Slashdot Mirror

← Back to Stories (view on slashdot.org)

Backdoor Could Allow Company To Shut Down 70% of All Bitcoin Mining Operations (bleepingcomputer.com)

Posted by BeauHD on from the newest-controversy dept.

An anonymous reader writes: "An anonymous security researcher has published details on a vulnerability named "Antbleed," which the author claims is a remote backdoor affecting Bitcoin mining equipment sold by Bitmain, the largest vendor of crypto-currency mining hardware on the market," reports Bleeping Computer. The backdoor code works by reporting mining equipment details to Bitmain servers, who can reply by instructing the customer's equipment to shut down. Supposedly introduced as a crude DRM to control illegal equipment, the company forgot to tell anyone about it, and even ignored a user who reported it last fall. One of the Bitcoin Core developers claims that if such command would ever be sent, it could potentially brick the customer's device for good. Bitmain is today's most popular seller of Bitcoin mining hardware, and its products account for 70% of the entire Bitcoin mining market. If someone hijack's the domain where this backdoor reports, he could be in the position to shut down Bitcoin mining operations all over the world, which are nothing more than the computations that verify Bitcoin transactions, effectively shutting down the entire Bitcoin ecosystem. Fortunately, there's a way to mitigate the backdoor's actions using local hosts files.

102 comments

  1. Wait, let me get this straight... by Baron_Yam · · Score: 5, Funny

    A company based on Bitcoin isn't operating according to the highest standards?

    Wow. I'm definitely making a note in my diary about this unique and surprising turn of events.

    1. Re:Wait, let me get this straight... by istartedi · · Score: 4, Funny

      I'm going to go downtown, park at the sturdy Bitcoin building, walk in past the colonades and marble lobby, right up to the sturdy oak desk of my local and well-respected Bitcoin representative and seek reassurance that his institution is sound, and that my deposits are safe, fully insured, and returning the advertised rate of interest.

      --
      For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
    2. Re:Wait, let me get this straight... by jeffmeden · · Score: 1

      You mean to tell me that

      A company was looking to sell bitcoin mining equipment for a huge profit

      and instead of eschewing the tenets of bitcoins' distributed, robust design and egalitarian virtues

      they baked in a kill switch, an INSECURE kill switch that could easily dismantle everyones equipment?

      god, what will happen next?

    3. Re: Wait, let me get this straight... by Anonymous Coward · · Score: 0

      You could also ask them in they have employed the hosts guy, as apparently he's got the best solution to this problem.

    4. Re: Wait, let me get this straight... by Anonymous Coward · · Score: 0

      APK to the the rescue!

    5. Re: Wait, let me get this straight... by Anonymous Coward · · Score: 0

      Hosts file for the win!!!! Ain't life grand.

    6. Re:Wait, let me get this straight... by Anonymous Coward · · Score: 0

      Sounds like you put your money into an institution that is bad with money. I'd be worried that they don't have proper respect for my money the moment I see they waste money on colonades and marble.

      But that's just me. I'm Canadian, and almost no Canadian banks waste money this way. I say almost because I've never found one, but some wahoo here will find one somewhere.

    7. Re:Wait, let me get this straight... by istartedi · · Score: 1

      Most American banks aren't building those kinds of buildings *now*. I think they stopped doing that in the 50s. Seeing that kind of building implies they've been around a long time. I don't know if it was considered over-spending when it was done. It was a more common thing to do in the early 20th century. It may have been a kind of reassuring message to people who grew up in the Depression. A "we're here to stay" expressed in architecture. Banks also may have been in competition at that time to pull in well-heeled customers who didn't want to be seen going into a shabby building. People cared about stuff like that back then--guys wore suits all the time, and Fedoras with the suit as they were meant to be worn, with no hint of irony.

      --
      For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  2. First post brought to you by by Anonymous Coward · · Score: 2, Insightful

    APK!

    1. Re: First post brought to you by by Anonymous Coward · · Score: 1

      Hosts file saves the day!

  3. Single points of failure abound in bitcoin by Anonymous Coward · · Score: 0

    Still think the distributed blockchain is a good idea?

    1. Re:Single points of failure abound in bitcoin by JcMorin · · Score: 2, Informative

      While that seems bad, it would be fixed without a few hours for most miners. The source code is open (even the mining software with remote stop code). Miners can freely recompile it and update it. There is also a simple dns trick to remove that domain and point it to 127.0.0.1 Don't worry, Bitcoin can't be shut down that easy and there is no single point of failure.

    2. Re:Single points of failure abound in bitcoin by AC-x · · Score: 0

      This is nothing to do with being a distributed blockchain though is it? It's something a hardware vendor baked into their hardware. Blaming blockchains for this is like blaming html when Apple brick your phone for you.

    3. Re: Single points of failure abound in bitcoin by Anonymous Coward · · Score: 0

      No one single point of failure. Just a million of them.

    4. Re:Single points of failure abound in bitcoin by Anonymous Coward · · Score: 0

      Of course not. I'm putting my bets on something tangible, like tulip bulbs.

