Antbleed: A remote shutdown backdoor in antminers

[BillyBobZorton]

So if I understood it correctly, bitmain has a remote kill-switch (effectively, since they can brick the machines with the firmware change) on 70% of hashrate? fanastic. What are we supposed to do now, other than change the PoW algo immediately? Core Devs should be having a meeting with non-Bitmain miners right now proposing a roadmap to change the algo and leave Bitmain isolated. I don't think even the BU camp is stupid enough to keep supporting Jihan and his rigged miners anymore.

Anything but open source mining machines should be totally banned from the network. Ideally we should go back to 1cpu=1miner with a new PoW, but how do we guarantee that we will not end up like this again? at least we'll set a precedent I guess.

Anyway, I hope Core Devs are already on this like I said before. We can't go no longer than a week sitting under explosives.

There is already an easy way to mitigate the risks associated with Antbleed (http://www.antbleed.com/), as pointed out earlier in this thread:

How Can I Protect Myself?

The easiest way to make sure your Antminer is not vulnerable to this backdoor is to add the following to your /etc/hosts on the device to

Code:

127.0.0.1 auth.minerlink.com

This will cause the Antminer to connect to your own local machine bypassing the check-in with Bitmain without interrupting normal mining behavior.

Furthermore, Bitcoin currently has a market cap of close to $21 billion. To rush into knee-jerk reactions like changing Bitcoin's proof-of-work algorithm would be catastrophic for Bitcoin and the people who rely on it. Take the Venezuelans, for example (https://bitcoinmagazine.com/articles/bitcoin-in-south-america-why-venezuela-has-an-active-bitcoin-mining-community-1452097837/). They have turned to Bitcoin mining, at great risk of arrest, to make for themselves a living in response to Venezuela's intensifying political turmoil and rapidly contracting economy (http://www.aljazeera.com/indepth/features/2017/04/venezuelans-turned-bitcoin-mining-170415124105593.html). To suddenly change Bitcoin's proof-of-work algorithm would mean pulling the rug out from under their feet and leave them hanging at the mercy of their government's failures.

It would therefore be wise to consider the greater global landscape of Bitcoin and the people who rely on it before pushing for unnecessarily risky moves.

How is sitting under a ground that is 70% filled with mines not a risky move? I don't think you are considering the gravity of the situation.

If we don't wipe the ASIC nonsense out, what are we doing but delaying the problem?

How long until such a thing happens again, goes unnoticed, but they decide brick the entire network?

At the same time, I understand changing the PoW is an huge problem within itself....

Honestly there is no easy way out. We should have taken care of this earlier, now there is no easy way out from this mess. So pick your poison.

[1714831841]

1714831841

[1714831841]

1714831841

[1714831841]

1714831841

[Viscount]

I don't see BTU shills here. Appears not only Bitmain has an Antbleed and could shutdown antminers, but they also have a Shillbleed and can disable/anable their shills on demand.  

[achow101]

....
This is very very old 'news' and been mentioned lord how many times in the past.
As mentioned earlier it was for the Minerlink service. The early s7's used to have a page on the Bitmain GUI to set it, was removed after maybe batch-10 or so.

Like ANY remote monitor program/service (Awesome Miner comes to mind) the miners must periodically be polled to see how they are doing. Only difference here is it was a cloud service and ran by Bitmain.

As posted earlier: If ya don't like it just re-direct the query to localhost. 'Problem' solved.

Yes for whatever reason, the code still remains and YES Bitmain should remove it since it serves no purpose and is a needless 'possible feature'.

And antbleed.com needs to modify their statements about what miners have it. I will verify tomorrow but am POSITIVE my few remaining batch-1, 3, and 5 s7's have the MinerLink option in the GUI.

This issue is unrelated to minerlink even though it uses the same domain. It is not a user configurable option, there is nothing in any user interface (be that GUI or command line) to enable or disable this phone home and remote kill. The URL and port are entirely hard coded into the software, and the loop that does the phone home will always run. This is not Minerlink where you had the option to use it. This phone home will occur regardless of whether you use minerlink or not.

[FiendCoin]

I don't see BTU shills here. Appears not only Bitmain has an Antbleed and could shutdown antminers, but they also have a Shillbleed and can disable/anable their shills on demand.  

Man, I was thinking the same thing, where's franky and jonald?

[freedomno1]

That is an interesting setting in there your right this is an exploit.
Hopefully the exploit does not result in a mining brick but seeing there is an economic incentive its concerning.

[cellard]

This seals the deal. Jihan Wu is not some bright kid that started an empire by himself. This has been a Chinese government funded takeover by default to control bitcoin. Are we going to let them get away with it?

I know PoW change is an huge deal, but isn't doing nothing worse in the long term? Wake up people.

