Wednesday, October 10, 2018

Why did I switch to Linux?


After a long consideration I think I have to thank Microsoft for pushing me to switch to Linux ! I admit it has been a long road until I decided to give up my will to insist on Microsoft Servers and workstation operating systems. I think the fallout actually began in year 2002, with the launch of Windows XP as I was a real keen Windows enthusiast in those days, (even a certified one - MCSE !!) but, though the whole population adored Windows XP, I hated that menu and the GUI which used excessive GPU and memory. I had to go in advanced menus to set it to basic screen mode to free memory and GPU which enabled you to work smoothly, even with 8 Gb memory. I was already aware back in those days that the CPU speeds were stuck at 3.4 Ghz and would not go up and Intel would play around with cores and caches to sustain its revenue.

As a person who arrived to the computer world from good old IBM DOS 4.x which had the chance to experience loads of operating systems such as OS/2 Warp, Windows 3.0, Windows 3.1, Windows NT and eventually to Windows 95 etc. I remember the days of Windows 95 quite well. It was a breakthrough for Ms as well that several functions and ideas were introduced such as PnP, high resolution desktop graphics, multitasking, 32bit architecture and ah yes, long filenames ! Though all still depended on Ms DOS (playing around with UMB via autoexec.bat and config.sys improved performance greatly).

In those days I used to work in Ms Support Centre back in Istanbul, where support calls were on the swarm after the release of Windows 95 as Ms had announced to the customers that it was very easy install, even for a non-computer person! Of course the illiterates started pouring over the lines ; some even came to our door with their tower computers, weeping for help as they had just wiped their data in the course of installing the new Windows OS. Sad, really. Of course there were those with hardware mismatches, unsupported hardware and of course the hardware manufacturers were only ready for their new equipment to be "compatible" with Windows 95. After a shortwhile I remember the famous machine stickers came in "Compatible with Windows 95!"....

We, as IT crowd, went and upgraded to the latest hardware so that we can use Windows 95 on our machines at home. Games were blazing fast compared to DOS, where we had constant memory problems due to the boundries of 640k UMB.

Ah of course, though we had already known about infectious and malicious softwares called "viruses" but never saw it in action. Thanks to Microsoft, in a short amount of time we became quite acquainted with their kind as the installation diskettes, the OS itself got infested by them. One of the main supporters and software providers for Ms was Symantec (I think they had written some additional parts of the Windows 95 OS, such as the fax functionality and diskscan tool) and funnily, their software was ready on day one! Then we had to purchase packages such as Norton Disk Doctor, Norton Utilities, Norton Antivirus...and eventually the machine was slow again! I had heard about the Wintel partnership but I really didn't know this was the whole idea of it. Then of course higher performance parts started pouring in into the market faster CPUs, 3D capable GPUs, larger capacity HDDs, faster memory modules, fax modems, soundcards...luckily there were the OEM hardwares that helped us young ones to be able to manage the cost of constant upgrading. Ah lastly, for some reason, the softwares we installed started to have special hardware requirements such as more memory !

I never thought this topic is going to be so long and winding, I will publish in pieces I guess. 

With the arrival of the revolutionary operating system Windows 2000, in year 2000, which had the look and feel of Windows 98 but the power of NT, I remember saying to myself, "OK the nightmare is over"...but how could I know that it had just began! Being one of the main support people for Windows NT 4.0 and Windows 2000 in Turkey, Win2k was awesome as it was really compatible with the current hardware as well as it was rock solid; less BSD's (bluescreen of death as we named it). I admit I stayed with Win2k for a quite a long time. Of course, once again the systems started running slow once again and the hardware needed to be upgraded once again. Then came the ATX form factor to the OEM markets where most of the previously separately available hardware became "onboard". So we didn't have purchase an IO card separately and try to configure it through its BIOS for 30 times over (today not many know what IRQ or DMA even mean...)