  4. Oh noes!?!?! by Anonymous Coward · · Score: 4, Funny

    My imaginary money is at risk!!!

    1. Re:Oh noes!?!?! by Baron_Yam · · Score: 1, Informative

      Stupid as it may be, as long as enough other fools believe in it, you can exchange your imaginary money for actual government-backed, widely accepted money or even goods.

      And there are still enough Bitcoin idiots out there that we keep getting these posts on Slashdot - a forum where everyone should ideally be technically savvy enough to recognize Bitcoin as technological bullshit.

    2. Re:Oh noes!?!?! by Anonymous Coward · · Score: 1

      All money is imaginary.

    3. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      Only in your bank account :)

    4. Re:Oh noes!?!?! by SpankiMonki · · Score: 2

      Slashdot - a forum where everyone should ideally be technically savvy enough to recognize Bitcoin as technological bullshit.

      mmm...I consider blockchain technology to be fairly sophisticated, but I'm probably not as savvy as you.

      I'll grant you that the bitcoin ecosystem is a mess. It has devolved into exactly the dragon the system was designed to slay - i.e., high degree of centralization, dependence on trusted intermediaries, etc.

      Whether or not bitcoin can ever become competitive with the established electronic currency systems remains to be seen, but I'm betting it will never become anything more than nerd funny money.

    5. Re:Oh noes!?!?! by Baron_Yam · · Score: 1

      >Whether or not bitcoin can ever become competitive with the established electronic currency systems remains to be seen

      This is what makes it obvious you are NOT as savvy as I, at least in this area; it HAS been seen.

      Bitcoin is fundamentally flawed, technologically and philosophically. It is self-defeating and incapable of being of any practical use on any decent scale. The only practical way to use Bitcoin is by utilizing other technologies that defeat any rational reasons for using Bitcoin in the first place.

      If you haven't figured that out, you haven't learned enough about it. Or rather, you've wasted just enough time to be interested in it, but not enough to realize that time was wasted.

    6. Re:Oh noes!?!?! by BradleyUffner · · Score: 1

      Stupid as it may be, as long as enough other fools believe in it, you can exchange your imaginary money for actual government-backed, widely accepted money or even goods.

      Yeah, but can I do it without having to go meet some stranger in a dark alley behind a Quick-E-mart to exchange funds yet?

    7. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      Meh you are stupid and don't understand anything. If it is from big independent central bank it IS REAL. Why? because it is REAL. Bitcoin is FAKE because it is scary and FAKE. I however pay all my bills using Zeni these days.

    8. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      Says the retard who spends half his life railing against bitcoin on slashdot. Wow what a great life you must lead.

    9. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      OK- so let me get this straight. The Bitcoin my business takes in which is being used to pay my paycheck which is then being used by me to pay for all sorts of other goods by people I know for a fact are then going out and either spending it with other people or local and online businesses or selling it to those who want it and don't have it doesn't work? Cause I must be imagining this fantasy land I'm living in. I did two transactions today. One was at Kurby Qs in Alstead New Hampshire and the other was between me and a private party. I bought two handheld radios. I pay for car insurance with Bitcoin from a paycheck I take in Bitcoin from a business that takes Bitcoin. All of this is possible because, well, the Keene, New Hampshire area is the capital of the Bitcoin world, and New Hampshire in general. I pay for car insurance with it, hotels, planes, and a ton of electronics from places like New Egg, Overstock, ThinkPenguin, and similar. We have theaters, golf courses, and a variety of restaurants taking it nearby. Even if it failed elsewhere it's going to succeed as a local currency in New Hampshire.

      I had a hilarious exchange with a bails bondsman the other day in fact. All my FRNs (cash) were stamped with http://shirebitcoin.org/ on them and when one of the officers came into the room with my FRNs and he handed the money to the bails bondsman the guy asked the bails bondsman what Bitcoin was. The bails bondsman replied "Funny money". I'm a bit of a big shot in a certain movement, thought it was hilarious.

      And before you call me a fraud or something I've only ever been arrested for what amounts to filming the police (disorderly conduct charge, a criminal class a misdemeanor, and crossing the street, a violation, same incident). I'm involved in activism (filming police/government/etc) and politics (attending weekly hearings at state house and advocating more freedom and less draconian legislation) and certain entities/people don't like the fact we're taking on big government in New Hampshire (absurd FBI raids, police raids, false charges left and right against the biggest activists, and even giving the appearance that certain people are child rapists which nobody in the movement actually believe- and the raid results in no arrests- was targeted at people criticizing the FBI for distributing child porn- and there revenge was to raid those calling out the hypocrisy to make it appear as though one individual in particular who had nothing to do with the criticism but for whom the radio show depends was a child molester- and the FBI called the media and led the media to believe the person whose name was on the internet connection was somehow a child rapists despite that it was a connection for an activist center, radio studio, and hundreds of people both tenants and activists). Cops are losing their job and it's becoming a challenge to find replacements. F' up and we'll come after you. There are more people with cameras here filming cops than anywhere else and your days are numbered. I may lose my case, but it's unlikely I'll lose my lawsuit. There have already been numerous wins against the state for false arrest here in New Hampshire. Carla Gericke (ex-Free State Project president) won a $53,000 lawsuit. Ian Freeman won $5,000. James Cleaveland won multiple cases. Once when he was filming and charged with disorderly conduct and resisting arrest and another for filming government officials. Several others won too.

      http://www.freestateproject.org/

    10. Re:Oh noes!?!?! by Boronx · · Score: 2

      Bitcoin will be around as long as drug dealers find it useful.

