Bitmain: Antminer firmware upgrade statement

Recently, the news that the Antminer firmware can remotely terminate the mining of the miner has caused controversy. The code for this function was designed and written by the Antminer firmware team. This firmware has always been open source software and has no malicious intent.
We hereby declare that the original intention of designing this function is for customers who host their mining machines in mining farms. When the mining machines are stolen or detained without permission, miners can use this function to remotely shut down the mining machines, and provide more tracking clues for law enforcement agencies. Just like the remote deletion and remote shutdown functions provided by many smartphone manufacturers, Bitmain will never use this function on its mining machines without the permission of the miners. In more than one incident of mining farm theft or negligence of mining farm staff, this function is particularly important:
In 2014, a mining factory in Shenyang, China, secretly detained 1,000 mining machines from its customers.
In 2015, more than 2,000 mining machines were seized from Georgian mines.
In 2017, a Canadian mining farm detained Bitmain’s mining machines hosted at its mining farm without consent.
However, this feature was never developed. We had this idea when we were producing the S7 miner and planned to release it with the S9 miner. We hoped that this feature would greatly benefit our customers. However, due to technical problems, we were unable to complete the development of this feature and shut down the server used for testing in December 2016. But we made a mistake: we did not delete the code for this unfinished feature. The fierce debate about the future direction of Bitcoin was ongoing, and this vulnerability was pointed out, which caused great misunderstanding in the community. We are deeply sorry.
This vulnerability affects the following products:
Antminer S9
Antminer R4
Antminer T9
Antminer L3
Antminer L3+
This vulnerability may allow MITM (man-in-the-middle attack) and DNS hijacking to take advantage, resulting in security risks for customers. We deeply apologize for this. It should be noted that the existing stratum protocol is also very vulnerable to MITM and DNS attacks. The entire mining community needs to unite to jointly design a new generation of mining protocols to resist potential risks.
We have released the latest open source code through GitHub and added new firmware on the website to fix this vulnerability. We recommend that all miners update this firmware and strongly recommend not to use software from third parties to avoid firmware malfunction or phishing attacks.
Antminer S9 firmware
Antminer T9 firmware
Antminer R4 firmware
Antminer L3 firmware
Antminer L3+ firmware
Source code on GitHub
Open source code for S9, T9 and R4:
https://github.com/bitmaintech/bmminer-mix
Open source code for L3 and L3+:
https://github.com/bitmaintech/setup-A8 It contains:
https://github.com/bitmaintech/ltc_frimware
In addition, we recommend that mine owners who use Antminer modify the DNS resolution configuration file in the miner: /etc/hosts, and resolve the auth.minerlink.com domain name to: 127.0.0.1. The change method is as follows:
Use ssh to login to the miner
Run command: echo “127.0.0.1 auth.minerlink.com” >> /etc/hosts
Run command: sync
We are paying close attention to the problems that may be caused by this vulnerability pointed out by the community, and we will work hard to continuously improve and solve related problems. For this, we sincerely thank the community for pointing out this vulnerability. At the same time, we would like to express our gratitude to the community for its contribution to the open source code of Antminer. We also take this opportunity to express our firm belief in the open source community and our determination to improve the quality of code and the rigor of the testing process.
We will continue to develop this feature to provide effective remote control technology services for miners who host mining machines. We will install a switch for this feature and turn it off by default. Customers can even set their own remote authentication server address. Before the development of this feature is completed, we will not apply the code of the related function to any production mining machine.