Not long after, we started to acquaint about some "patch" software published by Ms and her software partners that was a compliation of software fixes. It was named "Service Packs". We all imagined that Service Packs were awesome and would have made our machines awesome too....not long after updates started flowing in through the internet called "live updates". Everyone was happy once again ; though it didnt take me long to realize that some of the service packs were so huge, it was nearly as big as the OS installation CDs and the machines did not get any faster; but slower.

It was around then that we learnt a new word called "vulnerability" as viral and malicious attacks started pouring in though the internet. With everyone feeling the vulnerability of losing data, we all loaded our machines with antivirus and personal firewall softwares. Oh oh...this machine is slow again, need to buy more ram !

By the year 2007 I was in a contract project with Ms and I was appointed to be the project manager for customizing the OEM version of the Windows Vista for a hardware brand. As we were the hardware manufacturer, we had to make sure that our drivers were WHQL certified. I think it has then I realized there was no good or god. It was a real punishment and hell torture that went on forever, trying to get the optimum performance out of the drivers so that they are not just WHQL compatible, but also performed as supposed to ! From the user's point of view, the world hated the new start button and could not get rid of it!


The situation was pretty much the same on the server side. Though the companies' requirements were the same as they were 10 years back, OS kept on getting bigger and heavier which required more resources. With the withspread use of virtualization, the resource requirements went over 10000% probably, which increased the arrival speed of alternative virtual and embedded operating systems and hardware such as VMware and NAS. If it wasn't for virtualization, we would all be lost in mayhem probably. The arrival of faster networking speeds and fiber WAN technologies, we were free at last ! Even today when we compare the Windows Server 2000 and Windows Server 2016, only difference that can be seen are the additions compatibility packs for todays hardware requirements, rest is probably just vulnerability service packs (yes, yes, i know there are hundreds of utilities that are replicated from Unix to stabilize the systems and fulfil today's world's needs, but people of my era probaly understands what I am trying to say). The current server environment is so much aligned with UX that there's even a linux console command system embedded into the PowerShell.

I admit I had played around with Linux OS's back in 2001 when some school kids started asking weird questions such as "linux drivers" for the hardware. Eh? I thought it was going to be another temporary OS like the BeOS...

Then, it was the good old SuSE 2.4 that was actually bundled by a PC magazine that got my attention and I had evaluated it on a test machine. The look and feel as a bit like OS/2 Warp.

I had always disliked OS/2 Warp as it was made by IBM. Most probably I remembered how the installation constantly failed, even on IBM hardware ! For some reason I kept on researching for an alternative OS to the Windows as it was interesting. OSX was never my kind of thing for only one reason: the mouse had only one button ! But I admit BeOS was awesome. Pity other OS corporations thought as competition and took it down asap. Of course there were hardballs such as the AIX and the Sun OS (Solaris) which still rock. I have to admit, the main reason I loved Windows NT and its derivatives was that it killed Novell Netware. I know what is to try to configure a server on a tokenring network with IPX/SPX on NetWare 3.x!! 

Coming back to end-user operating systems, Windows 7 was the return of the flagship ! Most compatibility issues were fixed, less BSDs, configurable Start button (LOL!) as well a huge list of improvements which eased the life of the IT crowd greatly as it was easier to manage remotely and use everywhere possible. Plus, it had great improvements to the deployment services which still is quite complimentary.

Frankly I had forgotten about that thing called "Linux" for a longwhile. Long until I needed a low cost webhosting and a webserver to run php. Though I aimed at Windows based webhosts, I must admit linux based webhosting packages were much cheaper. Of course nothing goes perfectly. Eventually found Googling about fixes. Later on found myself doing myself a LAMP installatio (Linux, Apache, MySQL, PHP). I had no idea that I was being pulled in deeper ! Though I was skeptic about the reliability of it as Linux is "opensource", especially securitywise. But in comparison with Ms, what could be worse ? I mean Ms guys in Redmond and elsewhere were supposively test the apps perhaps 1000 times, but things still go horribly wrong, whereas in opensource, tests are executed by self-motivated, groups of volunteers who test the sh*t out of the applications then publish them have less glitches. 

