When Google scans a page, it looks at all links, embeds, etc. It will see the script address for the embed. After they decide that the script is taking up too much CPU (user reports and whatnot), they will flag it as malware. Any page that embeds the script will also be flagged as malware. This can lead to things like pre-visit warning dialogs within the browser.
That can be a big problem....
I agree, if Google did flag it as malware, it could be a problem.
However, I do not currently have a reason to believe that Google would flag this as malware. Because, as best as I know, this does not meet the definition of Malware.... if so, wouldn't Google have flagged Bitcoin.org as a distributor of malware, for having miner downloads on it's homepage?
I ask to provoke questions, and discussion. I've been thinking about this all morning, and as best as I can rationalize, this is not different and an ad server. Even Flash ads can, and do, consume your CPU like their is no tomorrow.
However, I am thinking, just as a good general thing, that we will start including the forceUIThread: true setting as part of the default scrip that the site gives new users. This way, by default, the scripts out in the wild are more "nice" than not... hopefully this will help ease a lot of concerns all the way around. And, as always, anyone wishing to force the jsMiner to use web workers and be more performant can either remove forceUIThread or explicitly set it to false.
What do you all think? Again, I do not claim to know what to do... but I do want to open up the discussion.
Keep up the feedback, I appreciate it.