Microsoft Bans Mining Cryptocurrency on Its Online Services

Microsoft has quietly banned cryptocurrency mining from its online services, and says it did so to protect all customers of its clouds. From a report: The Windows and Azure titan slipped the prohibition into an update of its Universal License Terms for Online Services that came into effect on December 1. That document covers any "Microsoft-hosted service to which Customer subscribes under a Microsoft volume licensing agreement," and on The Register's reading, mostly concerns itself with Azure.

Microsoft's Summary of Changes to the license states: "Updated Acceptable Use Policy to clarify that mining cryptocurrency is prohibited without prior Microsoft approval." Within the license itself there's hardly any more info. A section headed "Acceptable Use Policy" states: "Neither Customer, nor those that access an Online Service through Customer, may use an Online Service: to mine cryptocurrency without Microsoft's prior written approval."

Why does Microsoft care?

[imcdona]

Why would Microsoft care in the least with what you do with your purchased CPU cycles?

Re:

[Anonymous Coward]

My guess is because they don't want you running their CPUs hot near 100% utilization. It's like oversubscribing. They care because they're losing money on you.

Re:

[presidenteloco]

That can't be it. They could just adjust their pricing to make that infeasible for the computing tenant or profitable for microsoft.

It seems instead it must be political.

Re:Why does Microsoft care?

[Ed Tice]

They don't care if you do it with prior approval. The reason they don't want crypto-miners is that mining crypto-currency is not economical. And it's even less-economical when using cloud computing resources (since those are more expensive so that the cloud provider can make a profit). The only way to make money crypto-mining using a service like Azure is to skip out on the bill one way or an other. Fraud has already been mentioned by another poster. But it doesn't necessarily even have to be fraud. Could just be somebody who is incompetent, runs up a huge bill, and can't pay it. The payment might become uncollectable. I assume "approval" here really means a deposit and credit check.

Re:

[WankerWeasel]

While you're paying for X processing power, I'm sure they calculate average use and know most are only making use of Y portion of their purchased processing power the majority of the time. Maxing out that all the time makes it less profitable and harder for them to calculate required resources.

You see similar calculations with ISPs. While they have enough bandwidth to support all users (when I worked for the cable company years ago, even if every user went full-speed at the same time, we'd only be using 60%

Re:

[Scoth]

I've only used AWS and a bit of GCP so I can't say how Azure uses it, but AWS mostly handles it through "CPU Credits". There's a certain baseline you're allowed to run All The Time, and if your CPU usage gets over a certain percentage you start using CPU credits. If you run out of those you're throttled on the amount of CPU you can use. These credits regenerate over time while usage is below the threshold. This lets you have a situation where a server is mostly idle or idlish but can handle spikes in traffi

Re:Why does Microsoft care?

[e3m4n]

hacked accounts. For years my Fail2Ban notices were quiet on my VoIP servers because I blocked every subnet outside of the US. Occasionally new smaller subnets would trigger Fail2Ban and I would learn of some small /17 getting assigned to RIPE or APNIC. Recently Ive been inundated with a swarm of Fail2Ban coming out of Microsoft IPs. Ive had to ban the entire major subnets assigned to Microsoft in groups as large as /12. Im certain the vast majority of this is a bot farm of hacked accounts.

Re:Why does Microsoft care?

[leonbev]

Probably because people would abuse their $200 in "free" Azure service credits by using them to mine crypto.

Google did something similar and cut off people trying to use the GCP trial credits to mine crypto as well.

Re: Why does Microsoft care?

[djp2204]

The conspiracy theorist in me wants to say: because Microsoft is a WEF partner and the future of CBDC is social credit style state control so you may only spend money on things the state approves of. Defi stands in opposite of that philosophy. But thats merely the conspiracy theorist in me

Fraud

[arosenfield]

Most types of cryptocurrency mining (particularly proof-of-work) are just not even close to economical in cloud computing these days, so there's very little incentive for legitimate users to want to do that in the first place.