Whilst freelancing for a precious customer, (yeah, he will read this I know) the customer had requested a solution like "Websense" but relatively cheaper. Whilst researching for such software's availability a friend of mine advised me to test "Squid" or "Dansguardian". By the time I realized what platform they work on, it was too late ! The word was out and the customer demanded one of them as per a noob's referral. Guessing that I would be lost in code, I started searching for a solution that perhaps process would be easier. Then the linux kicked in. Someone had thought of creating an all inclusive software that includes web content filter, firewall, vpn, proxy, mail scanner (antivirus) as well as all inclusive monitoring and reporting tools that can work on the most pathetic machine configurations.

My test took approximately 2 weeks as I could not find anything wrong with it. You know, its quite annoying not being able to find a bug. When I realized that I was like Jamie in Mythbusters, I gave up the research and went into live installation. Seriously, it's annoying not to find anything wrong! As I do not work for that customer anymore, since I have serviced it last (in 2010) noone has touched the machine and it seems to be working like a charm. The package I'm talking about is called Endian Firewall.  


Frankly I dug so deep into Endian's core, I found myself involved. Though I am not a coder, we were a good team with the Italians and successfully published later versions with more ability. Heck, it still can work with 512Mb memory ! Of course I would recommend 4Gb minimum but that's my argument. The point I am trying to make is, Linux can work on low resources as well as legacy hardware like a charm. These days there are several packages like Endian (eg. IPcop, pfSense, OPNsense, etc.) that does the same sorts of tasks including even a full featured VPN server.

god, this has taken too long..I will continue in Part.2 soon.

Saturday, June 30, 2018

My most ever challenging project

For some reason this topic came up as a question in quite a few interviews. Though I remember "my most challenging project" rather well, I tend to leave it out from the discussions, due to several reasons (and as it sounds too fantastic).


It was just after Y2K (2000) era, when humans realized that the world wasn't going to destroy itself due to the limitations of the date problem in early computers...Our journey with Karma had just ended and I was hunting hight and low, when a fellow friend, who was the CEO of a major IT Project company, in Turkey (I am publishing this article with his kind permission). I had signed up to work on project basis, ranging from networking hardware to complex IT tender projects

Soon enough a "Mission Impossible" project landed on my desk. Turkish Directorate of Motorways -(TCK was and still is one of the major gov't tenderers in Turkey) had recently opened a tender for data connectivity project for the Istanbul's two Bosphorus Bridges datacentre's.(As there are toll booths on both bridges, the data used be collected to huge tapes then manually shipped to the hq datacenter, which of course meant a huge vulnerability).

At first glance in 2018, the project may seem quite simple, but in early 2000 era of Turkey, where fiber connectivity was only a myth. Most of the city’s internetworking backbone was built on dialups and copper cables which were connected over tens of pops.. Due to the extremely low quality cabling, excessive pop usage, speeds over 2 Mbps (async ofc!) was only a dream. Whilst the Telecom was still trying to hurdle with the leased copper lines, though it was available in selected locations, ISDN was part of the dream; even then 4-5 128kbit lines didn’t solve anything.

So the TCK had a huge bottleneck as trying to link both bridges’ datacenters into one, generally meant for the offering companies to use at least 2x 2 Mbit copper Leased lines over approx. 20 pop locations. Of course this means huge hardware as the day had it’s limitations. Estimated value for the project was around $ 2m.


Of course, first alternative that came to my mind was to lay a 5 km of fiber cable under the Bosphorus Sea. Though it seemed reasonable, it still was risky as Istanbul is known for it’s unsolicited constructions, yes, even underwater and as the govt’s offices were so disconnected from each other, they usually wouldn’t even bother letting the other party know that they are going to dig in their turf, until they damage something :)) ; plus, Bosphorus Sea itself isn’t a soft cookie. It’s known for its strong currents, which generally meant extra shielded fiber wires needed to be used with a lot of slack. When we added the costs it came close to $ 2m, which didn’t really leave much profit for us.

Wireless? What wireless? We are talking about year 2002. How can you get a secure wireless singal over 5 km and achieve 2Mbit data connectivity ?

