Much like AAA videogame companies, who have taken to stuffing full-price games with the microtransaction monetization systems formerly only found in free-to-play titles, it looks like the greed is contagious and spreading, with Showtime's paid-subscription service sites sporting bitcoin-mining scripts... until someone started asking questions, at which time the script (but not its evidence) very quietly vanished. You know, because that's not suspicious
at all.
From Gizmodo:
Over the weekend, a user on Twitter pointed out that two of Showtime’s websites had a script running in the background that’s used to hijack visitors’ CPUs to mine cryptocurrency. Other users and outlets later confirmed that the code was present. Now it’s gone, and Showtime refuses to answer questions.
Cryptocurrency miners have been in the news recently because The Pirate Bay caught some flak about a week ago for testing out a new service called Coinhive without informing users. The Coinhive miner uses the website visitors’ extra CPU power to generate a cryptocurrency called Monero (it’s like bitcoin but more private).
This isn’t necessarily a nefarious thing to do. Coinhive is trying to present itself as a novel and legitimate way for websites to make some money from visitors. The company takes 30 percent of the Monero that’s mined by users’ CPUs and the website keeps the rest. It could be a nice way to avoid advertising—but it’s not cool to do this without getting users’ permission.
[...]
We reached out to Showtime earlier this afternoon to ask if this script was included intentionally or if an outside actor had perhaps hacked its website. After multiple attempts to get an answer, a spokesperson for Showtime bluntly replied, “We decline comment.”
If Showtime intentionally included the script, it would be a less worrisome situation. As we said, this code isn’t necessarily bad, it just takes up some of your processing power. But even though Coinhive is just a couple of weeks old, researchers
have found that malware developers have quickly begun to add it to their toolbox of scams. Coinhive doesn’t endorse that kind of usage and has explicitly
voiced its disapproval for using its service without notifying users.
Now, it could be that Showtime are being overly cautious about commenting on this situation for fear that it would create additional legal liability for them; after the Equifax hack (and the obvious negligence that first made it possible, and then made it worse), companies might just be walking on eggshells, so to speak.
Coinhive isn't necessarily harmful, in and of itself, and if Showtime were willing to let people stream content from their site for free, while monetizing with bitcoin mining, I'd be totally down with that. A deal where I "pay" for content with "work" (in the form of excess CPU cycles making money for the content provider) is an eminently fair alternative to advertising support... if they've let me know that it's happening.
But the lack here, not only of informed consent, but of any kind of information at all, is a real problem. If Showtime want to make a deal in which we pay for content by mining bitcoin, then that's fine, but they have to tell us they're doing that... and it looks very much like someone at Showtime decided to use their customers as a bitcoin-mining resource without asking their permission, or even telling them that it was happening.
And this is when I remind you that Showtime is a premium cable channel (i.e. subscriber-only), while Showtime Anytime is a paid subscription service... both of them owned by CBS, who have another paid-subscription streaming service that they're prominently
bundling together with the latest Star Trek series. These were
paying customers from whom extra value was being secretly extracted in the form of bitcoin, a situation about which Showtime is now refusing comment. That's several different levels of next-level bullshit.