Search content
Sort by
Showing 5 of 5 results by CanaanInc.
Canaan Inc. Awarded Order from New Customer CleanSpark for Avalon A1566I Miners
Canaan Inc. is proud to partner with CleanSpark to deliver 3,800 Avalon A1566I Immersion Cooling Miners, each with up to 249 TH/s of computing power! 🌐 This collaboration supports CleanSpark’s high-efficiency operations and underscores Canaan’s commitment to advancing Bitcoin mining innovation in North America.
Read More: https://investor.canaan-creative.com/news-releases/news-release-details/canaan-inc-awarded-order-new-customer-cleanspark-avalon-a1566i
Read More: https://investor.canaan-creative.com/news-releases/news-release-details/canaan-inc-awarded-order-new-customer-cleanspark-avalon-a1566i
We're excited to share some useful resources for all Avalon Nano 3 users. We’ve just released a detailed Avalon Nano 3 Firmware Upgrade Guide to help you keep your device running smoothly. You can find the guide here https://youtu.be/IkU0ARpla3w?si=aa3OUTXO89rQHhgv.
Additionally, we've created a step-by-step Avalon Nano 3 Device Recovery video on YouTube to assist you with any recovery needs. Check it out https://youtu.be/l1Au9A9b-f8?si=pxmL_4owJxZRbESx.
If you have any questions or need any further assistance please do not hesitate to contact us.
Best,
The Canaan Inc. Team
Additionally, we've created a step-by-step Avalon Nano 3 Device Recovery video on YouTube to assist you with any recovery needs. Check it out https://youtu.be/l1Au9A9b-f8?si=pxmL_4owJxZRbESx.
If you have any questions or need any further assistance please do not hesitate to contact us.
Best,
The Canaan Inc. Team
We apologize for the inconvenience. Tomorrow, we will provide a brick rescue toolkit along with a guidance video. These resources are designed to assist you in updating and fixing your Nano 3. Thank you for your patience, we will keep you posted.
I download this firmware file to update my nano 3 but now bricked it and not hashing anymore. I need proper firmware file to update and fix my nano 3.
Anyone can help me please?
[/quote]
Same to me since yesterday. What a mess. I emailed them.
[/quote]
I download this firmware file to update my nano 3 but now bricked it and not hashing anymore. I need proper firmware file to update and fix my nano 3.
Anyone can help me please?
[/quote]
Same to me since yesterday. What a mess. I emailed them.
[/quote]
Dear Valued Customers,
Thank you for your continued support of Canaan and the Avalon Nano 3.
Since its launch, the Avalon Nano 3 has achieved impressive sales volumes and received a positive market response. This success has reinforced our confidence in contributing to the construction of the decentralized Bitcoin network.
Earlier this month, some vigilant community members reported potential security issues with the Avalon Nano 3. Our technical department promptly analyzed and evaluated these concerns. Through comprehensive analysis, we discovered a vulnerability in some of the Nano’s backend web pages related to unverified login credentials. Malicious Trojan programs within the LAN could exploit this vulnerability to submit mining pool configuration information to http://<yourIP>/get_home.cgi via the POST command, thereby stealing computing power. In response, we swiftly developed the necessary firmware updates and provided guidelines for using the Avalon Nano 3 in a secure network environment.
After urgent development and deployment efforts, the latest firmware version and Avalon Remote App were released on July 19, 2024. We request all Avalon Nano 3 users to update their Remote App to the latest version available on the Apple App Store and Google Play Store, and use it to upgrade the firmware on all Nano 3 devices in their local area network.
We sincerely thank our customers for their prompt feedback, which has been invaluable, and we've learned a lot. We are committed to continuously inspecting, analyzing, and enhancing the security of our products.
In designing the Nano, we have always respected user privacy and have not included any intentional backdoor programs. Starting in December, we will gradually open-source relevant programs and release open-source firmware to ensure enhanced security and transparency.
Additionally, we are offering a compensation plan for all customers who purchased the Avalon Nano 3 before July 19, 2024. Each Avalon Nano 3 will be eligible for a $10 coupon from the Canaan official store. Details on how to apply for this coupon will be provided in the next version of the Remote App. Please stay updated with the app for further information.
We firmly believe that the development of a decentralized network relies on the collective efforts of all blockchain participants. As a member of this community, Canaan remains dedicated to expanding the influence of blockchain technology, increasing the number of participants, and providing more convenient and user-friendly methods for blockchain engagement. Once again, we thank all our customers for their support, feedback, and encouragement. We will continue to strive to deliver better products to you.
Yours sincerely,
The Canaan Team
Thank you for your continued support of Canaan and the Avalon Nano 3.
Since its launch, the Avalon Nano 3 has achieved impressive sales volumes and received a positive market response. This success has reinforced our confidence in contributing to the construction of the decentralized Bitcoin network.
Earlier this month, some vigilant community members reported potential security issues with the Avalon Nano 3. Our technical department promptly analyzed and evaluated these concerns. Through comprehensive analysis, we discovered a vulnerability in some of the Nano’s backend web pages related to unverified login credentials. Malicious Trojan programs within the LAN could exploit this vulnerability to submit mining pool configuration information to http://<yourIP>/get_home.cgi via the POST command, thereby stealing computing power. In response, we swiftly developed the necessary firmware updates and provided guidelines for using the Avalon Nano 3 in a secure network environment.
After urgent development and deployment efforts, the latest firmware version and Avalon Remote App were released on July 19, 2024. We request all Avalon Nano 3 users to update their Remote App to the latest version available on the Apple App Store and Google Play Store, and use it to upgrade the firmware on all Nano 3 devices in their local area network.