Much of the cryptocurrency mining that does occur in the cloud is the result of fraud: customers have leaked/hacked credentials and then attackers secretly mine on the customer's dime for as long as they can until they're detected. Those fraudsters certainly aren't going to be dissuaded by new changes to the cloud service provider's Acceptable Use Policy.

Re:Fraud

[Ed Tice]

The other type of fraud is to simply skip out on the bill. Think the new high-tech form of "dine and dash." Sign up for an account using a credit card with a low limit (or maybe a gift card). Most cloud services are invoiced at the end of the month. It can be very hard for a cloud provider to recover payment if a customer defaults.

Re:

[WankerWeasel]

That's a great point. Super easy service to defraud. It's almost totally self-serve, so they can simply sign up with a stolen credit card number, pump the service to mine crypto, send it off to their wallet, and by the time the cloud services provider realizes and shuts them down, they've got their crypto and they repeat it all over again with a new account and stolen card number.

Re:

[nasch]

If they have stolen credit cards, this seems like a roundabout and not very effective way to get money from them.

Re:

[e3m4n]

Which is why service companies typically dont bill in arrears. I realize things like hulu and netflix can be a bit confusing with their free trials, but you get invoiced and charged before the service plan period. That way if the card fails they can easily shut off service until payment is restored. Phone bills work the same way. Usually the recurring service is billed in advance, leaving only metered services billed in arrears like international or other metered usage. The reason these Azure, Amazon, etc

Re:

[Ed Tice]

My AWS, GCP, and Azure accounts all bill in arrears. I've never had a bill of more than about $5. I know people who have personal bills of about $3k/month that they expense. And, of course, our corporate account pays an insane amount of money (much to my chagrin). All of it is billed in arrears. I have never had trouble estimating AWS bills for things that I intentionally deployed. The billing is hard to decipher because the line items aren't hyperlinks. I have deleted servers before and inadvertentl

Re:

[e3m4n]

please help me calculate what it would take to move a VoIP server into the cloud that served as a main call flow gateway for 900+ customers with varying number of employees conducting a varying number of calls, but averaging around 100 simultaneous calls during the day but less than 2 simultaneous calls after 8pm EST. In addition to the calls would be the occasional web portal access of customers making changes that writes out to a MariaDB. Because I have no way of knowing if its going to cost me $1200/mo o

Re:

[Ed Tice]

If you are doing a "lift and shift," you don't pay based on CPU cycles or memory consumption. Your cpu/memory is pre-selected and you pay a monthly fee based on your VM size. And you pay for those CPUs whether you use them or not. The only way you have a variable cpu/memory bill is if you have a mechanism to add/remove VMs automatically as load fluctuates. As far as disk space, again, you pay for a pre-configured size. For your bandwidth, it's like $10 / terabyte and you should already know your monthl

Re:

[tlhIngan]

Those fraudsters certainly aren't going to be dissuaded by new changes to the cloud service provider's Acceptable Use Policy.

But that also means Microsoft could detect that this is happening and stop the mining from happening, meaning Microsoft's services are less useful to steal from. So customers might not be running mining programs, but someone trying to use hacked credentials might, and Microsoft might stop those jobs from running so customers don't run up a huge bill all of a sudden.

It makes it easier to turn it off

[rsilvergun]

because Microsoft doesn't have to wait and confirm if the mining is legit. It's illegitimate by definition, so they can immediately suspend the account. This means they can start running automated systems to kill accounts mining crypto and not worry about accidently shutting off a "legitimate" customer.

Next step: misinformation

[groobly]

The next step will be other "dangerous" computations.

Odd that they'd do it now.

[Virtucon]

It's odd that they'd choose now to update their ToS. It can't be a capacity issue surely, maybe it's politically driven since now a lot of gov'ts are turning a yellow eye to crypto mining? I wonder if this will lead to other usage bans like storing those inappropriate photos you took on vacation.

more than just POW

[avandesande]

This could also be applied to people hosting sites that mine crypto on client machines such as through javascript

Does not cover Ethereum right?

[presidenteloco]

since that is low-computation proof-of-stake validation with staking rewards, not mining, right?

Does this new policy come with a definition of mining?