A group of computer science professors say they have discovered a technique that allows them to use cloud computing resources for free. They call the hack "Browser MapReduce."
InformationWeek's Thomas Claburn reported, "Computer scientists at North Carolina State University and the University of Oregon have demonstrated that it is possible to conduct large-scale cloud computing tasks anonymously at no cost by abusing cloud-based browsers, such as Amazon Silk, Cloud Browse, Opera Mini and Puffin. Their paper, 'Abusing Cloud-Based Browsers for Fun and Profit,' is scheduled to be presented on December 6 at the 2012 Annual Computer Security Applications Conference in Orlando, Fla."
Ars Technica's Dan Goodin explained, "By creating a customized browser that mimics Puffin, they were able to trick the cloud-based servers it relies on to count words, search for text strings, and carry out other tasks the service was never designed for—free and semi-anonymously. Out of ethical considerations, they limited both the scope and workload imposed on the cloud resources, but they warned less-scrupulous attackers could use similar techniques to perform powerful denial-of-service attacks and password cracks."
Dark Reading's Kelly Jackson Higgins added that the "proof-of concept used Google's MapReduce technique that allows parallel computing for performing fast computing in the cloud and the Puffin cloud-based browser service. They stored large data packets on URL-shortening sites to disguise the traffic between multiple nodes in order to test how the browsing service could be used for more than browsing."
NetworkWorld's Jon Gold wrote, "Used maliciously... the technique could provide hackers with vast, temporary and completely anonymous computing horsepower, allowing them to crack passwords or perform other nefarious tasks at great speed."