      --
      Play Command HQ online
    11. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      Give it a rest dude. If you are afraid of law enforcement agencies then try not to commit crime to get their attention. There are already too many professional protesters who do can't go a day without protesting something. Protesting use to be a valuable tool capable of initiating change but today people only protest for the sake of protesting. If you really want to create wide scale change you better have a plan to enact the changes. Calling anyone who disagrees with you names and being a general nuisance will not solve any issues.

      And take the idea of your "Free state" to it's logical conclusion which is anarchy. And in an anarchy it is the strongest people who will seek power over others. Think warlords. It's just human nature. The primal need for conflict buried deep within our DNA. The human race has been at war ever since there were enough of us to pick sides and fighting for the biggest cave and best women. There has never been a time since where there wasn't a war going on some where.

    12. Re:Oh noes!?!?! by Joreallean · · Score: 1

      It's not more imaginary than any other money. Even actual gold has no value in it other than what people give it. For some reason we like to give shiny things more value than non-shiny things.

    13. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      For some reason we like to give shiny things more value than non-shiny things.

      So the question is how to make bitcoin more shiny?

    14. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      Oh my, it must be awful being you every day.

    15. Re:Oh noes!?!?! by supremebob · · Score: 2

      Don't forget those cryptolocker assholes as well. Bitcoin is like PayPal to them.

    16. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      Your money is backed by the full faith and credit of whoever backs it, you choose:

      The United States Government

      The European Community

      The Cayman Islands Government

      A fictional man named Satoshi Nakamoto

    17. Re: Oh noes!?!?! by Anonymous Coward · · Score: 1

      Try finding me a computer with no gold in it

      http://www.ldoceonline.com/med...

    18. Re:Oh noes!?!?! by MangoCats · · Score: 1

      Funny thing about life: perception is all there is.

      You may "know the truth" as you perceive it. Your "truth" may be independently verifiable, repeatable, reliable, consistent with other known "truths," etc. and yet, if your "truth" is only believed by a small minority of society, then it has small - and potentially even negative - social value.

      Truths like: "watering and fertilizing my garden will get me better yield" have self-fulfilling value. But, if you want to sell your produce to society, and society has placed some negative value on fertilized or irrigated crops, then you could be better off ignoring the "truth" of the yield and growing the crops that society wants.

      In the case of imaginary constructs, perception is truly all there is. Harsh truths like loss of money through theft, digital copying, etc. will impose themselves, but these kinds of problems exist for all forms of money. As long as a sufficient society of people "believe" in the value, and they aren't interfered with by regulation, taxation, etc., Bitcoin will continue to trade for value. Just like pet rocks did in the 1970s - though Bitcoin seems to be a much more durable fad.

    19. Re:Oh noes!?!?! by MangoCats · · Score: 2

      Bitcoin was always destined to become highly centralized and dependent on trusted intermediaries. The only way it wouldn't go there is if everyone who used bitcoin actually participated in the mining and understood what they were doing. As soon as non-miner, non-savvy people got in the game (day 2, I would assume) the devolution began.

    20. Re:Oh noes!?!?! by MangoCats · · Score: 1

      Bitcoin has proven itself to be a very successful pyramid scheme.

    21. Re:Oh noes!?!?! by Edge · · Score: 0

      And your country's fiat currency is not "imaginary?" haha.

      --
      -=e
    22. Re: Oh noes!?!?! by Anonymous Coward · · Score: 0

      Well, when your funny money fails and you're left holding the bag, please note you've been warned.

    23. Re: Oh noes!?!?! by Anonymous Coward · · Score: 0

      It's bitztream

      The autism-hating, custom EpiPen-hating, Musk-hating Slashdot troll!

    24. Re:Oh noes!?!?! by Archangel+Michael · · Score: 1

      Not really. But keep telling yourself that, because we know you're kicking yourself for not mining coins when the could be mined by normal computers.

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    25. Re:Oh noes!?!?! by Archangel+Michael · · Score: 1

      But, if you want to sell your produce to society, and society has placed some negative value on fertilized or irrigated crops

      "Plants Crave Electrolytes!"

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    26. Re: Oh noes!?!?! by Anonymous Coward · · Score: 0

      It's bitztream

      The autism-hating, custom EpiPen-hating, Musk-hating Slashdot troll!

      more like bitztream the incestious fuckwit

    27. Re:Oh noes!?!?! by Anonymous Coward · · Score: 0

      LOL, funny story, bro.

