link3087 link3088 link3089 link3090 link3091 link3092 link3093 link3094 link3095 link3096 link3097 link3098 link3099 link3100 link3101 link3102 link3103 link3104 link3105 link3106 link3107 link3108 link3109 link3110 link3111 link3112 link3113 link3114 link3115 link3116 link3117 link3118 link3119 link3120 link3121 link3122 link3123 link3124 link3125 link3126 link3127 link3128 link3129 link3130 link3131 link3132 link3133 link3134 link3135 link3136 link3137 link3138 link3139 link3140 link3141 link3142 link3143 link3144 link3145 link3146 link3147 link3148 link3149 link3150 link3151 link3152 link3153 link3154 link3155 link3156 link3157 link3158 link3159 link3160 link3161 link3162 link3163 link3164 link3165 link3166 link3167 link3168 link3169 link3170 link3171 link3172 link3173 link3174 link3175 link3176 link3177 link3178 link3179 link3180 link3181 link3182 link3183 link3184 link3185 link3186 link3187 link3188 link3189 link3190 link3191 link3192 link3193 link3194 link3195 link3196 link3197 link3198 link3199 link3200 link3201 link3202 link3203 link3204 link3205 link3206 link3207 link3208 link3209 link3210 link3211 link3212 link3213 link3214 link3215 link3216 link3217 link3218 link3219 link3220 link3221 link3222 link3223 link3224 link3225 link3226 link3227 link3228 link3229 link3230 link3231 link3232 link3233

Antbleed: Bitcoin’s Newest New Controversy Explained

Antbleed:
Bitcoin's Newest New
Controversy Explained

A mining chip vulnerability

that could potentially be used to remotely shut off bitcoin mining machines was revealed yesterday — with a fix from the manufacturer following shortly after. Involving controversial mining chip manufacturer Bitmain, the issue is what some are calling a "backdoor" in the code that controls its hardware, offering the company a way to remotely shut off the miners. Since the code, released anonymously last evening, is vulnerable to attackers, the main concern is whether, in a worst-case scenario, it could be misused.

The fear is that bad actors could exploit the vulnerability to switch off bitcoin mining equipment in bulk, and with Bitmain supplying such a large number of machines to the market, the impact could have catastrophic implications for the bitcoin ecosystem. Known as Antbleed (a title bestowed by the website that dramatized its release), the vulnerability is open-source, making it easy to verify. Leading up to the reveal, a group was told about the code feature, with some developers, such as Satoshi Labs CEO Marek Palatinus independently verifying that the backdoor exists and that it can be used to stop Bitmain miners on trigger.

Bitmain quickly responded with a fix that erases this part of its mining firmware. Further, its team claimed that the feature was never finished and that it was intended to help customers recover stolen miners, a past problem for industry firms.

The statement reads:

"We never intended to use this feature on any Antminer without authorization from its owner. This is similar to the remote erase or shutdown feature provided by most famous smartphone manufacturers."

Much of the recent buzz in the community is around whether the so-described "backdoor" could have been used for malicious purposes, for example, to shut off a miner if it wasn’t complying with rules set by Bitmain.

Adding to the confusion is that bitcoin developments have been highly politicized lately, with Bitmain often sitting at the center of bitcoin’s long-standing scaling debate, opposing proposals authored by members of the Bitcoin Core community. For example, the vulnerability reveal follows allegations that the manufacturer was using a secret mining advantage to boost its profits.

In conversation with CoinDesk, Bitcoin Unlimited chief scientist Peter Rizun might have summed up the issue and surrounding atmosphere the best:

"The drama in social media today surrounds the question of whether there exists a security hole that would allow this remote-control feature to be exploited for nefarious purposes."

Code details

Still, it seems that there are other reasons to be concerned about the backdoor. Since it can be exploited by bad actors from outside the company, the mining chips are now viewed as a security risk to the network. Everyone to 11 minutes, according to the open-source patch introduced on July 12th, 2016, the machines send calls back to a Bitmain server.

