Google to block malvertising attempts

Google devs propose changes to the Chrome browser that could prevent malvertising attacks
21 October 2017   572

Cryptocurrency world has suffered a lot from the hackers.
Now, a new "disease" is so-called “malvertising", which uses online ads as channels to transmit script that causes visitors’ browsers to mine altcoins for the perpetrator. 

Google software engineer, Ojan Vafai, proposes a modification to the Chrome browser that would inhibit and potentially prevent malvertising.

A modification for malvertising prevention
A modification for malvertising prevention

Initially, the man commented on the post about unauthorized mining that was being executed by code from the software firm Coin Hive, which had debuted its flagship mining product four days earlier. Thus, Vafai gives some recommendation to combat the issue.

If a site is using more than XX% CPU for more than YY seconds, then we put the page into ‘battery saver mode’ where we aggressively throttle tasks and show a toast allowing the user to opt-out of battery saver mode. When a battery saver mode tab is backgrounded, we stop running tasks entirely. I think we'll want measurement to figure out what values to use for XX and YY, but we can start with really egregious things like 100% and 60 seconds. I'm effectively suggesting we add a permission here, but it would have unusual triggering conditions (e.g. no requestUseLotsOfCPU method). It only triggers when the page is doing a likely bad thing.
 

Ojan Vafai
Google software engineer

In other words, the solution would equip Chrome to recognize suspicious activity and take action to significantly impact the amount of processing power that mining software could appropriate by subjecting the culprit page to a setting that limits CPU usage. Chrome would simultaneously offer users the option to exit this power-saving state. 

Yet it is rather unclear whether Google intends to implement any protections against malvertising or not. Still, the proposal has already drawn a lot of attention. 

German Financial Regulator Clarifies Stance on ICOs

The Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) has clarified its position on ICOs
22 February 2018   55

German financial regulator admitted it was receiving many inquiries about the status of tokens and cryptocurrencies. According to an advisory letter, BaFin provides some basic definitions of ICOs and related terms. It is important because the results of a new survey showed that more than two-thirds of Germans know about bitcoin.

In this letter, BaFin educates the public and explains how tokens are typically generated, how blockchain works and that ICOs are used to raise funds for startup projects. The note states that for regulatory purposes, ICOs, tokens, coins, and cryptocurrencies are subject to the existing provisions in the field of securities supervision and other relevant national and EU laws.

The authority advises participants in ICOs to check and follow rules applicable to regulated financial instruments, such as securities. If businesses or individuals have any doubts about regulations, they should approach BaFin.

According to BaFin, companies should fulfill any obligations under the Banking Act and the Capital Investment Code, the Insurance Supervision Act and the Payment Services Supervision Act. The transactions may be prohibited if relevant regulatory requirements are not met.

The authority also states that legal classification of tokens requires precise examination. It will determine their status on a case-by-case basis after studying their features. The token should be transferable and tradable on cryptocurrency trading platforms in order to be classified as a security.