready

Slide 166

Slide 166 text

Don’t run in multiple tabs (how nice of them!)

Slide 167

Slide 167 text

we’re not maxing out the cores?! spawn more worker jobs! Note: this._threads for later

Slide 168

Slide 168 text

Finally! new Worker()

Slide 169

Slide 169 text

https://www.slideshare.net/enriqueoriol7/boost-your-angular-app-with-web-workers

Slide 170

Slide 170 text

https://www.slideshare.net/enriqueoriol7/boost-your-angular-app-with-web-workers

Slide 171

Slide 171 text

https://www.slideshare.net/enriqueoriol7/boost-your-angular-app-with-web-workers

Slide 172

Slide 172 text

https://www.slideshare.net/enriqueoriol7/boost-your-angular-app-with-web-workers

Slide 173

Slide 173 text

Finally! new Worker()

Slide 174

Slide 174 text

lots of js, including WebAssembly, as an object URL Note: WEBSOCKET_SHARDS for later …

Slide 175

Slide 175 text

No content

Slide 176

Slide 176 text

No content

Slide 177

Slide 177 text

back in startNow, _connect to servers for block updates

Slide 178

Slide 178 text

new WebSocket to a random server from WEBSOCKET_SHARDS Note: remember WEBSOCKET_SHARDS from before?

Slide 179

Slide 179 text

new WebSocket()

Slide 180

Slide 180 text

Traditional HTTP “polling” adds repeated request + response overhead https://www.pubnub.com/blog/2014-10-01-websockets-and-long-polling-in-javascript-ruby-and-python/

Slide 181

Slide 181 text

WebSocket allows bidirectional messaging

Slide 182

Slide 182 text

1K messages over time WebSocket vs. REST (HTTP) http://blog.arungupta.me/rest-vs-websocket-comparison-benchmarks/

Slide 183

Slide 183 text

new WebSocket to a random server from WEBSOCKET_SHARDS

Slide 184

Slide 184 text

Note: remember this._threads from before?

Slide 185

Slide 185 text

No content

Slide 186

Slide 186 text

How to get this into browsers?

Slide 187

Slide 187 text

Ask websites to include it

Slide 188

Slide 188 text

Mozilla research • Crawl Alexa Top 10k looking for tags to one of the 212 crypto-jacking hosts in adblock-nocoin-list • Of 6M <script> calls, 945 (0.015%) use crypto-jacking script • number of crypto-jacking hosts used: 11 (5.2% of known hosts) • number of CoinHive scripts: 507 (54%) • Majority of domains detected with crypto-jacking were streaming sites https://github.com/mozilla/UCOSP-winter-2018_TrackingTechnologies/blob/master/analyses/cryptojacking/cryptojacking_analysis.ipynb

Slide 189

Slide 189 text

Note: coinhive.com is now gone; only authedmine.com remains

Slide 190

Slide 190 text

malvertising

Slide 191

Slide 191 text

Malvertising research

Slide 192

Slide 192 text

Man-in-the-middle injection bettercap.org

Slide 193

Slide 193 text

mitm crypto-miner.js caplet from bettercap

Slide 194

Slide 194 text

What to do about it?

Slide 195

Slide 195 text

First: Add known
 crypto-miners to our block-list

Slide 196

Slide 196 text

No content

Slide 197

Slide 197 text

Done • Go to about:config • Search for urlclassifier.trackingTable • add tracking-protection-base-cryptomining and tracking-protection-content-cryptomining

Slide 198

Slide 198 text

As of Tuesday, it’s even easier!

Slide 199

Slide 199 text

No content

Slide 200

Slide 200 text

No content

Slide 201

Slide 201 text

Use Machine-Learning and other heuristics to detect crypto-mining JS

Slide 202

Slide 202 text

“Towards Seamless Tracking-Free Web: Improved Detection of Trackers via One- class learning” • Summary:
 Training a classifier to detect JS tracking code • Conducted by:
 • Data Source:
 Web crawl of Alexa top 50
 45 random sites from Alexa 5,000-45,000 • Machine Learning Algorithms/Methods:
 Support Vector Machine, Positive & Unlabeled • Data features:
 JavaScript semantic & syntactic tokens and n-grams • Results • 99% true positives for one-class Support Vector Machine https://www.degruyter.com/downloadpdf/j/popets.2017.2017.issue-1/popets-2017-0006/popets-2017-0006.pdf

Slide 203

Slide 203 text

Questions? • Crypto -> Blockchain • Bitcoin • Web Workers, Web Assembly • Web Sockets • Preventing • Luke Crouch • @groovecoder • speakerdeck.com/groovecoder • github.com/groovecoder