It’s happening on other services that provide compute power.
We’re affected in at least these ways:
- Low project container CPU quota. This must be at least part of the reason why the CPU quota is so low. A higher quota would get chewed up by miners and leave less for other projects. But with the low quota, everything non-mining we do is slow.
- A project that I invested a lot of time into now can’t be hosted on Glitch because a piece of data received over the network (never executed, to be clear) had contained a word that triggers Glitch’s crypto miner detection. Staff said this scenario is rare though, in comparison to true positive detections.
This is something I want to talk to the community and the Glitch team about. Here are some questions to start us off.
- How prevalent is this kind of abuse on Glitch currently?
- What’s the situation of the arms race between detecting this abuse and concealment/evasion?
- What guidance is there for projects that deal with non-executable data from external sources such as user-generated content?
- General sentiment, do you think any service that provides compute will survive this?
- Philosophically, is it a good thing to be exploring how to do things on Glitch other than write pure Node.js code from scratch in a web based editor? Findings might end up making it easier for greedy users to mine.