
With donations against cancer, the Pr0gramm community has made cancer aid crash - usernam33
http://www.t-online.de/digital/internet/id_83466874/pr0gramm-community-laesst-mit-spenden-gegen-krebs-seite-der-krebshilfe-abstuerzen.html
======
kerkeslager
Man, this is a complicated story. The strategy of protesting Krebs' writing by
donating to an German anti-cancer website (Krebs = cancer in German) is
definitely interesting.

At the surface level, it's an attack on Krebs, but there's a secondary thing
going on here.

Krebs' main investigation was on Coinhive, a group which embeds Monero mining
scripts in pages which run on page visitors' machines. But in his criticism of
Coinhive and its association with Pr0gramm, it seems he may have cast too wide
a net, doxxing and accusing Pr0gramm users who may not have anything to do
with Coinhive. Instead of apologizing for this, he doubled down on it,
typifying Pr0gramm users as basement dwellers who anonymously post nastygrams
and threaten journalists with death.

Donating to cancer research is a direct response to _that_ : it shows that
Pr0gramm users are at least not _only_ bad--they also do things generally
considered altruistic, like donating to cancer research.

Both sides have definitely dirtied their hands: at least _some_ Pr0gramm users
_are_ mining cryptocurrency on other people's machines through Coinhive, and
Krebs has definitely made the false insinuation that Monero's anonymity is
only useful for criminal activity. The open question is whether this behavior
is typical of Pr0gramm or Krebs has actually accused Pr0gramm users who
weren't involved in Coinhive.

I don't know who is in the right here--I simply don't have enough information
to know. What information I do have comes from sources which are clearly
biased. But it's interesting to see how even at this level, security cases are
being tried in the court of public opinion.

~~~
kerkeslager
An aside to this story which I find interesting:

I definitely think that mining cryptocurrency on other people's machines
without their consent is malicious, and I am glad that the security industry
is treating this as an exploit. This shares similarities with ads in webpages,
which run without my consent.

However, unlike ads, mining scripts don't grab my _attention_ without my
consent, they only use my _processing power_ , which is something I would be
willing to negotiate for the right website. I'd be happy to click a button
which says "Allow nytimes.com to mine cryptocurrency on your browser while you
browse their website", for example. There would need to be secure systems in
place around this sort of mechanism--I'd rather have this implemented by the
browser than as a JS script--but this might provide an alternative to pay
models which sites seem unwilling to try, and ad models which I am unwilling
to agree to.

~~~
lweber
This is exactly what happened on Pr0gramm.

The users of the platform are not the people who include Coinhive on hacked
websites. Pr0gramm simply allowed its users to voluntarily mine in their
browsers and be rewarded with a premium account. The main benefit of a premium
account is, that no ads are shown on the site.

~~~
Fnoord
> The users of the platform are not the people who include Coinhive on hacked
> websites.

They're apparently basement dwellers. Hint: basement dwellers don't pay their
own electricity bill.

------
npstr
I think uncovering the person / company behind Coinhive is not a bad idea.
However, in doing so, Brian Krebs did several extremely questionable decisions
and moves:

\- publishing material by users he knew had trolled him to further the agenda
that this is a right-wing site (it is not, the site has a huge fan base of
Bernie Sanders and other leftist politicians)

\- look at his tweets and headlines (on Vice Motherboard for example) that are
used to promote the story: They are almost exclusively focusing the the
Mathias Moench part, which is completely irrelevant to pr0gramm, Coinhive, and
even the mindmap.

Given that, his whole article reeks of sensationalism, not journalism. This is
fake news. Seeing reporters report about a thing you know well instills me
with me with dread about how I believe their articles about the things I don't
know well. I lost all the respect I had for Mr. Krebs work, and I am one step
closer to losing respect for all journalists. Which isn't a bad thing, being
aware how biased and badly researched publications are is not a bad thing.

€dit: typos

~~~
npstr
And yes, I understand that "German nazi separatist site registered on
millionaires son who hired a hitman to kill his parents with a machete
responsible for hottest crypto malware of the year"

sounds great to push the story. Except that it could not be farther from the
truth. I just wasn't expecting someone who calls themselves an investigative
journalist like Brian Krebs to try to beat the Sun (or Bild, for Germany) at
their game.

------
rostigerpudel
From the article:

 _Am Abend änderte sich die Auseinandersetzung dann, nachdem ein Nutzer,
"BassT87", einen Screenshot als Beleg für eine 25-Euro-Spende an die
Krebshilfe postete. "Ich habe den Rummel um Herrn Krebs mal zum Anlass
genommen, meinen Teil gegen Krebs beizutragen. Vielleicht macht der ein oder
andere es ja (statt dem drölftausendsten Meme) ja nach..."._

In english:

 _In the evening, the dispute changed after a user, "BassT87", posted a
screenshot as proof of a 25 euro donation to Krebshilfe. "I took the hype
about Mr. Krebs as an opportunity to do my part against cancer[Krebs]. Maybe
one or the other will (instead of the thrwelvethousandth meme) imitate
it..."._

This is really the kind of absurd humour I like...

(Edit: format)

------
lawl
Krebs = Cancer in german

This is apparently in protest of this article by Krebs:
[https://krebsonsecurity.com/2018/03/who-and-what-is-
coinhive...](https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/)

Which according to some screenshots on pr0gramm also contains bullshit users
fed to Krebs in an attempt to toll him. [0]

But the obvious problem here is the unnecessary doxing of people, just because
Brian doesn't believe someone can compile a CPU miner with emscripten as one
single person.

[0]
[http://img.pr0gramm.com/2018/03/28/b99c8ddc182d29f0.png](http://img.pr0gramm.com/2018/03/28/b99c8ddc182d29f0.png)

------
usernam33
Following the doxxing of the people behind pr0gramm.com the community knew
that retaliation by ddos or other bad methods would not work for Brian Krebs,
who enjoys DDOS protection by google. So they started a donation raid on the
German Cancer Help Foundation, because Krebs literally tranlates to cancer in
german. The raid is ongoing and unconfirmed sources talk about 11k donations.
The avarage ammount seems to be > 15€ with at least one single donation of
10k€

rel.
[https://news.ycombinator.com/item?id=16678536](https://news.ycombinator.com/item?id=16678536)

~~~
jstanley
I don't understand?

They're getting back at Krebs by donating to a charity?

~~~
lweber
The word "Krebs" in German translates to crab as well as cancer. They are
donating to the charities that work against cancer and are commenting "Krebs
ist scheiße" which would translate to "Cancer is shit" as well as "[Brian
]Krebs is shit".

~~~
ChrisSD
But aren't they still, in essence, donating to charity to get back at Krebs?

~~~
lawl
I think it's more of a peaceful protest against his questionable journalism
practices rather than getting back at him.

But yes.

