As promised, I am delivering on my promise of full transparency with this issue.
After a thorough investigation, we've determined how the improper pool credentials were being inserted into one customer's (DarkKnight) ZenController configuration. Each ZenController is tracked by its unique MAC address which is hard-coded into every device. The controller communicates with ZenMiner cloud servers and identifies itself via MAC and activation code. The device DarkKnight received was previously assigned to GAW Labs as one of their early test models. We've determined that the MAC was not properly removed/reallocated in the ZenMiner database, therefore the controller still thought that it belonged to GAW Labs. This is why the pool information inputted by the customer was constantly overwritten, the controller was doing what it was supposed to. Unfortunately, the device was not properly provisioned to the new owner.
Since this issue only affected an early test device that was assigned to GAW Miners at one in point in time, it makes sense why we didn't see this as a wide-spread issue and identify it sooner. All subsequent controllers sent out were "fresh" devices that had never previously been provisioned to anyone. That doesn't change the fact that one of our devices made it into the hands of a customer and caused unacceptable operation. We've since purged the database of any entries from legacy test devices and are working with GAW Miners to ensure any future devices that are shipped have no prior association in the database.
We sincerely apologize to DarkKnight and hope to regain his trust as well as the trust of the community we serve.
EDIT: I wanted to answer a very good question DarkKnight brought to me offline regarding how we'll be mitigating something like this in the future. We're currently redesigning our entire activation mechanism and implementing measures that would prevent one device from accidentally (or intentionally) being activated to another account without support intervention and the deletion of all prior account provisions to that device.
DarkKnight has agreed to test that this issue has been resolved and will post his findings when that time comes
After a thorough investigation, we've determined how the improper pool credentials were being inserted into one customer's (DarkKnight) ZenController configuration. Each ZenController is tracked by its unique MAC address which is hard-coded into every device. The controller communicates with ZenMiner cloud servers and identifies itself via MAC and activation code. The device DarkKnight received was previously assigned to GAW Labs as one of their early test models. We've determined that the MAC was not properly removed/reallocated in the ZenMiner database, therefore the controller still thought that it belonged to GAW Labs. This is why the pool information inputted by the customer was constantly overwritten, the controller was doing what it was supposed to. Unfortunately, the device was not properly provisioned to the new owner.
Since this issue only affected an early test device that was assigned to GAW Miners at one in point in time, it makes sense why we didn't see this as a wide-spread issue and identify it sooner. All subsequent controllers sent out were "fresh" devices that had never previously been provisioned to anyone. That doesn't change the fact that one of our devices made it into the hands of a customer and caused unacceptable operation. We've since purged the database of any entries from legacy test devices and are working with GAW Miners to ensure any future devices that are shipped have no prior association in the database.
We sincerely apologize to DarkKnight and hope to regain his trust as well as the trust of the community we serve.
EDIT: I wanted to answer a very good question DarkKnight brought to me offline regarding how we'll be mitigating something like this in the future. We're currently redesigning our entire activation mechanism and implementing measures that would prevent one device from accidentally (or intentionally) being activated to another account without support intervention and the deletion of all prior account provisions to that device.
DarkKnight has agreed to test that this issue has been resolved and will post his findings when that time comes