    28. Re:Oh noes!?!?! by SpankiMonki · · Score: 1
      Well, you don't have to read very far into Satoshi's paper to see that bitcoin was designed specifically to eliminate the need for trusted intermediaries:

      What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.

      While not explicitly stated as a goal in Satoshi's paper, the system was designed to be decentralized in order to protect its integrity.

      The fact of the matter is that one cannot (for all practical purposes) transact in bitcoin without using a trusted third party, and that mining has become highly centralized. In this respect, one can only conclude that bitcoin is an abject failure when it comes to it's stated objectives. If anything, bitcoin proved that trusted intermediaries are a requirement for any system of electronic currency.

    29. Re:Oh noes!?!?! by SpankiMonki · · Score: 1

      This is what makes it obvious you are NOT as savvy as I, at least in this area; it HAS been seen.

      Just because my opinion that the jury is still out re bitcoin doesn't match your opinion that bitcoin is a complete failure DOESN'T mean you are more technologically savvy on the matter. I make my living consulting in ERP/Financial Reporting Systems and have several large banking clients. I have undergraduate degrees in Economics and Accounting, and a graduate degree in Business - so I'm not exactly naive when it comes to the matter at hand.

      If you haven't figured that out, you haven't learned enough about it. Or rather, you've wasted just enough time to be interested in it, but not enough to realize that time was wasted.

      So...the time I've spent acquiring knowledge of bitcoin has been wasted, huh? LOL. If I decide to change my opinions on bitcoin to more closely align with yours will my time magically become "well spent"?

      Tell you what, why don't you take the time to draft a post demonstrating your extensive knowledge on the technology and economics of bitcoin and lay out some well-reasoned arguments supporting your position that "Bitcoin is fundamentally flawed, technologically and philosophically"? Right now, all anyone sees in this thread is you claiming you're superior to someone you disagree with. Kinda makes you look a little foolish, don't you think?

    30. Re:Oh noes!?!?! by Baron_Yam · · Score: 1

      >Just because my opinion that the jury is still out re bitcoin doesn't match your opinion that bitcoin is a complete failure DOESN'T mean you are more technologically savvy on the matter. I make my living consulting in ERP/Financial Reporting Systems and have several large banking clients. I have undergraduate degrees in Economics and Accounting, and a graduate degree in Business - so I'm not exactly naive when it comes to the matter at hand.

      Good for you. You don't know shit about Bitcoin, and insisting you do based on irrelevant credentials is just making you look a bit dim witted as well as ignorant.

      >So...the time I've spent acquiring knowledge of bitcoin has been wasted, huh?

      Yes.

      > If I decide to change my opinions on bitcoin to more closely align with yours will my time magically become "well spent"?

      Nope. You'd just be aware it was wasted time.

      >Tell you what, why don't you take the time to draft a post demonstrating your extensive knowledge on the technology and economics of bitcoin and lay out some well-reasoned arguments supporting your position that "Bitcoin is fundamentally flawed, technologically and philosophically"?

      Why don't you try... oh, I don't know, pulling your head out of your ass and reading the millions of critiques out there that very, very effectively tear Bitcoin down on pretty much every single point its proponents have ever put forward as a reason it should be worth something?

      > Kinda makes you look a little foolish, don't you think?

      Your faith in Bitcoin (and yes, it's faith, because it is totally unsupported facts) is making you look more than just a little foolish. As are your irrelevant claims to be an authority of any kind on the subject, and your apparent compulsion to carry on defending it with follow-up posts days after everyone else has passed this topic by.

      Bitcoin is now at the stage where all but the cultists have realised it's a failure. It's not 'first they laugh, then they fight, then you win"... it's 'first they laugh, then they try to jump on the bandwagon, then they realize they've been had'. The net result of Bitcoin was idiots having their money (sometimes in the form of electricity) moved into the hands of scammers, con-men, and a few individuals who got lucky... and also 'blockchain' becoming a buzzword in the financial sector. That's it.

      It's time to pack your robe away, put down the manifesto, and move on to your next foolish obsession. Or grow up. Either or.

    31. Re:Oh noes!?!?! by SpankiMonki · · Score: 1

      Why don't you try... oh, I don't know, pulling your head out of your ass and reading the millions of critiques out there that very, very effectively tear Bitcoin down on pretty much every single point its proponents have ever put forward as a reason it should be worth something?

      Millions? Huh. Care to provide any links to the ones you think are especially informative?

      Your faith in Bitcoin (and yes, it's faith, because it is totally unsupported facts) is making you look more than just a little foolish. As are your irrelevant claims to be an authority of any kind on the subject, and your apparent compulsion to carry on defending it with follow-up posts days after everyone else has passed this topic by.

      1. You've made a mistake. I suggest you re-read my first response to you. I clearly state that I'm betting against bitcoin's long term prospects.
      2. Nowhere in this thread (or on this site) have I ever claimed to be an authority on bitcoin. All I did was inform you of my background in banking/finance in response to your childish claim of superiority (which you have yet to demonstrate).
      3. This topic of discussion was posted to /. yesterday evening, not "days" ago. Since I only visit this site in the odd evening after work, I simply replied to you (and one other person in this thread) tonight. Is that too difficult for you to understand? I guess it is, and that's pretty sad.