[ebliever]

The issue of voting with your wallet when it comes to mining equipment is that whoever sells the best possible chance at ROI will dominate and with the Chinese labor and access of materials it's going to be Bitmain.

I agree. That's why I think this has to be handled with an algorithm change. Which frankly scares me with something on the economic scale of Bitcoin. Except that doing nothing with things as they are scares me worse.

[Sadlife]

So basically when you are signalling for some block like
BU or Segwit they can force stop whatever the block your mining
that is not favorable to them. That explains everything you probably change your mining software if it's antminer.

[franky1]

I don't see BTU shills here. Appears not only Bitmain has an Antbleed and could shutdown antminers, but they also have a Shillbleed and can disable/anable their shills on demand.  

Man, I was thinking the same thing, where's franky and jonald?

They are still translating the excuse from Chinese into English but can't figure out how to spin "BTCU or we kill your miners" in a positive light.

mention my name and i appear.
i was going to keep myself quiet because this indeed is a exploit risk unlike asicboost which is a efficiency

anyway achow and frodocooper the antbleed website has explained the issue and the fix

but as you all aware i do like to waffle my opinion when i can. which i was going to hold back on due to this topic originally being an actual risk that needs highlighting without derailing the topic.
but my name was mentioned.

seeing as the OP and first couple posts of topic has the fix aswell as an explaination and people have already started derailing the topic with "kill asics now" "PoW change" "sitting on landmines" we might aswell consider all posts just "post bumps" to keep the topic on front page so people tomorrow and so on know of the issue.

anyway
if you want to change PoW
then that involves a proper network consensus upgrade, which is a great opportunity to then do things properly like a 1merkle segwit which would give a 4mb baseblock and not need the 1mb base 4mb weight tier network cesspit creating crap.

(id prefer the 4mb block to be dynamic to not rely on any dev team to spoon feed limits in future)
aswell as a opportunity to really handle quadratics by keeping maxtxsigops down, eg:4k or below so that the native key users dont gain more spammer causing headache (0.14: maxtxsigops 16k)

thus getting the community everything everyone wants. where native key users get 4mb block and segwit key users get to use segwit where everyone on the same level playing field.

yep no more core tier network concern.
no more band camp debate. but finally a community peer network not filled with half gestures and empty promises

P.S
you can try pigeon holing me into "chinese" or "btcu" all you want.
my opinion is about open diverse decentralised single peer network of many implementations. which has not changed in years

if the only thing you can do is try turning this topic into a "hate the chinese"(as a country) or point fingers at anything not core. then thats your bias.

but if you just want to waste a oppertunity of a proper ful network consensus upgrade just to kill asics. just realise that within a couple months the utopian dream asic killers think they will get of solo mining from their basement again wont last long because someone somewhere will find efficiency methods of any new system and within 6 months the its back to a new form of pool/syndicate/sybil mining groups

[gentlemand]

I think the only true thing that would push the main chain into a fully supported algorithm change is finding out the Chinese government is in control of Bitmain.

Half in the bag already? I can't imagine any large business in China gets anywhere without some government heavy breathing.

[franky1]

I wasn't specifically calling you out or Jonald but more or less the many btcu shills while quoting the other reply, and the Chinese thing is because Jihan is Chinese and he is willing to throw money around to get his way.

I don't want a pow change I would like there to definitely be more asic producers and them come from all around the world. The issue is the production is just going to be cheaper in China due to the many factories and cheap labor, the other issue is Jihan buying out his competition there. I don't mine Bitcoin directly anymore because it's just past me with noise and power consumption for a home miner, but I do worry about the network. Jihan seems like a bad player in the Bitcoin world and it seems like he is starting to sabre rattle to protect his interest and this could just be a new weapon in his arsenal especially with all future miners.

Along with the fix we know large mines won't take down their miners and flash them, too much work for a large mine until an attack happens.

you may realise other countries are in the manufacturing game and its not (current 67% nay/abstainers) of asics are bitmain or chinese.
thats the reddit hysteria of blaming the segwit nays'/abstaining on one person(illogical facepalm).

many people who are independent like myself who just think critically rather than ass kissery see some flaws in segwits 2 merkle approach. even gmax sees now that 2merkle approach has hit issues last month

looking deeper at the matter i can see a few countries with low labour, low facility costs and low electric costs. and some manufacturers are already using them.

but it does not matter about blaming china(as a country).. what people should be doing is defending a decentralised diverse peer network not just pointing fingers to find excuses of why bitcoin should centralise to one one brand by pretending its getting attacked by another brand

it might be worth you taking a step back from the reddit hysteria of blaming the (current 67% nay/abstainers) on jihan because those numbers dont rationally add up,
the community is wider than that

[freedomno1]

That is an interesting setting in there your right this is an exploit.
Hopefully the exploit does not result in a mining brick but seeing there is an economic incentive its concerning.