I didn’t know it was possible and most of you out there, still do not know that it is possible !  

With a long flight to Canada and vast R & D, I was convinced that it was possible; at least it was possible to send 155 Mbit at full duplex over 4 km and the company was promising that weather conditions such as rain, fog, snow didn’t matter. After the nda, we shared our project with the manufacturer who mainly served on military contract, which were actually fascinated with the idea. They were so fascinated, they even decided to support the project !

The challenges were that the direct line distance from A to B was about 5 kms (4.9) and the range of the device was limited to 3 km (2.8 guaranteed). This simply meant we needed a pop somewhere in the middle, perhaps on a cell tower or something even higher ! Also due to the technology of the products all the transreceivers had to see one and other over a certain degree range.

You still don’t know what I am talking about do you ? OK, no need for mystery. There’s a technology that exists since the late 90’s and is widely used where cable or radio signal connectivity isn’t possible :)) Yeah I know. I drooled too.

It’s called FSO – Free Space Optics. You can read all about what it is here. Similar technology is currently used today to transmit live HD video from the ISS to earth and enabling us to view it over YouTube live. Though our goal was to obtain the “AFAP” (as far as possible + as fast as possible) fSONA can obtain around 2.Gbit data rate over shorter distances today.

What FSO is:
Free Space Optics (FSO), also called Free Space Photonics (FSP) or Optical Wireless, refers to the transmission of modulated visible or infrared (IR) beams through the atmosphere to obtain broadband communications. FSO systems can function over distances of several kilometers. As long as there is a clear line of sight between the source and the destination, and enough transmitter power, communication is theoretically possible. Like fiber, FSO uses lasers to transmit data, but instead of enclosing the data stream in a glass fiber, it is transmitted through the air.

In A Nutshell - FSO transmits invisible, eye-safe light beams from one "telescope" to another using low power infrared lasers in the teraHertz spectrum, where capacity can reasonably be expected to reach 10 Gbps. The light beam carries whatever optical transmission signal (layer 2 or MAC) and protocol framing a manufacturer chooses to market, typically SONET/ATM and 10/100/1000 Ethernet. Plus, unlike other free space communication systems, FSO doesn’t require licensing.

I admit it took me a while to convince my friend who actually had put me up to this task as this technology was quite unknown then and it still is pretty much unknown in today’s IT world.

The most amusing part was that all equipment and the installation cost was merely $ 400k ! On the day of the tender, it was quite crowded, probably around 30 companies, some are tendering, the rest just curious enthusiasts.

As expected, first offer was from one of the leading IT project companies and their offer was to go use 2 x 2Mbps LL coppers over 20 pops and hops which guaranteed 1.5 Mbps over the low quality and totally untrustable backbone of Istanbul at a round figure of $ 1.7m. The reason for 2x LL was to achieve the redundancy as well as to load balance the traffic. (But, I can’t help still thinking, wtf is the point of having 2x copper wires going through the same route, same potholes etc. as they are bound together for damage !)

All of the offers in the specific tender were based on copper wire technologies and they just played around the prices on their active/passive hardware via the discounts on their GPLs. The price was as low as $ 1.4m, until we stepped in. Our starting offfer was around 20% lower than the closest competitor and a huge gap of 144 Mbps in full duplex !

I still remember that moment quite well as all the heads suddenly turned towards us like a herd of penguins!! There were quite few synical grins by the “pro’s of the trade” like it was some kind of a joke being told. After a 5 minute presentation, TCK had to decide that there’s no reason for a 2nd round to tender. After selection of a substute, there was a huge rowl in the room people screaming in pain and distress ! 😂😂😄😄

As a rookie conqueror, I remember that moment quite well. With a simple proactive thinking and deep research I had managed to defeat the top 10 brands and the pro-IT companies which were left clueless ; which several of them went far enough to threaten us with legal proceedings due to their misery!

It was until next Monday that my victory celebrations lasted, when the company owner, who reminded me that I was the leader of the project which didn’t only consist of the sales part of the project, but also the supervision of the installation as I had agreed previously.