      It's time to pack your robe away, put down the manifesto, and move on to your next foolish obsession. Or grow up. Either or.

      Bitcoin has been a curiosity for me, not an obsession. And no matter what my opinion may be with regard to it's success or failure, I will continue to study it because I find it intellectually stimulating.

      I don't really expect to learn much from you, though. Your posts in this thread have so far been devoid of any factual data or reasoned arguments.

      Cheers!

  5. Bit of a shocker by turkeydance · · Score: 0

    a very little bit

  6. Host files? by 110010001000 · · Score: 5, Funny

    If ONLY there was a host file expert here to tell us if this were true!

    1. Re:Host files? by The+MAZZTer · · Score: 1

      I'm not sure if you're trying to meme or something, but the hosts file overrides how specific domain names get mapped to IP addresses. So as long as an app is trying to connect to a domain name (as opposed to directly to an IP address) you can easily reroute it elsewhere or outright break it.

    2. Re:Host files? by Anonymous Coward · · Score: 0

      you must be new here

    3. Re: Host files? by Anonymous Coward · · Score: 5, Informative

      There's a commenter, APK, who comes into anything related to computer security on slashdot and spams about his Hosts Engine. The host engine he distributes has mixed reviews, but appears to function acceptably for those who use it, and he clearly means well. Which doesn't stop the fact that he's in ALL the threads, or was, until he and whipslash had a confrontation or discussion or something.

      The fact that the summary explicitly asks for a hosts file based solution is, of course, the joke: it's being posted directly to the lion's den.

    4. Re: Host files? by Anonymous Coward · · Score: 0

      I think it's more likely he made a typo in his hosts file and thus accidentally blocked Slashdot. He thinks the site finally died. Or perhaps his hosts file has gotten so large that parsing it each time a website contacts another server causes his browser to always time out on nearly every site. I'm lOO% sure it's one of those two things.

      We morn him and move on. He will be forgotten. That's the best thing we can do for him now.

      Personally I really miss Mr. New Here. There were so many people trying to steal his identify... I hope he's ok.

    5. Re:Host files? by Volanin · · Score: 1

      Ahahahaha, come on people!
      This is funny as hell for anybody who's been here for more than a month!
      I wish I had mod points.
      +1 Troll is too unfair.

      --
      If I clone myself, can I call it a thread?
      If a girl winks to us, can I call it a race condition?
    6. Re: Host files? by Anonymous Coward · · Score: 0

      Oh, he left months ago (according to him)...
      https://yro.slashdot.org/comme...

      This is my last post here (place is now owned by an incompetent LITTLE DOUCHE in yourself, who has serious issues & can't CODE FOR SHIT - I am proving it RIGHT NOW in fact)!

      Erm, wait this one's the last post
      https://yro.slashdot.org/comme...

      P.S.=> For the hell of it: Doing just 1 more post (just to spite your DIM BRAINED ASS) BEFORE I VOLUNTARIY LEAVE stupid, not you forcing it:

      Who am I kidding, he ain't leaving till Ars takes him back
      https://arstechnica.com/civis/...

    7. Re:Host files? by RuffMasterD · · Score: 1

      Joke's on you, suckers. This story was brought to you by "an anonymous reader" (signed APK).

      --
      Human Rights, Article 12: Freedom from Interference with Privacy, Family, Home and Correspondence
  7. a poor-man's wild west by epine · · Score: 2

    If you haven't got a billion dollars, you can't blather on about colonising Mars. How admirably crytocurrency fills its niche as a poor man's wild west. It's got everything. A Chinese Boss Hogg with a Fu Machu mustache can suddenly jump out of the woodwork at any moment. Hot damn!

    I was never much of an Oregon Trail dreamer myself, so this whole scene amuses me greatly.

  8. Stop saying 'brick'. by Anonymous Coward · · Score: 0

    I work in electronics repair. Most 'bricked' devices can be repaired. For the manufacturer, especially. Desolder some memory, resolder new memory in, reprogram, done.

    Even if the vulnerability could actually damage / fry internal components, those can be replaced too. Assuming they can't light the entire device on fire.

    1. Re:Stop saying 'brick'. by Anonymous Coward · · Score: 0

      I'm pretty sure with a bit of efforts one could turn an actual brick into an iPhone. But that's not the point. It's insignificant how skilled you are at resoldering memory chips. If the end user can't bring back the device to life by the press of a reset button, it is bricked.

  9. This guy will blackmail all the Bitcoin miners by Applehu+Akbar · · Score: 1

    He will threaten to brick their mining servers unless he sends them US dollars.

    1. Re:This guy will blackmail all the Bitcoin miners by Baron_Yam · · Score: 1

      You joke, but blackmailing the Chinese to verify a transaction moving some long-untouched Bitcoin that's probably long-forgotten wouldn't be the worst scheme in the world.