They can go full censorship too, anyone who is pro segwit or has been posting anti Bitmain things could get their miner turned off. They link the miner to their customer records and I am sure they are able to find via email and a small bit of googling their Bitcointalk or Reddit username.

I was thinking along the lines of if your not mining and if someone hacks minerlink and turns off all the not patched antiminer's for a while the odds of generating a new block go up relative to the decrease in difficulty until they turn them on again. But true enough specific targeted attacks could change signalling kind of like finding a bug in the nodes you can turn them off for a few days only this could also brick stuff and take the hash out of the game.

The key thing is changing the manual hosts entry to 127.0.0.1 auth.minerlink.com since phone home is hardcoded ... what a PITA at least what I get from reading that reddit and the related posts here.
https://www.reddit.com/r/Bitcoin/comments/67qwqv/antbleed_exposing_the_malicious_backdoor_on/dgsk6cf/
(Speaking of Tesla and the current patch I wonder if you can change the host file to phone home to the Tesla car instead ha-ha)

Since a staff posted the OP I agree with Franky posts go to increase awareness of a patch than keeping the thread silent.

[jonald_fyookball]

like someone said... very old news,

minerlink is disabled by default...

... and most miners only allow outbound traffic from their rig to go to pool stratum anyway, not to Bitmain or anyone else.

just more pointless FUD.

[achow101]

like someone said... very old news,

minerlink is disabled by default...

As I said earlier, this is completely unrelated to minerlink except for the fact that it shares a domain name. The phone home code runs regardless of user input or settings.

... and most miners only allow outbound traffic from their rig to go to pool stratum anyway, not to Bitmain or anyone else.

Sure larger mining farms might have something like that, but for the casual "I have have cheap electricity so I got a couple R4's/S9's" miner, I highly doubt they have such settings. Those who still mine from home with antminers are vulnerable. Additionally, most networking stuff by default doesn't restrict outbound connections, so unless the miner was specifically concerned about something already on a machine inside the network sending something out of the network, this default would not be changed.

[jonald_fyookball]

Achow, are you saying antbleed is not miner link at all?  But completely different code?

[achow101]

Achow, are you saying antbleed is not miner link at all?  But completely different code?

It may be related to minerlink, but it itself is not governed by minerlink. It does its own entirely separate thing. However it could potentially be used by minerlink to remotely stop an antminer from mining, but the way that they implemented that is rather odd and convoluted so it seems unlikely. Perhaps it was meant for something else related to minerlink but was never completed.

[pooya87]

the first thing that came to my mind after reading this was a question! "Why now". why is it that these days, all these news about mining, miners' equipment, backdoor, boost, etc are coming out. ASICs weren't created yesterday!

[achow101]

the first thing that came to my mind after reading this was a question! "Why now". why is it that these days, all these news about mining, miners' equipment, backdoor, boost, etc are coming out. ASICs weren't created yesterday!

A lot of it is probably due to people wanting to find as many ways to discredit someone else, i.e. some Core supporters looking to discredit BU, Bitmain, etc. and some BU supporters looking to discredit Core. Some of it is likely from projects that were started several months ago but only now reached their conclusion (like reverse engineering an asic and related closed-source firmware for asicboost as that takes a long time).

[franky1]

the first thing that came to my mind after reading this was a question! "Why now". why is it that these days, all these news about mining, miners' equipment, backdoor, boost, etc are coming out. ASICs weren't created yesterday!

its because segwit as a softfork has last month been found to hit a hurdle, so now people are hurrying to find any reason to push mining aside to drag segwit in without having to change segwit as a soft fork.(even though segwit is not even active and can easily be redone as a proper community uniting version that includes other features the community desire.. rather than the tier network cesspit version)

funny part is that segwit is using its own backdoor (going soft) to bypass node consensus and its admitted that they want to make it easier to implement changes even easier in the future. (code backdoors that outsiders can exploit to add in their own features by 'going soft')

EG imagine if hearne coded segwit as a soft fork(line for line the same) and said how he wants to add more ways to add new things in without node consensus, would you remain positive about it?

EG imagine if hearne tried to blame pools for holding things back(after giving only pools the vote) and wanted to find ways to ban/orphan blocks/pools based on brand bias.. not tx/block validity

[Amph]

can this backdoor be used for malicious things? to steal funds or something?

Do these miners really represent 70% of all the global hashrate?

I am sure they are people still mining with Antminer S2 with free power at their dorm or people got some SP30 running in some cheap power areas.

i can't see why not, they are the best one, and it also make sense because it match the percentage of chinese miners, which is around 70%, probably all pool are running s9 now

if someone else is running s5 or s7, would be a very minority, and i'm actually surprised that there are 30% of miners running those old one