The idea is that the mining manufacturer can scan for identifying information about the mining chip, including its serial number and IP address. But, arguably the biggest concern is that the code isn't limited to use by certain people or companies, so it can be exploited by any man-in-the-middle or attacks coming from the same DNS server. "Even without Bitmain being malicious, the API is unauthenticated and would allow any MITM, DNS or domain hijack to shut down Antminers globally," the Antbleed website reads, further outlining concerns about the potential for technical or political misuse.

Vulnerability or 'malicious' backdoor?

Whether or not it was intended to be malicious seems to make up the bulk of the surrounding debate, and so far, it seems that sentiment has broken along the lines of the scaling debate. Still, some broke away from so-called party lines. "This was reckless of them to leave the unfinished feature in the code since this represents a major security issue," said Henry Brade, CEO of bitcoin service provider Prasos, a past defender of Bitcoin Core’s scaling proposals.

"However, based on the statement it is not accurate to call 'Antbleed' malicious in nature. It's simply a serious security issue."

F2pool operator Wang Chun further noted that he isn’t particularly worried about miners within his pool falling victim to manipulation by Bitmain. He noted, in conversation with CoinDesk, that it doesn’t seem like the company ever used it to shut down miners. "They have been able to do that for a long time, but they didn't," he said. Guy Corem, former CEO of Israeli mining chip maker Spondoolies-Tech, chalked up the controversy to "incompetence” and "negligence", rather than malicious intent.

"It make sense they wanted to develop such feature and it also make sense they didn't complete it and abandon it," he added. Further, he cited Spondoolies-Tech’s own past issues with stolen mining equipment. Still, some in the community are skeptical of Bitmain’s response. "Denial of many people is unbelievable. 'Antbleed' is not bug or mistake. The purpose of the code is clear; shut down miner on remote flag," Palatinus tweeted.

Public info?

Others have raised concerns about this vulnerability being made public since outsiders can then take advantage of the attack vector. Bitcoin Core contributor Matt Corallo argued that owners of these bitcoin miners needed to know about the potential vulnerability in order to fix it. "The issue is, it's already integrated in a ton of deployed hardware," he said, adding:

"It was reported to Bitmain via that bug report months ago, and their customers need to know to protect their operations from potential [man-in-the-middle attacks]."

The issue was first reported to Bitmain on Github in September 2016. One question is how prevalent the practice is in bitcoin. Secret backdoors seem to be par for the course in the technology world, often drawing security-minded critics as they're uncovered. Do other hardware manufacturers have the same vulnerability? Two mining manufacturers, at least, claim that they don’t.

"Our hardware doesn't [have] such issues, we [don’t] offer remote updates for firmware — it's the customer's decision update them or not,” said blockchain startup Bitfury Group CIO Alex Petrov. "My miner has no ASICBoost or backdoor," Jack Liao, CEO of mining LightningAsic, told CoinDesk. Along with the details about the backdoor, those who detected it released a patch that closes it up with a single line of code.

Mining centralization

Still, there are lingering worries that the vulnerability betrays a weakness in the bitcoin network — namely, it's lack of mining chip makers. No clear data is available about how many miners are running this software, but Bitmain is one the largest chip manufacturers in the space, with bolder estimates suggesting it produces 70% of all mining chips. That the backdoor could be used to impact any of those chips is unsurprisingly alarming to advocates that the network be "decentralized" and open to competition that enables different actors to engage it.

For now, the impact seems to be that Bitmain will take action to look at the rest of its codebase in order to spot other vulnerabilities. "The controversy around this code has brought our attention to improve the design in order to address vulnerabilities that were pointed out by the community recently," its statement reads. Still, others are lamenting the state of the drama and conversation around the issue, noting how quickly it became politicized.

Rizun concluded:

"All-in-all just another day in bitcoin."

Chuck Reynolds
Contributor

Alan Zibluk Markethive Founding Member