Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Antbleed: A remote shutdown backdoor in antminers
by
Yakamoto
on 26/04/2017, 22:14:43 UTC
Quote from: zerosumking on April 26, 2017, 09:59:04 PM
Quote from: Yakamoto on April 26, 2017, 09:56:30 PM
Quote from: achow101 on April 26, 2017, 09:22:30 PM
Quote
Antbleed is a backdoor introduced by Bitmain into the firmware of their bitcoin mining hardware Antminer.

The firmware checks-in with a central service randomly every 1 to 11 minutes. Each check-in transmits the Antminer serial number, MAC address and IP address. Bitmain can use this check-in data to cross check against customer sales and delivery records making it personally identifiable. The remote service can then return "false" which will stop the miner from mining.

Read http://www.antbleed.com/ for more info

The shutdown backdoor has been independently tested by multiple people.
So we know that the backdoor allows for there to be a false shutdown command sent to miners, is there any idea what other kinds of exploits are possible off of this, beyond some potential shenanigans happening with miner's hardware?

I'm looking through it and I'm not seeing anything that says anything about further potential implications of this bug. I don't believe it would be possible to take remote control of the hardware through this, would it?

I'm reading that they could also do a remote reflash of the firmware and potentially brick the hardware.
This is something I was wondering about. Considering that they have the potential to shutdown hardware I would be surprised if there wasn't the possibility for them to start bricking hardware as well. I hope that Antminer gets this fixed, but it sure as hell might cause issues for a lot of people using their hardware if this doesn't start to get fixed quickly. Constant shutdowns and restarts aren't something that a miner wants to deal with a lot of the time, and a bricked piece of hardware is definitely not something they want.