Microsoft Bans Mining Cryptocurrency on Its Online Services

Microsoft has quietly banned cryptocurrency mining from its online services, and says it did so to protect all customers of its clouds. From a report: The Windows and Azure titan slipped the prohibition into an update of its Universal License Terms for Online Services that came into effect on December 1. That document covers any "Microsoft-hosted service to which Customer subscribes under a Microsoft volume licensing agreement," and on The Register's reading, mostly concerns itself with Azure.

Microsoft's Summary of Changes to the license states: "Updated Acceptable Use Policy to clarify that mining cryptocurrency is prohibited without prior Microsoft approval." Within the license itself there's hardly any more info. A section headed "Acceptable Use Policy" states: "Neither Customer, nor those that access an Online Service through Customer, may use an Online Service: to mine cryptocurrency without Microsoft's prior written approval."

Why does Microsoft care?

[imcdona]

Why would Microsoft care in the least with what you do with your purchased CPU cycles?

Re:

[Anonymous Coward]

My guess is because they don't want you running their CPUs hot near 100% utilization. It's like oversubscribing. They care because they're losing money on you.

Re:

[presidenteloco]

That can't be it. They could just adjust their pricing to make that infeasible for the computing tenant or profitable for microsoft.

It seems instead it must be political.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[WankerWeasel]

While you're paying for X processing power, I'm sure they calculate average use and know most are only making use of Y portion of their purchased processing power the majority of the time. Maxing out that all the time makes it less profitable and harder for them to calculate required resources.

You see similar calculations with ISPs. While they have enough bandwidth to support all users (when I worked for the cable company years ago, even if every user went full-speed at the same time, we'd only be using 60%

Re:

[Scoth]

I've only used AWS and a bit of GCP so I can't say how Azure uses it, but AWS mostly handles it through "CPU Credits". There's a certain baseline you're allowed to run All The Time, and if your CPU usage gets over a certain percentage you start using CPU credits. If you run out of those you're throttled on the amount of CPU you can use. These credits regenerate over time while usage is below the threshold. This lets you have a situation where a server is mostly idle or idlish but can handle spikes in traffi

Re:Why does Microsoft care?

[e3m4n]

hacked accounts. For years my Fail2Ban notices were quiet on my VoIP servers because I blocked every subnet outside of the US. Occasionally new smaller subnets would trigger Fail2Ban and I would learn of some small /17 getting assigned to RIPE or APNIC. Recently Ive been inundated with a swarm of Fail2Ban coming out of Microsoft IPs. Ive had to ban the entire major subnets assigned to Microsoft in groups as large as /12. Im certain the vast majority of this is a bot farm of hacked accounts.

Re:Why does Microsoft care?

[leonbev]

Probably because people would abuse their $200 in "free" Azure service credits by using them to mine crypto.

Google did something similar and cut off people trying to use the GCP trial credits to mine crypto as well.

Re: Why does Microsoft care?

[djp2204]

The conspiracy theorist in me wants to say: because Microsoft is a WEF partner and the future of CBDC is social credit style state control so you may only spend money on things the state approves of. Defi stands in opposite of that philosophy. But thats merely the conspiracy theorist in me

Fraud

[arosenfield]

Most types of cryptocurrency mining (particularly proof-of-work) are just not even close to economical in cloud computing these days, so there's very little incentive for legitimate users to want to do that in the first place.

Much of the cryptocurrency mining that does occur in the cloud is the result of fraud: customers have leaked/hacked credentials and then attackers secretly mine on the customer's dime for as long as they can until they're detected. Those fraudsters certainly aren't going to be dissuaded by new changes to the cloud service provider's Acceptable Use Policy.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[WankerWeasel]

That's a great point. Super easy service to defraud. It's almost totally self-serve, so they can simply sign up with a stolen credit card number, pump the service to mine crypto, send it off to their wallet, and by the time the cloud services provider realizes and shuts them down, they've got their crypto and they repeat it all over again with a new account and stolen card number.

Re:

[nasch]

If they have stolen credit cards, this seems like a roundabout and not very effective way to get money from them.

Re:

[e3m4n]

Which is why service companies typically dont bill in arrears. I realize things like hulu and netflix can be a bit confusing with their free trials, but you get invoiced and charged before the service plan period. That way if the card fails they can easily shut off service until payment is restored. Phone bills work the same way. Usually the recurring service is billed in advance, leaving only metered services billed in arrears like international or other metered usage. The reason these Azure, Amazon, etc

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[e3m4n]

please help me calculate what it would take to move a VoIP server into the cloud that served as a main call flow gateway for 900+ customers with varying number of employees conducting a varying number of calls, but averaging around 100 simultaneous calls during the day but less than 2 simultaneous calls after 8pm EST. In addition to the calls would be the occasional web portal access of customers making changes that writes out to a MariaDB. Because I have no way of knowing if its going to cost me $1200/mo o

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[tlhIngan]

Those fraudsters certainly aren't going to be dissuaded by new changes to the cloud service provider's Acceptable Use Policy.

But that also means Microsoft could detect that this is happening and stop the mining from happening, meaning Microsoft's services are less useful to steal from. So customers might not be running mining programs, but someone trying to use hacked credentials might, and Microsoft might stop those jobs from running so customers don't run up a huge bill all of a sudden.

It makes it easier to turn it off

[rsilvergun]

because Microsoft doesn't have to wait and confirm if the mining is legit. It's illegitimate by definition, so they can immediately suspend the account. This means they can start running automated systems to kill accounts mining crypto and not worry about accidently shutting off a "legitimate" customer.

Next step: misinformation

[groobly]

The next step will be other "dangerous" computations.

Odd that they'd do it now.

[Virtucon]

It's odd that they'd choose now to update their ToS. It can't be a capacity issue surely, maybe it's politically driven since now a lot of gov'ts are turning a yellow eye to crypto mining? I wonder if this will lead to other usage bans like storing those inappropriate photos you took on vacation.

more than just POW

[avandesande]

This could also be applied to people hosting sites that mine crypto on client machines such as through javascript

Does not cover Ethereum right?

[presidenteloco]

since that is low-computation proof-of-stake validation with staking rewards, not mining, right?

Does this new policy come with a definition of mining?