Our project proposal actually consisted of placing 2x beacons on the highest point of the two Bosphorus Bridges as well as installing 2x beacons on a antenna tower (approx. 45m high) at the center location as a bridge point. (and I always thought the firm had technicians to install the devices!!!).

First one to bail out was the manufacturer, then the company’s other techies 😀😀😄 as the distance to place the beacons were as high as 170m from sea level (approx. 70m from the carriage way to the peak of the carrier towers) on a tiny platform as wide as 3 x 4 m !! Though I tried to explain to my fellow technicians that all towers consisted of elevators to take them up, I guess I wasn’t very successful.

Frankly, as being one of the fortunate ones to experience the 1999 Izmit earthquake (7.6 magnitude) on a high tower apartment, I knew what it feels like to be in a high altitude when the ground is moving. As both of the Bosphorus Bridges are suspension bridges, they relatively move around even when you are on the carriage way. But being on a 12m2 platform, 70m higher and in open-air…….. … --- …

Admittedly I was an adrenaline junkie until that day and I had never had experienced any anxiety whatsoever.

Fortunately it took approx. 4 months for the goods to be shipped from Canada to Turkey; enough time to get used to the idea of working at high altitude. Luckily I had managed to convince two professional mountaineers from Middle Eastern Technical University to assist me on my quest….

Until that day, I had thought I had completed my “most challenging project”….
It was sometime in 2002 a cloudy Spring day that was scheduled for the climb on the primary tower of Fatih Sultan Mehmet bridge. It took us around an hour to carry the equipment to the leg of the bridge, where we loaded them onto the service elevator for the ascension 😇😇

When the climb began, I had alreay calculated the wind, the vibration but what I hadn’t taken into consideration was the flexibility ratio of the steel-reinforced concrete tower! Honestly, I have lived that moment in my nightmares for several years.

When we were in the final chamber, it was much smaller than I had expected. Though scene was spectacular, I realized there was no reason to wear the safety helmet as incase of a mishap, it wouldn’t really matter on which part of my body I would land on 😆😆😆😆 Although we were securely harnessed to the rails by double safety belts (to move around you need to detach/attach one belt at a time) due to the gushing winds as well as the flexing tower (I would have never guessed that concrete would flex so much) I could hardly standup (yeah also due to the height LOL!). For a second or so, for a reason that I could not comprehend I had wished to try base jumping from that point. I guess it would have been more fun.

Of course as we hadn’t unpacked the goods on the ground level, we had to cancel the event and head back to the ground level to re-prepare. On the 2nd trial it was more comforting than the first mockup as the boxes were unpacked and everything was nearly ready to go. After 2 hours of drilling the reinforced concrete, we managed to fixate the beacon on the tower and install the network cable behind it all the way down the elevator shaft. I even had managed to get few shots on my 2MP Kodak camera !
No, the rest wasn’t child’s play. Though I didn’t have to climb to the top of the bridging tower in the center, I had to do the climbing once again on the old Bosphorus Bridge, which was about the same height, the concrete was crumbly and it rocked like a cradle. After a month of constant climbs, tests, I had managed to complete the project on time and hand it over to the offfice doodes who think themselves are real technicians 😈😈😈

I think it was around then I had got the idea to get married and settle down...sigh...I wish I was on top of that tower instead now (at least I had harnesses)….

Was it worth it ? 

Hell Yeah ! Let's go again !

References:
fSONA - http://www.fsona.com
Wikipedia - https://en.wikipedia.org/wiki/Free-space_optical_communication



Sunday, June 24, 2018

Someone should have told me this earlier...



The reference that should be read by everyone aged over 30 that wishes to move to Finland

In Finland is job seeking and finding the desired job for foreigners is a general problem . The problem doesn't arise from the fact that it's a small country but, it lays within the history of Finland. Finland is a country and the Finnish people have come along way in a very short amount of time. If you look back at the 150 year history of Finland you will realize that Finland hasn't actually been so wealthy as it’s neighbors Sweden or Russia nor they their relations haven’t been great. Due to this fact, it has concentrated its focus on workmanship and education to become better.

