Researchers demo free online technique to perform computation, store data
Cloud-based browsers such as Amazon (NASDAQ: AMZN) Silk, Cloud Browse, Opera Mini and Puffin could be abused to perform computing tasks anonymously and at no cost at all, says a group of computer scientists at North Carolina State University and the University of Oregon.
The researchers were able to demonstrate a proof-of-concept of "parasitic computing" by generating more than 24,000 hashes per second in password-cracking tests with Puffin. The BMR experiments also made use of a URL shortening service to store lengthy URLs encoded with data and accessed via the bit.ly API.
"By rendering web pages in the cloud, the providers of cloud browsers can become open computation centers," say the researchers, "much in the same way that poorly configured mail servers become open relays." Like an open email relay that can be secured, such abuse can be curbed, fortunately. This entails the use of measures designed to either limit new accounts or stop clone instances altogether.
The details are outlined in a paper titled "Abusing Cloud-Based Browsers for Fun and Profile," which is scheduled to be presented next week at the 2012 Annual Security Applications Conference in Orlando, Florida.