Topic: ASIC botnet: The new threat? - page 2. (Read 4241 times)
Anybody that spent that much money on their ASICs is going to be watching the returns (the money flowing in). If they notice an anomaly, they will know something is wrong.
Was there ever FPGA botnet?
The target is likely too limited and diverse for a botnet attack. There will be relatively few people out there using ASICS and of those that do they will likely be using many different types of OS/distributions. Unless you have zero days for everything it's going to be unlikely to get anything on a mass scale.
Additionally, how many people will actually have their ASICS hooked up to a desktop machine? Personally, I will have mine hooked up to minimal boxes with some minimal version of linux where every service will be turned off except the mining client and sshd on a non-standard port so I can access it locally on my network.
Luckily, ASICS will boost the difficulty up high enough so that having a botnet that mines off cpu/gpu as they do now will possibly pay less than the effort is worth.
Additionally, how many people will actually have their ASICS hooked up to a desktop machine? Personally, I will have mine hooked up to minimal boxes with some minimal version of linux where every service will be turned off except the mining client and sshd on a non-standard port so I can access it locally on my network.
Luckily, ASICS will boost the difficulty up high enough so that having a botnet that mines off cpu/gpu as they do now will possibly pay less than the effort is worth.
if you're the botter and you're smart you're gonna tell the bot to
mine cpu
and if gpu exists, mine gpu
and if asic exists, mine asic
in effect turning it into a cpu/gpu/asic botnet, or short
"botnet"
mine cpu
and if gpu exists, mine gpu
and if asic exists, mine asic
in effect turning it into a cpu/gpu/asic botnet, or short
"botnet"
0 day of what? Some flaw in the ASIC miners code? Or a flaw in the host machine? These are not typically the leads to botnets anyway.
Here's the thing, what are botnets used for? They are used for DDoS, and spam-mail traditionally. Why? Because every computer that is on the internet, has access to the internet. Traditionally low-hanging fruit is picked from this bunch, such that easy vulnerabilities that have remained unpatched for long periods of time allow for continuous usage of the targets.
So let's look at this: Every computer on the net has an internet connection, only a fraction are part of botnets.
Every computer has a GPU, only a fraction are "botnettable", only some portion of these GPUs could be used for effective mining, and it's a high-risk venture that would likely lose the machine, and thus is less profitable than other botnet ventures. This is likely why we've not seen any evidence of a GPU mining botnet on bitcoin.
An extremely tiny fraction of computers will have ASICs connected to them, of these some fraction will be botnettable at some point, and most use of this botnet will result in the botnet being broken up in very short time-scale. The difficulty will both be in even locating computers with ASICs, let alone exploiting them, let alone exploiting them effectively.
Is it impossible? I will go ahead and say it is not, just so I don't have egg on my face at some point. But will it happen? I will again say no, it is too difficult, with too little reward.
The only scenario I could really foresee would be some disruption hacktivist, who manages some malicious code that can collect the IPs of the vastly reduced mining world, and utilizing some "zero-day attack" disrupts the block chain, either taking control, forking it, or generally fouling it up. This would likely be as easily or more easily accomplished by finding the IPs and DDoS'ing the heaviest ASIC miners connections though.
Always ask yourself for the motivation behind actions, they are very important.
So in summary, It's possible, but unlikely, unless.....
.....Ok then, my hypothesis is simple:
One day ASIC will be quiet affordable and user-friendly. (any objections?)
Normal people will continue doing unsafe computer actions. (any objections?)
More knowledgeable individuals will simply own those machines. (any objections?)
Thus we have ASIC botnet. (May not be worth it for YOU)
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.
Ya. Currently.
How bout a 0 day attack?
0 day of what? Some flaw in the ASIC miners code? Or a flaw in the host machine? These are not typically the leads to botnets anyway.
Here's the thing, what are botnets used for? They are used for DDoS, and spam-mail traditionally. Why? Because every computer that is on the internet, has access to the internet. Traditionally low-hanging fruit is picked from this bunch, such that easy vulnerabilities that have remained unpatched for long periods of time allow for continuous usage of the targets.
So let's look at this: Every computer on the net has an internet connection, only a fraction are part of botnets.
Every computer has a GPU, only a fraction are "botnettable", only some portion of these GPUs could be used for effective mining, and it's a high-risk venture that would likely lose the machine, and thus is less profitable than other botnet ventures. This is likely why we've not seen any evidence of a GPU mining botnet on bitcoin.
An extremely tiny fraction of computers will have ASICs connected to them, of these some fraction will be botnettable at some point, and most use of this botnet will result in the botnet being broken up in very short time-scale. The difficulty will both be in even locating computers with ASICs, let alone exploiting them, let alone exploiting them effectively.
