|
|
bitspill
Legendary
 Offline
Activity: 2087
Merit: 1015
|
 |
June 27, 2016, 05:56:11 AM |
|
It does indeed appear to be a windows build of gominer however I cannot yet verify if it's a modified or original version, I''m not aware of any golang decompilers but I did see the username of whomever compiled it is "User.One" so that doesn't mean much. Do you use the --api-addr option at all? siad should not be listenning on the open internet but rather only localhost |
|
|
|
|
Justicemaxx
|
|
June 27, 2016, 06:11:11 AM |
|
Do you use the --api-addr option at all? siad should not be listenning on the open internet but rather only localhost
I used to run "siad --api-addr .... my IP:9980 computer to the led had access to the Internet through Wi-Fi connectivity. I was prescribed a rule for the router on how to port 9980 is forwarded to the IP of the computer with the wallet. |
|
|
|
|
l8orre
Legendary
Offline
Activity: 1181
Merit: 1018
|
|
June 27, 2016, 11:25:18 AM |
|
Siafunds?
Can anyone maybe give some links to details on what the role of the Siafunds is, and how they integrate into the whole platform?
Thanks!
update: I just found my way to the slack, but if anyone has some links please post them anyway!
|
|
|
|
|
|
Justicemaxx
|
|
June 27, 2016, 12:41:49 PM |
|
Attention GO miner SIA has a serious vulnerability, it allows an attacker to remotely monitor mining on computers and redirecting the transaction in your wallet and in the wallet of the attacker. In detail, I could be wrong, but the circumstances are about.
Ask yourself the question of why the unknown speed of the network is SIA? Think about the type of algorithm. Who can it be profitable? .... large manipulations.
|
|
|
|
|
allejuppa
Newbie
Offline
Activity: 14
Merit: 0
|
|
June 27, 2016, 02:25:08 PM |
|
Attention GO miner SIA has a serious vulnerability, it allows an attacker to remotely monitor mining on computers and redirecting the transaction in your wallet and in the wallet of the attacker. In detail, I could be wrong, but the circumstances are about.
Ask yourself the question of why the unknown speed of the network is SIA? Think about the type of algorithm. Who can it be profitable? .... large manipulations.
Seriously dude, gominer is open source and the reason there are no binaries released is exactly to prevent stupid statements like this. Read through the code yourself, it are only a few files in go code and validate yourself that the above statement is bullshit. |
|
|
|
|
allejuppa
Newbie
Offline
Activity: 14
Merit: 0
|
|
June 27, 2016, 02:33:11 PM |
|
I must say that a lot of people do not know how to build gominer resulting in them looking for binaries through other sources.
I'll start publishing binaries when the current development version turns out to be stable.
|
|
|
|
|
|
PapillonV
|
|
June 27, 2016, 02:46:48 PM |
|
How to save a backup of the wallet?
|
|
|
|
|
|
king_pin
|
|
June 27, 2016, 02:59:39 PM
Last edit: June 27, 2016, 03:18:08 PM by king_pin |
|
Attention GO miner SIA has a serious vulnerability, it allows an attacker to remotely monitor mining on computers and redirecting the transaction in your wallet and in the wallet of the attacker. In detail, I could be wrong, but the circumstances are about.
Ask yourself the question of why the unknown speed of the network is SIA? Think about the type of algorithm. Who can it be profitable? .... large manipulations.
IDK if GOminer originally has this vulnerability or if at all it is GOminer but he is right. Someone is stealing mined blocks like hot bread, maybe there are hacked builds over the net, but miners have reported to me dozens of stolen block rewards. Immediately after the 144th confirmation the block reward gets transferred with a red $ icon instead of red heart in the GUI wallet, the console wallet shows it as a normal transaction (IDK what the difference is) and with the block chain conveniently not working it is impossible to know. I think it is time the developers address this issue!  |
|
|
|
|
Taek (OP)
|
|
June 27, 2016, 03:18:44 PM |
|
Hey, developer here.
The best I can tell, most miners who are having blocks stolen from them are exposing their API over the public Internet. If you run `siad -a ipaddress:port`, anyone on the internet can see your API and take your coins. Some attacker is scanning the nodes on the network and looking for miners who have improperly configured their siad.
That's not a security vulnerability as much as it is a usability problem. You are essentially giving the attacker your seed, password, and full access to your wallet, your files, and your whole Sia identity when you this.