Respectfully this formula has worked out over the last 20 years or so and this has made them well trained and educated. Their education has been and always will be targeted on manpower and being professional at what you do. That's why nearly every job in Finland requires "license". Of course certification does not mean you are experienced at the job, but if certify's that you are educated and able to perform the job according to the laws and regulations. As Finland is a "country of workmanship", vocational nearly all jobs are supported by vocational trainings/education and training periods, just to get you a little experienced.

Now, if we compare this to us foreigners, you will see that there's a huge gap. What usually happens elsewhere is you graduate or leave school and you somehow endup doing some job that you professionalize in and over time you become experienced in that certain field. That job becomes your career and occupation. Of course, within your own power you train and expand your knowledge by "self-training". Years of workmanship brews your experience and you eventually "become a professional".

This system usually works elsewhere but Finland, due the local population having been well trained vocationally and / or occupationally on the subjects they have chosen. For example, even the most regular service related occupations such as taxi drivers', waiters, barmen, cleaning, construction, machine operation etc. require to have vocational job training and certification examinations to be able to perform that task. These certifications are also counted as the "license" to perform the task. (Barmens require alkolupa, taxi drivers, taxi driver's license, cleaners, hygene pass etc.)

This is the point actually the language barrier kicks in as most of the trainings are in Finnish language, targetted only to the Finnish population. I have been trying to point this matter out to every audience I can find. Though the Finnish language is extremely difficult to learn compared to the other latin based languages, it's not impossible to learn. But of course our difficulty isn't arising from the difficulty of the language but lined directly to the fact that we are already well experienced and "unemployed".

What I mean is, whenever I discuss with some university kid or a newly graduated, I find myself in the argument of Finnish language being easy or difficult. It's a pointless discussion as a university undergraduate or a new graduate still doesn't usually have urge of fulfilling the responsibilities of life such as car/house payment, children etc. as like the 35+ year old person who is already experienced elsewhere, who has spent most of his life trying to fulfill his responsibilities without the support of the government. Experienced newcomers tend to look at it as they have been used to before; the need to find work and earn money immediately.

Sorry, my argument still withstands as this doesn't happen very often here. Some young computer programmer gets a job as it's currently in the mainstream and argues that it's not difficult to find a job...

Though partially even the newcomer foreigners are supported by the Finnish legistlation as you all know it's merely a charity. Even the refugees get better support.

My conclusions are:

  1. If you are not young anymore, educated and/or experienced in your career, it's better for you to seek habitance elsewhere as Finland, nor it's socio-economical system may not fullfil your needs as it requires time for you to get localized and fit into the socio-economy’s needs.
  2. If you have a professional diploma obtained from outside of Finland, though you may get it converted, the chances of you finding a desired career is pretty slim due to the fact that it's not localized to the local system nor neither are you; so forth to speak as there's a population against you who believe that their local diplomas and certifications are way better than yours (even though you are probably more experienced than them).
  3. Even if your education, experience, certification may be "better" (eg. if you are a Harvard, Oxford, MIT grad etc.) you may be mobbed and mistreated by your co-workers as they are not very familiar with foreigners being "better" (educated or experienced). You may even have to perform harder than the locals to prove that you are as good as them.
  4. If you are lucky enough to find the desired job, it’s a good idea you stick to it until the end of time as most probably you will not be able to find something better to advance in your career here. (Remember that, you have to under-perform compared to your coworkers as they may feel agitated and may consider you as “competition” -yeah, it’s a contradiction! ).

Bottomline is, the best education perhaps might be in Finland, but if you have moved on in your life and believe that you have left the fun days of school far behind, relocating to Finland may not be right choice for you. (Most probably you have been brainwashed by your spouse or by the social mediaon how perfect, peaceful, secure life in Finland is and with your education and experience it wouldn’t be so difficult for you to get the dream job you desire etc. -that’s another topic.)

