Brannon Dorsey is an artist, programmer, and researcher who uses technology and reproducible electronic media to navigate difficult terrain. He employs open software tools to create experiences that excite and empower individuals and collaborative communities rather than create passive users/consumers. Brannon's work encourages a digital literacy that celebrates the truly profound technological era that we now live while remaining skeptical of the ways that this technology is being used on and against us.
Type of proposal
Talk
Description
When surfing the web, browsers download and execute arbitrary JavaScript code they receive from websites they visit. What if high-traffic websites served obfuscated code that secretly borrowed clock cycles from their client’s web browser as a means of distributed computing? In this talk I will present research on the topic of using web browsers as zero-configuration, trojan-less botnets. The presentation will include a brief history of botnets, followed by an overview of techniques to build and deploy command-and-control botnet clients that run in-browser.
I will present exhaustive research that simulates the potential compute power of such a botnet using publicly available user-agent statistics and web traffic analytics from popular websites. What if Facebook or Google ran unnoticeably small “jobs” on your browser whenever you visited their websites? How much “free” compute could be leveraged from 2 billion users annually? With the rise of distributed computing, such a technique could be exploited to train or run machine learning models, mine a blockchain, or DDoS target servers.
In this talk we will explore the idea that the design and function of the web browser presents an opportunity for inherent exploitation. We will discuss both the ethical and nefarious use of such browser-based botnets; How they may be used in the wild and what unique affordances such a technique presents. The preparation and original research for this talk will be extensive as very little information on the subject currently exists. The talk will feature a live demo that includes conference attendees and will be followed by an open discussion into the applications and implications of deploying browser-based botnetworks.
Duration (not needed for artworks)
20-30 minutes with 15 minutes for discussion & Q/A.
Workshop technical requirements and materials list (if applicable)
Browser as Botnet
Speaker Bio
Brannon Dorsey is an artist, programmer, and researcher who uses technology and reproducible electronic media to navigate difficult terrain. He employs open software tools to create experiences that excite and empower individuals and collaborative communities rather than create passive users/consumers. Brannon's work encourages a digital literacy that celebrates the truly profound technological era that we now live while remaining skeptical of the ways that this technology is being used on and against us.
Type of proposal
Talk
Description
When surfing the web, browsers download and execute arbitrary JavaScript code they receive from websites they visit. What if high-traffic websites served obfuscated code that secretly borrowed clock cycles from their client’s web browser as a means of distributed computing? In this talk I will present research on the topic of using web browsers as zero-configuration, trojan-less botnets. The presentation will include a brief history of botnets, followed by an overview of techniques to build and deploy command-and-control botnet clients that run in-browser.
I will present exhaustive research that simulates the potential compute power of such a botnet using publicly available user-agent statistics and web traffic analytics from popular websites. What if Facebook or Google ran unnoticeably small “jobs” on your browser whenever you visited their websites? How much “free” compute could be leveraged from 2 billion users annually? With the rise of distributed computing, such a technique could be exploited to train or run machine learning models, mine a blockchain, or DDoS target servers.
In this talk we will explore the idea that the design and function of the web browser presents an opportunity for inherent exploitation. We will discuss both the ethical and nefarious use of such browser-based botnets; How they may be used in the wild and what unique affordances such a technique presents. The preparation and original research for this talk will be extensive as very little information on the subject currently exists. The talk will feature a live demo that includes conference attendees and will be followed by an open discussion into the applications and implications of deploying browser-based botnetworks.
Duration (not needed for artworks)
20-30 minutes with 15 minutes for discussion & Q/A.
Workshop technical requirements and materials list (if applicable)
N/A
Artwork installation requirements (if applicable)
N/A
Performance requirements (if applicable)
N/A
Et cetera...
N/A