Cloud computing is big business. Companies and individual users rent bandwidth from large cloud services to perform all manner of tasks, from hosting small websites to churning through large, computing-intensive tasks, like modelling new drug compounds. But what if you could gain access to all that computing power for free?
It turns out that you can, using a loopholes in a new type of browser which taps the cloud to boost web page load speeds. Amazon’s Silk browser as well as Opera Mini and another browser called Puffin all use this trick to help render web pages on mobile devices, which can lack the computational punch to handle complex web scripts or graphics-heavy pages, for instance.
William Enck at North Carolina State University in Raleigh and colleagues found a way to use those cloud browsers to perform free computations of their choosing. They used bit.ly links to exchange data between different cloud browsers, so as to stay below a data threshold built into the browsers to prevent buggy web pages using up too many resources. With multiple cloud-browser instances linked, they were able to process data for free, running processes for which Amazon charges $US0.08 per hour.
They tested their method using just 100MB of data so as not to overload browsers’ cloud, getting the browsers to count and sort words in a document.
The hack performed as well as legitimate cloud computing techniques. Although Enck’s team tested the loophole only with mundane tasks, it could be put to nefarious uses, such as launching denial-of-service attacks or cracking passwords, they write in a paper due to be presented this week at the Annual Computer Security Applications Conference in Orlando, Florida.