As I mentioned in a recent media interview, this is one of the reasons why Finland has the most highly educated blue-collar workers which are even capable of splitting atoms whilst cleaning toilets or serving pizza or driving a taxi.

Saturday, June 9, 2018

How to block cryptocurrency mining in web browser? (Part-2 - Solutions)

For the first part, please refer here.

How to block cryptocurrency mining in web browser?

In my previous blog on the subject I had given brief information on how the website owners were secretly trying to monetize by running cryptocurrency mining scripts on your browser, causing your cpu to spike. The common symptom is your CPU gets too hot too quickly when you visit a website (and most probably drains your battery too quickly). 

This method is commonly known as coin-hive mining or cyrptojacking.

How to detect if the site is running cyrptocurrency mining on your web browser?

Check for your browser's CPU usage. Sadly the mining javascript code has been optimized for Windows OS's as it's the most common OS out there. Reseach shows that Internet Explorer and Google Chrome are the ones who gets the most of the polarity as the script allows the browsers to run in the background, even the window is closed. 

But this doesn't mean it doesn't affect other OS'es such as the OSX or Linux. It does. As the most browsers are platform independent and it is executed on the browser, the cryptojacker code functions worse than on Windows computers as it can result in spiking your CPU utilization over 200%.


  1. So first step is to select from browser settings to stop allowing it to run in the background (most people allow their browsers to run in the background due to the addons in the browsers such as the mailcheckers). If the the browser CPU usage is above 50% this generally means, someone is using your CPU without your permission. 
  2. If you know your way around in Windows, you can block access to the mining sites from your windows hosts file (you need admin permission to modify the file). This way by blocking particular domains your browser won’t be able to connect to these domains. We can edit the hosts file and redirect it to 0.0.0.0. Your hosts file is located at C:\Windows\System32\drivers\etc subfolder.

For Linux users. type sudo nano /etc/hosts which will give access to your hosts file. Just add the addresses of the domains to the host file as stated below. 



3. Use browser Chrome browser extensions to block cryptojacking websites from Google web store. Frankly I was going to advise the extension "No Coin", but, though it worked perfectly in the begining, as the developer has stopped updating the code, it does NOT work anymore. Most probably, cryptojackers found a way to bypass the blocker, which makes the addon useless (most sites on the net refer to No Coin as being the best addon, but it's not. That's why I have shared this information). 

Instead I am advising to use "minerBlock" which a simple, lightweight addon which works perfectly. The extension uses two different approaches to block miners. The first one is based on blocking requests/scripts loaded from a blacklist, this is the traditional approach adopted by most ad-blockers and other mining blockers.


The other approach which makes MinerBlock more efficient against cryptojacking is detecting potential mining behavior inside loaded scripts and kills them immediately. This makes the extension able to block inline scripts as well as miners running through proxies.

There's also a minerBlock extension available for Firefox browsers, which also functions perfectly. 

BEWARE: MinerBlock addon should be only installed from Chrome Webstore or Firefox web store as it is known that some n00b has created a fake version of this addon, which when installed, instead of blocking cryptojackers, it plays a loop of videos in the background, causing your cpu to spike. 

4. Though it's not my first preference, you can also block the cryptojack sites by adding custom filter to your Ad Blocker (AdBlock Plus is the best so below are for Adblock Plus)

In Chrome, click on the menu button, More tools, and then Extensions. Find Adblock Plus, click on Options, click the “Add your own filters” tab at the top, and in the text field that appears enter ||coin-hive.com/lib/coinhive.min.js and click +Add Filter. (Note: This is only an example of a domain to be blocked. The complete list can be downloaded from here)

In Firefox, select the Firefox menu (Tools on OS X and Linux), choose Add-ons, and find Adblock Plus. Choose Preferences to access the Adblock Plus profile, click on Filter Preferences, hit “Add filter subscription” and add coin-hive.com/lib/coinhive.min.js. (Note: This is only an example of a domain to be blocked. The complete list can be downloaded from here)

On Android, open the Adblock Plus application and select Filter Subscription. You can’t select multiple filterlists, so you’ll have to change your filterlist subscription.