Is it impossible? I will go ahead and say it is not, just so I don't have egg on my face at some point. But will it happen? I will again say no, it is too difficult, with too little reward.
The only scenario I could really foresee would be some disruption hacktivist, who manages some malicious code that can collect the IPs of the vastly reduced mining world, and utilizing some "zero-day attack" disrupts the block chain, either taking control, forking it, or generally fouling it up. This would likely be as easily or more easily accomplished by finding the IPs and DDoS'ing the heaviest ASIC miners connections though.
Always ask yourself for the motivation behind actions, they are very important.
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.
Ya. Currently.
How bout a 0 day attack?
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.
Ya. Currently.
How bout a 0 day attack?
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.
If not, then it's possible to own a machine with ASIC already attached.
Absolutely. I'm not saying that taking over the device isn't possible, I'm saying that keeping it undetected would be difficult. My guess is that ASIC devices won't be customized to go slower, such as having a Jalapeno go 3GH/s instead of 4.5GH/s just be tweaking it (though someone tell me if they have proof otherwise).
That said, if you've got one Single and suddenly it's not mining for your own account anymore, something tells me you might venture a look at what's going on.
.... won't be possible since A) the devices will never be idled and B) any variation in hashing rate will immediately draw my attention.
It's one thing to have a GPU in your system for multiple purposes that can be utilized without the owners consent...but to utilize a standalone device (outside your computer) that only does one thing without the owner's knowledge? Not very likely...
It's one thing to have a GPU in your system for multiple purposes that can be utilized without the owners consent...but to utilize a standalone device (outside your computer) that only does one thing without the owner's knowledge? Not very likely...
Will ASIC have it's own OS?
If not, then it's possible to own a machine with ASIC already attached.
This argument is mildly pointless.
An ASIC botnet? Bitcoin ASICs can be used for nothing but mining, subverting a machine used for one purpose will be quickly detected and rectified. It's not like a computer which can and will be left on for long periods of time, while idle.
You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".
An ASIC botnet? Bitcoin ASICs can be used for nothing but mining, subverting a machine used for one purpose will be quickly detected and rectified. It's not like a computer which can and will be left on for long periods of time, while idle.
You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".
Precisely on point. The equipment purchased for my fund is something that will be monitored 24/7 to ensure overall stable revenue (after accounting for difficulty, etc). And ....
You're assuming regular folks won't one day be able to buy ASIC just as any plug-n-play devices at a reasonable price.
Shouldn't be too hard to code something to run only when idled or use x amount of resources.
Shouldn't be too hard to code something to run only when idled or use x amount of resources.
.... won't be possible since A) the devices will never be idled and B) any variation in hashing rate will immediately draw my attention.
It's one thing to have a GPU in your system for multiple purposes that can be utilized without the owners consent...but to utilize a standalone device (outside your computer) that only does one thing without the owner's knowledge? Not very likely...
Time to stop feeding the troll guys.
You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".
You're assuming regular folks won't one day be able to buy ASIC just as any plug-n-play devices at a reasonable price.
Shouldn't be too hard to code something to run only when idled or use x amount of resources.
Those hashing powers are probably enough to create something we've never seen before in terms of how far some people will go.
This argument is mildly pointless.
An ASIC botnet? Bitcoin ASICs can be used for nothing but mining, subverting a machine used for one purpose will be quickly detected and rectified. It's not like a computer which can and will be left on for long periods of time, while idle.
You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".
An ASIC botnet? Bitcoin ASICs can be used for nothing but mining, subverting a machine used for one purpose will be quickly detected and rectified. It's not like a computer which can and will be left on for long periods of time, while idle.
You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
too complex for me, me to stupid can't understand -> UNBREAKABLE!!!your logic is failing.
i might not comprehend english grammar, but i seem to comprehend a bit more stuff then you do.
Quote
Which brings me to my question, are you kano? He is an idiot and has the same avatar. Spells the same way. I can only imagine it's you.
so every person you don't like, is teh same one? your logic is failing, dude. your logic is failing. 
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
Of course, if you have a proof-of-concept way to hack Linux, please provide it to #linux on irc.freenode.net.
http://goo.gl/6ZByg Of course, if you have a proof-of-concept way to hack Linux, please provide it to #linux on irc.freenode.net.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
too complex for me, me to stupid can't understand -> UNBREAKABLE!!!your logic is failing.
Which brings me to my question, are you kano? He is an idiot and has the same avatar. Spells the same way. I can only imagine it's you.
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
too complex for me, me to stupid can't understand -> UNBREAKABLE!!!your logic is failing.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
Of course, if you have a proof-of-concept way to hack Linux, please provide it to #linux on irc.freenode.net.
Of course, if you have a proof-of-concept way to hack Linux, please provide it to #linux on irc.freenode.net.
Jump to: