back to article GitLab tries to address crypto-mining abuse by requiring card details for free stuff

In a bid to tackle cryptocurrency miners slurping free pipeline minutes, GitLab will expect users to provide a valid credit or debit card number to use shared runners on its platform. The move, which the company admitted was "imperfect", is the latest salvo in the ongoing battle between GitLab and other CI/CD providers against …

  1. Anonymous Coward
    Anonymous Coward

    Sorry, but I have no sympathy with so-called "coders" who don't want to identify themselves or provide financial verification that they are legal adults with the means to pay for what they are using.

    There are a lot of people in this industry who think everything should be free for their own personal use. Well, if something is given away, it is going to come with restrictions, and seeing as you're not paying for it, you have no right to complain about what KIND of restrictions the offer comes with. If you don't like the free offer, you can always pay for services to your liking.

    1. Yet Another Anonymous coward Silver badge

      There are reasons why you might want to test cloud services without putting in your credit card.

      Remember the story from a month ago where some startup used service X with a limit of $50 but it made some calls against service Y which cost $$$$$ and bankrupted them.

      I always do tests with a reloadable visa gift card and throwaway name/email address

      1. gobaskof

        I understand the need to limit abuse, but this is a great shame. We run a collaborative project with numerous African partners. It is good if pipelines run on a fork so we cannot enable group runners. It is common in some partner countries for members not to have a credit or debit cards, with many banking through their phone.

  2. Anonymous Coward
    Anonymous Coward

    So, is the way to thwart criptomining abuse to offer a free service to check the validity of stolen credit card data?

    This will not end well.

  3. Mike 137 Silver badge

    Might not even be lawful

    "GitLab will expect users to provide a valid credit or debit card number to use shared runners on its platform."

    Under the dreaded GDPR, it's quite possibly not allowable to collect payment card details (which are personal data) where no payment is required for provision of the service. Some other control that doesn't involve personal data which is not strictly necessary for provision of the service would be lawful. As if MS actually cared about the legality of this though...

    1. Dvon of Edzore
      Big Brother

      Re: Might not even be lawful

      Then the $1 "verification fee" will actually be charged, and to everyone, with the disclaimer "The EU made us do this."

    2. doublelayer Silver badge

      Re: Might not even be lawful

      "As if MS actually cared about the legality of this though..."

      Research failure. It's Gitlab, not Github. MS owns Github. Gitlab made the change.

  4. Snake Silver badge

    Crypto code

    I would have thought that mining has certain types of maths encoded into the runtime, repeated frequently, and an "AI" system bot could be designed to detect this running on a system. The runtime could then be highlighted for examination by humans, and warnings given to the users in question.

    In other words, an "anti-crypto antivirus' hypervisor. Between the system resources used and the maths looped, certainly something should be able to be figured out.

    But to me it sounds like the industry would rather take a shortcut than apply a (admitting more complex) skillset to solve the problem.

  5. Terafirma-NZ


    While you still have to pay I'm surprised that Dropbox still has their unlimited storage with Chia mining about now can't be long before someone signs up for the 3 user unlimited plan and throws in 1Pb of plots. No not a free tier but I'm pretty sure the $65 per month isn't going to cover that storage cost.

    Then again I'm sure it's already losing $$ given the number of people I know who use it as a backup service for 100's of Tb.

    Or did I just break ]some unspoken rule of making someone aware of this (I'm sure not how many "Unlimited" cloud storage products have come and gone over the years).

    1. foxyshadis

      Re: Dropbox

      Someone's going to try it at some point, and run smack into the main problem: Dropbox will just ban them based on the acceptable use policy as their upload gets ludicrously large. To sign up you also have to pay a minimum of $1200 (5 users for 1 year) and submit proof of your status as a business. They don't let you do unlimited personal anymore.

      Backblaze is another unlimited-ish option, but the problem there is that restores are glacially slow, even for one file. I wouldn't be surprised if cold data on Dropbox was treated the same way.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like