Researchers demo free online technique to perform computation, store data


Cloud-based browsers such as Amazon (NASDAQ: AMZN) Silk, Cloud Browse, Opera Mini and Puffin could be abused to perform computing tasks anonymously and at no cost at all, says a group of computer scientists at North Carolina State University and the University of Oregon.

The researchers called the technique Browser MapReduce, an allusion to MapReduce developed by Google (NASDAQ: GOOG) to perform parallel processing of large data sets. In this instance, BMP aggregates the JavaScript processing offered by cloud-based browsers in tandem with a scheduling scheme to perform MapReduce jobs.

The researchers were able to demonstrate a proof-of-concept of "parasitic computing" by generating more than 24,000 hashes per second in password-cracking tests with Puffin. The BMR experiments also made use of a URL shortening service to store lengthy URLs encoded with data and accessed via the API.

"By rendering web pages in the cloud, the providers of cloud browsers can become open computation centers," say the researchers, "much in the same way that poorly configured mail servers become open relays." Like an open email relay that can be secured, such abuse can be curbed, fortunately. This entails the use of measures designed to either limit new accounts or stop clone instances altogether.

The details are outlined in a paper titled "Abusing Cloud-Based Browsers for Fun and Profile," which is scheduled to be presented next week at the 2012 Annual Security Applications Conference in Orlando, Florida.

For more:
- check out this article at InformationWeek
- check out this article at Dark Reading

Related Articles:
Cisco gets all-inclusive, adds Hadoop support to its Enterprise Scheduler
Amazon Silk web browser raises privacy concerns