      Honestly, I'm surprised the Chinese miners haven't done it for themselves. As long as they don't touch the stuff supposedly mined by Satoshi, and randomly distribute their fraudulent transactions across the ledger and over time, it's unlikely they'd get caught.

    2. Re:This guy will blackmail all the Bitcoin miners by Dagger2 · · Score: 1

      You don't need to blackmail them. Their entire business is verifying transactions. Just put the transaction on the network and they'll verify it automatically. Of course, in order to generate a valid transaction to move funds from one wallet to another you'll need the private key of the source wallet, which you aren't going to get by blackmailing the miners because they don't have it.

      You could blackmail them to put an invalid transaction in, but what would the point be? Nobody would accept the block.

  10. Alert APK immediately by Anonymous Coward · · Score: 1

    Fortunately, there's a way to mitigate the backdoor's actions using local hosts files.

    APK, sir, your time has come. -PCP

  11. Still missing obligatory comments by beckett · · Score: 1

    It's a Bitcoin article on Slashdot, but as of yet nobody has complained that this is some sort of guerilla BUY BTC marketing. Also the only reference so far to Chinese miners tripped over itself in a clumsy "wild west/colonizing mars" analogy.

    will check in a few hours later to see if the predictable /. comments surface. Hope i'm not forced to read at (-1) to find them though.

    1. Re: Still missing obligatory comments by Anonymous Coward · · Score: 0

      Transexual Trump supporters use Bitcoin?

    2. Re:Still missing obligatory comments by cfalcon · · Score: 1

      > It's a Bitcoin article on Slashdot, but as of yet nobody has complained that this is some sort of guerilla BUY BTC marketing

      It doesn't look like a pump, so why would anyone call it that? It's a vulnerability with apparently a lot of mining rigs. I imagine most of them will be guarded by the end of the week, if they aren't already, now that this vulnerability is exposed. Almost everything about bitcoin is some kind of sketchy, I'd be surprised if miners trusted their hardware anyway.

    3. Re:Still missing obligatory comments by beckett · · Score: 1

      >It doesn't look like a pump, so why would anyone call it that? It's a vulnerability with apparently a lot of mining rigs.

      most people don't actually read the article, or the summary, and they talk about whatever they want. it's slashdot, dontcha know

      Slashdot just isn't a great place for discussing bitcoin in anything but the most general terms. Looking through the comments about 5 hours later and there are still people that have first principle discussions about fiat currency, dated comparisons with a physical bank, and the most informative post has been an AC so far.

    4. Re:Still missing obligatory comments by Anonymous Coward · · Score: 0

      The predictable comments here currently just say that bitcoin is dodgy or imaginary money or something. Yeah, that's largely true, but I don't know why the same comments need to be here for every article.

      I guess those comments only surface since we don't really have anything else to bite on...

      Well, not that many articles posted recently have something we can bite on. Predictable is politics, basic income, job market, SystemD... and that's about it.

  12. not a big deal to those who don't mine by reanjr · · Score: 4, Insightful

    Highly misleading. If miners are shut down, Bitcoin transaction processing would operate a bit slower for a bit, then it would adjust to the new capacity.

    Yawn...

    1. Re:not a big deal to those who don't mine by thegarbz · · Score: 1

      Yawn...

      I wouldn't yawn yet. One of the risks of Bitcoin is that if you control more than 50% of the mining you can fudge the blockchain. This could potentially affect 70% of mining operations. I'll bet you a Marsbar it won't affect all parties equally.

  13. Re:This guy might be thinking bigger by Anonymous Coward · · Score: 0

    If they control 70% of all mining operations, then they could do a whole lot more than threaten to just brick mining servers.
    They could just wait until the right time, and then launch a 51% attack (except with 70%) and take however many coins they want.

    Relevant clip from Austin Powers: 100 billion dollars

  14. It's about control of the majority of the swarm. by Anonymous Coward · · Score: 0

    It's about control of the majority of the swarm.

    It's anything but yawn.

    You yawn if you're not paying goddamned attention.

  15. Not a backdoor by mysidia · · Score: 1

    It's a DRM/Phone home feature. A backdoor would be running arbitrary code specified by the manufacturer OR changing the mining workload so the mining activity benefits a Bitcoin address different from the one configured by the owner of the unit.

    1. Re:Not a backdoor by cfalcon · · Score: 1

      > so the mining activity benefits a Bitcoin address different from the one configured by the owner of the unit

      I'm sure someone would benefit from a sudden, unexpected, and precipitous drop in mining capacity and some manner of hit on transactions as well. It isn't like the price of bitcoin is exactly stable.

  16. Re:It's about control of the majority of the swarm by Anonymous Coward · · Score: 0

    it wouldn't bring down bitcoin

    its not like the wallets would be deleted

    a lot of hardware investors would be boned though

    shoulda built your own rigs like a real miner

  17. Ponzi Scheme?? by Anonymous Coward · · Score: 1

    Long time Slashdot reader (10 years) who has yet to create an account (it's on my bucket list), so posting as an AC for now.

