The bitcoin community is abuzz with news that Bitmain bitcoin miners allow for remote code execution which can shut-down 70% of the hashrate. We asked Jihan Wu for comments, specifically whether it’s true “it could allow Bitmain to shut down 70% of the hashrate.” His reply: “it’s true.”
In a public statement, Bitmain said:
“We need to clarify the intention of having this feature. We planned to add this feature to the code to empower customers to control their miners which often times can be hosted outside their premises. This was after more than one incident of miners being stolen from a mining farm or being hijacked by the operator of the mining farm.
This feature was intended to allow the owners of Antminer to remotely shut down their miners that may have been stolen or hijacked by their hosting service provider, and to also provide law enforcement agencies with more tracking information in such cases. We never intended to use this feature on any Antminer without authorization from its owner. This is similar to the remote erase or shutdown feature provided by most famous smartphone manufacturers.”
Jihan Wu told CCN (in the unedited quote below to avoid any potential unintentional misrepresentation or miscommunication):
“IT is a bug that we have leave a incomplete feature in the code base. It is supposed to be a feature to help our customers to track their mining rigs when they host rigs in some service providers with uncertainty. The feature development was incomplete due to some technical problems, but sadly the code is still there. The testing server has been shuttled down long time ago. We would suggest our users to upgrade to new firmware, or simply block the DNS of auth.minerlink.com.”
Jihan Wu apologized, further stating the bug has been addressed in the new release:
“We apologize for this bug and it has already been fixed in the new release.”
Image from Shutterstock.