We sincerely thank our customers for their prompt feedback, which has been invaluable, and we've learned a lot. We are committed to continuously inspecting, analyzing, and enhancing the security of our products.
In designing the Nano, we have always respected user privacy and have not included any intentional backdoor programs. Starting in December, we will gradually open-source relevant programs and release open-source firmware to ensure enhanced security and transparency.
Additionally, we are offering a compensation plan for all customers who purchased the Avalon Nano 3 before July 19, 2024. Each Avalon Nano 3 will be eligible for a $10 coupon from the Canaan official store. Details on how to apply for this coupon will be provided in the next version of the Remote App. Please stay updated with the app for further information.
We firmly believe that the development of a decentralized network relies on the collective efforts of all blockchain participants. As a member of this community, Canaan remains dedicated to expanding the influence of blockchain technology, increasing the number of participants, and providing more convenient and user-friendly methods for blockchain engagement. Once again, we thank all our customers for their support, feedback, and encouragement. We will continue to strive to deliver better products to you.
Yours sincerely,
The Canaan Team
⭐ Merited by willi9974 (1)
We sincerely thank you for your feedback regarding the relevant security issues. Your feedback will help make the Avalon Nano 3 better and better. We apologize for the problem that occurred. Upon seeing your tweet, we immediately gathered our R&D Team to analyze and evaluate the relevant issues.
1. We discovered that the Nano's web backend had an issue where the login username and password were not verified. Malicious trojans in the local network could exploit this vulnerability to submit mining pool configuration information through a POST command to http://<yourIP>/get_home.cgi without logging in, thus stealing hash power. We have started developing the necessary firmware and expect to fix this vulnerability and release the new firmware by July 19.
2. The Nano's design purpose is relatively simple. It runs on a real-time operating system (FreeRTOS), which is not a complex professional network device and is only suitable for secure home intranets. We recommend enabling the router's firewall and not mapping the Nano host to a public IP address to prevent external hackers from directly accessing the Nano. It is also necessary to regularly check for malicious programs in the home network environment. In safe network environments without trojans, such as non-hotel or library public networks, the Nano is secure.
3. In the design of Nano, we respect users' privacy and will never set any backdoor programs. Canaan's products and services are always subject to local and international regulations regarding cybersecurity and data privacy. Canaan remains transparent by disclosing our source codes and encourages industry monitoring of potential vulnerabilities. We are committed to continually improving our products and services.
4. Starting in December, we will gradually open-source the relevant programs and release open-source firmware to ensure that all programs have better security and are compilable.
5. We appreciate every customer's understanding and support. The sales of Nano 3 have far exceeded our expectations, which is due to our customers' high expectations and recognition of us. We are very sorry for the issues that have arisen. Therefore, we will launch a compensation plan together with the release of the new firmware.
Please join our official telegram group https://t.me/Canaanio
1. We discovered that the Nano's web backend had an issue where the login username and password were not verified. Malicious trojans in the local network could exploit this vulnerability to submit mining pool configuration information through a POST command to http://<yourIP>/get_home.cgi without logging in, thus stealing hash power. We have started developing the necessary firmware and expect to fix this vulnerability and release the new firmware by July 19.
2. The Nano's design purpose is relatively simple. It runs on a real-time operating system (FreeRTOS), which is not a complex professional network device and is only suitable for secure home intranets. We recommend enabling the router's firewall and not mapping the Nano host to a public IP address to prevent external hackers from directly accessing the Nano. It is also necessary to regularly check for malicious programs in the home network environment. In safe network environments without trojans, such as non-hotel or library public networks, the Nano is secure.
3. In the design of Nano, we respect users' privacy and will never set any backdoor programs. Canaan's products and services are always subject to local and international regulations regarding cybersecurity and data privacy. Canaan remains transparent by disclosing our source codes and encourages industry monitoring of potential vulnerabilities. We are committed to continually improving our products and services.
4. Starting in December, we will gradually open-source the relevant programs and release open-source firmware to ensure that all programs have better security and are compilable.
5. We appreciate every customer's understanding and support. The sales of Nano 3 have far exceeded our expectations, which is due to our customers' high expectations and recognition of us. We are very sorry for the issues that have arisen. Therefore, we will launch a compensation plan together with the release of the new firmware.
Please join our official telegram group https://t.me/Canaanio
There is probably a backdoor in the firmware. An attacker can change the custom root password (no, it's not root in my case, it's a complex one) or there is a manufacturer password. Stay behind your firewall and do not open any ports to the outside.
Furthermore, the current firmware file 2024032701_110811(Download at Canaan offical) https://www.canaan.io/tmp/file/heaternano3slaverk2102024032701110811-61ee.zip does not make any visible changes and worse, does not change the firmware version in the API or the web backend.
http://<yourIP>/get_home.cgi
API data can be accessed without a password. For example, the Wifi SSID, the mining address, firmware, temperature, pool and so on.
My pool address changed several times. Always directed to https://web.public-pool.io/#/ with changing receiving addresses, but with my own worker name (after the .)
Be careful.
However, one thing is quite funny: the hacker or bot relies on solo mining. Not a good source of income.
Furthermore, the current firmware file 2024032701_110811(Download at Canaan offical) https://www.canaan.io/tmp/file/heaternano3slaverk2102024032701110811-61ee.zip does not make any visible changes and worse, does not change the firmware version in the API or the web backend.
http://<yourIP>/get_home.cgi
API data can be accessed without a password. For example, the Wifi SSID, the mining address, firmware, temperature, pool and so on.
My pool address changed several times. Always directed to https://web.public-pool.io/#/ with changing receiving addresses, but with my own worker name (after the .)
Be careful.
However, one thing is quite funny: the hacker or bot relies on solo mining. Not a good source of income.