    I've always considered Bitcoin to be something of a Ponzi scheme, though I've never been able to pin-point when it would collapse. Upon seeing Bitmain's latest ASIC miner, developed on a 14nm process, I think I've narrowed down the time-frame. 14nm is at the limit of commercial fabrication (Kaby Lake shares the same process node), though historically ASIC's I've seen were developed on a process geometry that was 1 to 2 generations old at the time.

    I wonder what will happen when the computational power required to feasibly mine bitcoin exceeds the limitations of what cutting edge semiconductor processes can deliver. I temper this comment with a phase "never underestimate the power of human ingenuity". Time will tell I suppose, but mining difficulty is vastly outpacing semiconductor process technology improvements. It can't continue forever. My bet is that Bitcoin will collapse within the next 5 years and expose crypto-currency for what it really is. One enormous sham.

    I welcome debate on the topic.

    1. Re:Ponzi Scheme?? by Anonymous Coward · · Score: 1

      "I welcome debate on the topic."
      I seriously doubt you do.

      a) your technological analysis is completely flawed.
      b) you don't understand what a ponzi scheme is.
      c) well you are just kinda trolling so meh

    2. Re: Ponzi Scheme?? by p91paul · · Score: 1

      Mining difficulty cannot run faster than miners capacity, because it adjusts to miners capacity, ensuring that on average it takes the same amount of time to validate a block. It just that more and more hardware is being thrown at it, but it can't collapse because it becomes unfeasible to mine a block. If the price were to drop, it might become financially unsustainable though.

    3. Re: Ponzi Scheme?? by Anonymous Coward · · Score: 0

      Mining difficulty cannot run faster than miners capacity, because it adjusts to miners capacity, ensuring that on average it takes the same amount of time to validate a block. It just that more and more hardware is being thrown at it, but it can't collapse because it becomes unfeasible to mine a block. If the price were to drop, it might become financially unsustainable though.

      OP here. I like this response, though I think we're saying the same thing.

      To validate a piece of the block-chain there are required computations (mining). Successful completion of those computations results in being rewarded with bitcoin and there is an associated electricity cost to completing those computations. When the cost of electricity exceeds the reward the equation is turned upside down and it becomes unfeasible. Though I suppose one could counter with the argument that the 'value' of bit-coin will simply rise to meet the mounting value. I suppose there's an analogy to be drawn with regard to BTC de/inflation.

      Moving forward, I see that miners have leveraged increasingly higher levels of sophistication as evidenced by the migration of mining technology from CPU, to GPU, to FPGA, to ASIC's build on trailing edge processes (65nm), and now with ASIC's on leading edge processes (14nm). Miners can no longer scale their operation at an exponential rate by migrating to a smaller process. Yes, they could always scale with more mining equipment, but that doesn't yield dividends with regards to electricity consumption per BTC mined.

      Barring illegal methods (botnets, stealing electricity, etc), I'm not sure how this can scale much further. That was my point in the original post. Maybe I'm missing something though.

    4. Re:Ponzi Scheme?? by Anonymous Coward · · Score: 0

      lol, you don't even know how bitcoin works so I don't see how you can resonably claim it's a ponzi scheme.

    5. Re: Ponzi Scheme?? by Violet+Null · · Score: 1

      Bitcoin transactions need to be "confirmed" by miners to be put into the blockchain and made official. In order to incentivize miners to do this, the Bitcoin protocol supports a transaction fee in the transaction that goes to the miner who confirms it.

      Currently, the floor fee most miners will use is 220 satoshis per byte, or 49,720 satoshis for the median transaction size (https://bitcoinfees.21.co/). That's about $0.66.

      If the reward of mining bitcoins drops below the cost of the electricity to do so, it would be balanced by an increase in the transaction fee. Theoretically, the reward of mining bitcoins could drop to zero and transaction fees could still make it profitable by confirming transactions.

      More info: https://en.bitcoin.it/wiki/Transaction_fees

    6. Re: Ponzi Scheme?? by Anonymous Coward · · Score: 0

      Why do dipshits feel the need to explain why they're posting AC? Do you think we really care?

    7. Re: Ponzi Scheme?? by Anonymous Coward · · Score: 0

      lol, you are confused. if it is not worth it to mine bitcoin, miners will drop off and so the difficulty. everything then wroks as usual. it is a dynamic system and can work with just couple of miners mining.

    8. Re:Ponzi Scheme?? by TeknoHog · · Score: 1

      I've always considered Bitcoin to be something of a Ponzi scheme

      As opposed to the Ponzi schemes called USD, EUR and the like? Please, before you criticize an alternative to old systems, try learning something about the old ones first. You might find there was something wrong with the old scheme, and hence new alternatives were proposed.

      I wonder what will happen when the computational power required to feasibly mine bitcoin exceeds the limitations of what cutting edge semiconductor processes can deliver.

