I received an answer to a PM I sent to Bitmain/BitmainWarranty:
RE: Sorry for the frustration
Update.
The fix is still worked on.
Thank you for posting the sample firmware from your S2.
The usual lies. My reply (some details retracted):
Bitmain & BitmainWarranty,
For the last
TWO months you have been saying the same thing - we are now at the stage where your users are becoming increasingly suspicious as to
why you are delaying the firmware update.
It simply does not take two months to compile & test a firmware image, especially when the only change is an updated cgminer. The cgminer devs are able to compile updates to cgminer
within a few hours, so why is it taking you months?
The security vulnerability that enables the stratum redirect attack (some victims of this attack have posted details on this forum) was fixed in cgminer on May 2nd 2014 -
over 5 months ago - yet Bitmain have continued to use the vulnerable version in all their miners since then, even the S3's and original S4's came with the older cgminers installed.....
why? What possible reason would a mining manufacturer insist on using a particular version of cgminer knowing that they are vulnerable to having their work redirected to a different pool without the users knowledge? There can be only one possible answer - and that is that you, Bitmain, and others
want to keep this vulnerability for your own nefarious purposes, and have been deliberately delaying the release of the fixed version so as to enable you to continue to redirect users hashes to your own particular pool accounts for personal gain at your users expense.
Bitmain are now paying someone to repeat your excuses & post inaccurate answers on your threads, the fact that this same person also writes manufacturers trustworthiness guides on bitcointalk is not only very concerning, but also a blatant attempt to deter him from giving an accurate account of your failings. Basically - you're paying him off. Maybe if you had employed the cgminer developers instead, you would have been able to fix your firmware issues many months ago -
but then you wouldn't have had your little "back door" into thousands of miners would you?Once again I will remind you of the promise you made to the community & your thousands of users
2 months ago:
Dear Community,
Our truly apologies for the mis-understanding reported in this Support Thread. We are very willing to share the cgminer code to the Community.
Just reviewed our internal resource again, there is a little mis-communicaton between Customer Service Team and R&D Department. We thought this task was done 3 weeks ago..
However, R&D Department is repacking the cgminer code and will upload it to GitHub.com in 3 hours.
Any advice from the Community and Global Customers is appreciated, feel free to contact us via PM or
info@bitmaintech.com.
Thank you!
Cgminer 3.12.0 has been uploaded,
https://github.com/bitmaintech/cgminer.
The latest version will be updated in 2 weeks.Have you traced the connections coming from your miners and seen them going anywhere else than what is expected??? PM me if you are unsure how to do this, I would be glad to help.
Interesting theory, but let's put forth some concrete evidence before making accusations.