References:https://www.bleepingcomputer.com/news/security/fake-minerblock-extension-repeatedly-playing-videos-in-the-background/

https://fossbytes.com/block-cryptocurrency-mining-in-browser/

https://venturebeat.com/2017/09/21/adblock-plus-can-now-protect-your-computer-from-being-hijacked-to-mine-cryptocurrency/

Wednesday, March 21, 2018

Cryptocurrency Mining Haunts Browsers







Browser-based cryptocurrency mining makes a suprising come back to haunt visitors.

Browser-based cryptocurrency mining activity has once again exploded in the last few months of 2017 and it is still climbing in 2018. After many years of silence, the convict appears to be the launch of a new browser-based mining service in September 2017 by Coinhive. This service generally wraps everything up nicely in an easy-to-use package for website owners and has injected new life into an idea that was long thought as lost.
  • As said before browser based cryptocurrency mining isn't something new; it's been around since at least 2011.
  • A surge in the cryptocurrency market in 2017, as well as availability of coins that are mineable using home hardware and easy-to-use JavaScript APIs, has led to a torrent of malicious browser-based mining affecting many well-known and lesser-known websites.
  • Mobile devices have not been spared from cryptocurrency mining, as witnessed by a 34 % increase in the number of mobile apps incorporating cryptocurrency mining code.
Browser-based mining, as its name suggests, is a method of cryptocurrency mining that happens inside a browser and is implemented using scripting language. This is different compared to the more widely known file-based cryptocurrency mining approach which involves downloading and running a dedicated executable file.

The website injected service generally allows itself to mine the crypto-currency Monero without the consent of users while users had the website opened in a browser tab. This illicit nature highlights the problem of not only unregulated cryptocurrencies but cryptocurrency mining as well.

Browser-based mining dates back to May of 2011 when an innovative service called BitcoinPlus.com was initially launched—back then Bitcoin was cheap and mining was relatively easy. That service was in many ways remarkably similar to its modern reincarnation, Coinhive. It used JavaScript for pooled mining and website owners could sign up to the service and embed these scripts into their web pages to make page visitors mine for them. The big difference is that back in 2011 BitcoinPlus.com, as its name suggests, mined for Bitcoin (BTC) whereas the current browser-based miners like Coinhive are mining for Monero (XMR)—a newer, privacy-focused cryptocurrency. Back in 2011, before the advent of ASIC mining in 2013, Bitcoin was still in its infancy, mining difficulty was relatively low, and cryptocurrency prices were even lower. It was (just about) possible to do some mining with home-grade hardware.

Worse case scenario is that lesser known websites, such as user forums etc. are rapidly choosing this method to increase their revenue as site advertising doesn't seem to produce enough revenue.

Due to the fact that the code is executed on the user's browsers without the consent of the user, the user literally have no control over the execution of the code. The impacts are not limited to the browsers, but it affects the whole machine as, many users today visit sites not only on their desktops, but whilst on the move on their phones, tablets and laptops, which generally means faster draining of their battery power as the CPU of their appliance is consuming power nearly at 100% rate (causing the systems and devices to produce more heat, which means more power consumption !!)

As the code is executed on the user's browser, the problem is OS independent and it affects all systems (yes, Linux, you are no exception).

SYMPTOMS:

Frankly, when I first ran into the problem, I realized that my CPU fan was working at fullspeed, whilst hot air was being exhausted out from the vents. At first glance I found it quite odd that a website was causing my CPU to work like crazy as first reaction is, it cannot be possible. But of course it can. When I looked at what is heating my proudly owned Linux-top I realized something odd:





In my next post I will explain about the solutions for the problem. 

References:
https://www.symantec.com/blogs/threat-intelligence/browser-mining-cryptocurrency

http://www.thewindowsclub.com/block-websites-using-cpu-mine-cryptocurrency
https://thenextweb.com/apps/2017/09/19/cpu-cryptocurrency-miner-blocker/