      Next, try learning something about Bitcoin itself. Basically, what matters to your income and influence on the network is your _proportion_ of the total computing power of the network. There's no absolute requirement to worry about.

      --
      Escher was the first MC and Giger invented the HR department.
  18. Ssh by mentil · · Score: 1

    if such command would ever be sent, it could potentially brick the customer's device for good.

    Ssh, noone tell BrickerBot.

    --
    Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
  19. Re:It's about control of the majority of the swarm by rkordmaa · · Score: 1

    You don't get much of a control, you just get to brick 70% of the computation power, lots of unhappy customers to that company, but overall no significant impact to the bitcoin system itself. Block generation will happen at 30% speed until difficulty adjustment kicks in, that's about all that happens.

  20. So, I can mine for a while, on my graphics cards? by Anonymous Coward · · Score: 0

    Please trash the ASICs. Please trash them so hard that investors tack on a 2x to 10x risk modifier when considering the cost of replacing ASICs with more ASICs.

    Now, if these were GPUs being trashed, that would be a true tragedy.

  21. False conclusion by Anonymous Coward · · Score: 1

    shutting down mining equipment from a particular vendor will not stop bitcoin mining. even if it is as much as 99% of hardware miners. in fact, it will have no effect on the bitcoin network block generation or transaction speed. all it means is that the remaining miners will have easier job to do and will earn more reward coins.

  22. The control is messing with the hash rate. by Anonymous Coward · · Score: 0

    It's about the hash rate.

    It's about 'buying low, selling high' and that is one way how you do it.

    Dismiss this nuance arrogantly and foolishly.

  23. It's a nuke by Anonymous Coward · · Score: 1

    For those who are not familiar with what is currently going on in Bitcoin, there is a scaling debate, some call it a scaling war, which may result in a chain split. If a split happens, the chain with more hashing power will prevail. Say, you are mining on chain A and your competing chain is chain B. If you are able to disrupt chain B for several hours, maybe several days you may use your hashing advantage to mine empty blocks on the competing chain B. You want to keep these blocks secret. Once chain B regains its hashing power, you will have a crushing lead in regard to valid blocks. So, when chain B mines 1 block normally, you simply publish 2 blocks of your secret stash, empty blocks, mind you. Chain B will then abaondon their normal block and continue mining on your normal block. You can repeat this until your stash is empty, whlie continuing mining more empty blocks on chain B. This strategy serves as a multiplier of disruption time for chain B. What will happen while chain B is basically worthless (no/empty blocks!)? Price of that chain B's coins will drop significantly, which means that honest miners on chain B will receive less money in block reward, which will make them switch over to your own chain A, crippling chain B's hashing power even more. Shortly after, chain B is completely worthless.

    This bakdoor is a nuclear weapon for the scaling war. I find it hard to believe that someone left a nuke lying around, accidentally.

    1. Re:It's a nuke by Anonymous Coward · · Score: 0

      I find it hard to believe that someone left a nuke lying around, accidentally.

      Why so hard to believe?

      Both the US and Russian militaries have done that with real nukes.

    2. Re:It's a nuke by Anonymous Coward · · Score: 0

      I agree with this assessment.

      Wow.

    3. Re:It's a nuke by Anonymous Coward · · Score: 0

      Not in their enemy's back yard...

  24. Re:It's about control of the majority of the swarm by avandesande · · Score: 1

    True, but there is lots of motive there to abuse this. If you were able to do it your non-affected hardware will suddenly be much more valuable. Or perhaps could be part of a 50% attack.

    --
    love is just extroverted narcissism
  25. Alarmist by Anonymous Coward · · Score: 0

    As if this particular brand of mining equipment was the only one capable of validating bitcoin transactions. The loss of it would hardly cripple the bitcoin ecosystem.

  26. Re: It's about control of the majority of the swar by Anonymous Coward · · Score: 0

    I love a little self righteous butthurt in the morning.

  27. Naive, dangerous, and arrogant thinking. by Anonymous Coward · · Score: 0

    Previous parent is a perfect example of naive and dangerous thinking.

    Foolish.

  28. All The Shits I Give by Anonymous Coward · · Score: 0

    0. I give 0 shits about this.

    I don't "get" Bitcoin or any of the new cryptocurrencies. I darkly suspect that blockchain is a wildly overhyped technology solution for a very few use-cases, that is being sold to the masses. Currency mining seems to me more like looking under your sofa cushions for loose change than a viable business.

    Thus when any problem is reported in this area of finance and IT, I give 0 shits about it.

  29. Just use one-bit errors to your advantage! by Anonymous Coward · · Score: 0

    Forget the default target domain. When equipment heats up like bitcoin miners will certainly do, you'll get a not insignificant increase in one-bit errors. So exploit them this way instead:

    https://www.youtube.com/watch?v=9Sgaq6OYLX8

    Problem solved.

  30. Proper use of an apostrophe by Binkleyz · · Score: 1

    Hijack's what?

    1. Re:Proper use of an apostrophe by Anonymous Coward · · Score: 0

      Hijack's the domain.

      Duh!