|
|
|
|
|
|
king_pin
|
|
June 27, 2016, 03:22:10 PM
Last edit: June 27, 2016, 03:37:12 PM by king_pin |
|
How is it not a security vulnerability?! I am mining with 5-6 rigs locally, I am not using a public IP:port and port forwarding or SSL tunneling, but mining on a local network.Yet still the attacker is able to steal my coins. Only way he can not steal them (I think he cant) is when mining on LOCALHOST, and wallets that are not used for mining at least for now are protected. You are talking about releasing v1.0 of a wallet which is 100% hack-able ... wtf... let alone creating a pool.  |
|
|
|
|
Taek (OP)
|
|
June 27, 2016, 03:52:27 PM |
|
How is it not a security vulnerability?! I am mining with 5-6 rigs locally, I am not using a public IP:port and port forwarding or SSL tunneling, but mining on a local network.Yet still the attacker is able to steal my coins. Only way he can not steal them (I think he cant) is when mining on LOCALHOST, and wallets that are not used for mining at least for now are protected. You are talking about releasing v1.0 of a wallet which is 100% hack-able ... wtf... let alone creating a pool. Check your ports. What software are you using? If you are not using the official miner binaries, there may be malware. But more likely, the attacker has somehow gotten past your firewall some other way and is able to query your network. We've only had reports of miners getting their coins stolen. Most up until this point have later confessed that they were serving the API over the public internet with their wallet unlocked. (Wallet does need to be unlocked to mine - this is something we can address, but it will take time). The first reports of theft were only a few weeks ago. It's a new set of attacks, but largely the problem seems to be miners doing insecure practices. I want to work with you to figure out how the attacker is getting access to your wallet. You need to know though, that after the attacker has stolen coins once, he will be able to steal them again as many times as he wants without access to your API, because the attacker will have the wallet seed. Once the attacks start, the only protection is to get a completely new wallet and hope you can transfer your coins to it before the attacker takes them. Can you tell me more about the attack though? How many coins are getting stolen? Are you using the v0.5.2 GUI, because that has some bugs in the way it talks to the wallet, and sometimes reports transactions as 'negative' erroneously. The best way to know your balance and know the status of the miner is to use `siac`. |
|
|
|
|
|
cmbartley
|
|
June 27, 2016, 03:55:35 PM |
|
Hey, developer here.
The best I can tell, most miners who are having blocks stolen from them are exposing their API over the public Internet. If you run `siad -a ipaddress:port`, anyone on the internet can see your API and take your coins. Some attacker is scanning the nodes on the network and looking for miners who have improperly configured their siad.
That's not a security vulnerability as much as it is a usability problem. You are essentially giving the attacker your seed, password, and full access to your wallet, your files, and your whole Sia identity when you this.
It's about time for the devs to explain why the blockchain explorer is offline. |
|
|
|
|
|
|
|
king_pin
|
|
June 27, 2016, 04:17:09 PM
Last edit: June 27, 2016, 04:29:32 PM by king_pin |
|
Check your ports. What software are you using? If you are not using the official miner binaries, there may be malware. But more likely, the attacker has somehow gotten past your firewall some other way and is able to query your network. We've only had reports of miners getting their coins stolen. Most up until this point have later confessed that they were serving the API over the public internet with their wallet unlocked. (Wallet does need to be unlocked to mine - this is something we can address, but it will take time).
The first reports of theft were only a few weeks ago. It's a new set of attacks, but largely the problem seems to be miners doing insecure practices.
I want to work with you to figure out how the attacker is getting access to your wallet. You need to know though, that after the attacker has stolen coins once, he will be able to steal them again as many times as he wants without access to your API, because the attacker will have the wallet seed. Once the attacks start, the only protection is to get a completely new wallet and hope you can transfer your coins to it before the attacker takes them.
Can you tell me more about the attack though? How many coins are getting stolen? Are you using the v0.5.2 GUI, because that has some bugs in the way it talks to the wallet, and sometimes reports transactions as 'negative' erroneously. The best way to know your balance and know the status of the miner is to use `siac`.
I am using Sia-v0.6.0-beta-windows-amd64 original (btw the intel version always crashes around block 37000, so using a AMD PC for server). I am binding siad to internalIP:port and starting to mine. I than copied my wallet on my own PC with Sia-UI-win32-x64 original GUI for easy use. I am mining at a business center I think they have some protection but IDK. I am using Win8.1 and I have to allow siad in my firewall so basically I don't think I have any protection. All ports are closed now but when I got my first block stolen a few days back I was mining over the internet and there was a port to my siad, so attacker might know my IP but everything is closed now (learned from my mistake), and I am using a new wallet on a different PC. I don't think miner software is to blame! This is the third time this has happened. First two I used GOminer from a friend I thrust, last time used my own build from official miner. Before I start mining I send to my wallet some Siacoins for testing end even before I caught my first block they got transferred without me issuing a transfer. The weird thing is (PLEASE EXPLAIN THIS) is why the hacker transaction gets displayed with a red $ instead of a red heart in the GUI wallet? I have been hacked 4 times now and got two blocks stolen Only wallets that haven't been hacked are the once mining at LOCALHOST and the once that are not mining (they are in the same building) |
|
|
|
metropolit
Sr. Member
Offline
Activity: 308
Merit: 250
Lisk will be #1 alt in 2019.
|
|
June 27, 2016, 07:36:13 PM |
|
Tomorrow is a big day for Siacoin! I really hope wallet launching will go ok and the mainstream media will get the news about decenralised, encrypted hosting which is cheaper than Google and Amazon!
|
|
|
|
|
TooDumbForBitcoin
Legendary
Offline
Activity: 1638
Merit: 1001
|
|
June 27, 2016, 07:53:38 PM |
|
If I participate as a host, how do I escape legal liability if illegal files are found in the "SIA" partition of my hard drive?
|
|
|
|
metropolit
Sr. Member
Offline
Activity: 308
Merit: 250
Lisk will be #1 alt in 2019.
|
|
June 27, 2016, 08:14:52 PM |
|
If I participate as a host, how do I escape legal liability if illegal files are found in the "SIA" partition of my hard drive?
If you get complaint you can erase illegal files. You can also provide those parts of encrypted files to the goverment if they ask but they wont be able to use them. |
|
|
|
|
pufuletz
Member
Offline
Activity: 91
Merit: 10
|
|
June 27, 2016, 08:40:15 PM |
|
will it be easy for non devs to farm out space on their drives?
|
|
|
|
|
|
|
|
