Pages:
Author

Topic: ASIC botnet: The new threat? - page 2. (Read 4256 times)

hero member
Activity: 481
Merit: 500
November 21, 2012, 10:29:44 AM
#30
Anybody that spent that much money on their ASICs is going to be watching the returns (the money flowing in). If they notice an anomaly, they will know something is wrong.
hero member
Activity: 574
Merit: 500
November 20, 2012, 07:23:44 PM
#29
Was there ever FPGA botnet?
sr. member
Activity: 245
Merit: 250
@serp
November 20, 2012, 01:42:47 PM
#28
The target is likely too limited and diverse for a botnet attack.  There will be relatively few people out there using ASICS and of those that do they will likely be using many different types of OS/distributions.  Unless you have zero days for everything it's going to be unlikely to get anything on a mass scale.

Additionally, how many people will actually have their ASICS hooked up to a desktop machine?  Personally, I will have mine hooked up to minimal boxes with some minimal version of linux where every service will be turned off except the mining client and sshd on a non-standard port so I can access it locally on my network.

Luckily, ASICS will boost the difficulty up high enough so that having a botnet that mines off cpu/gpu as they do now will possibly pay less than the effort is worth.
legendary
Activity: 2058
Merit: 1005
this space intentionally left blank
November 20, 2012, 06:03:55 AM
#27
if you're the botter and you're smart you're gonna tell the bot to

mine cpu
and if gpu exists, mine gpu
and if asic exists, mine asic

in effect turning it into a cpu/gpu/asic botnet, or short

"botnet"


full member
Activity: 196
Merit: 100
Another block in the wall
November 20, 2012, 05:27:04 AM
#26

0 day of what? Some flaw in the ASIC miners code? Or a flaw in the host machine? These are not typically the leads to botnets anyway.

Here's the thing, what are botnets used for? They are used for DDoS, and spam-mail traditionally. Why? Because every computer that is on the internet, has access to the internet. Traditionally low-hanging fruit is picked from this bunch, such that easy vulnerabilities that have remained unpatched for long periods of time allow for continuous usage of the targets.

So let's look at this: Every computer on the net has an internet connection, only a fraction are part of botnets.

Every computer has a GPU, only a fraction are "botnettable", only some portion of these GPUs could be used for effective mining, and it's a high-risk venture that would likely lose the machine, and thus is less profitable than other botnet ventures. This is likely why we've not seen any evidence of a GPU mining botnet on bitcoin.

An extremely tiny fraction of computers will have ASICs connected to them, of these some fraction will be botnettable at some point, and most use of this botnet will result in the botnet being broken up in very short time-scale. The difficulty will both be in even locating computers with ASICs, let alone exploiting them, let alone exploiting them effectively.

Is it impossible? I will go ahead and say it is not, just so I don't have egg on my face at some point. But will it happen? I will again say no, it is too difficult, with too little reward.

The only scenario I could really foresee would be some disruption hacktivist, who manages some malicious code that can collect the IPs of the vastly reduced mining world, and utilizing some "zero-day attack" disrupts the block chain, either taking control, forking it, or generally fouling it up. This would likely be as easily or more easily accomplished by finding the IPs and DDoS'ing the heaviest ASIC miners connections though.

Always ask yourself for the motivation behind actions, they are very important.



So in summary, It's possible, but unlikely, unless.....

.....Ok then, my hypothesis is simple:
One day ASIC will be quiet affordable and user-friendly. (any objections?)

Normal people will continue doing unsafe computer actions. (any objections?)

More knowledgeable individuals will simply own those machines. (any objections?)

Thus we have ASIC botnet. (May not be worth it for YOU)







hero member
Activity: 602
Merit: 500
November 19, 2012, 09:00:13 PM
#25
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.

Ya. Currently.

How bout a 0 day attack?

0 day of what? Some flaw in the ASIC miners code? Or a flaw in the host machine? These are not typically the leads to botnets anyway.

Here's the thing, what are botnets used for? They are used for DDoS, and spam-mail traditionally. Why? Because every computer that is on the internet, has access to the internet. Traditionally low-hanging fruit is picked from this bunch, such that easy vulnerabilities that have remained unpatched for long periods of time allow for continuous usage of the targets.

So let's look at this: Every computer on the net has an internet connection, only a fraction are part of botnets.

Every computer has a GPU, only a fraction are "botnettable", only some portion of these GPUs could be used for effective mining, and it's a high-risk venture that would likely lose the machine, and thus is less profitable than other botnet ventures. This is likely why we've not seen any evidence of a GPU mining botnet on bitcoin.

An extremely tiny fraction of computers will have ASICs connected to them, of these some fraction will be botnettable at some point, and most use of this botnet will result in the botnet being broken up in very short time-scale. The difficulty will both be in even locating computers with ASICs, let alone exploiting them, let alone exploiting them effectively.

Is it impossible? I will go ahead and say it is not, just so I don't have egg on my face at some point. But will it happen? I will again say no, it is too difficult, with too little reward.

The only scenario I could really foresee would be some disruption hacktivist, who manages some malicious code that can collect the IPs of the vastly reduced mining world, and utilizing some "zero-day attack" disrupts the block chain, either taking control, forking it, or generally fouling it up. This would likely be as easily or more easily accomplished by finding the IPs and DDoS'ing the heaviest ASIC miners connections though.

Always ask yourself for the motivation behind actions, they are very important.
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
November 19, 2012, 03:35:59 PM
#24
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.

Ya. Currently.

How bout a 0 day attack?
Hmmm. interesting. When it comes to 1337 h@xoring I have learned to never say never.  Smiley
full member
Activity: 196
Merit: 100
Another block in the wall
November 19, 2012, 03:30:19 PM
#23
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.

Ya. Currently.

How bout a 0 day attack?
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
November 19, 2012, 11:26:20 AM
#22
I think these would be hard targets for a botnet. Anyone who owns an ASIC miner would likely know a lot about it and know about the risks.
legendary
Activity: 1064
Merit: 1001
November 19, 2012, 10:43:57 AM
#21
If not, then it's possible to own a machine with ASIC already attached.

Absolutely. I'm not saying that taking over the device isn't possible, I'm saying that keeping it undetected would be difficult. My guess is that ASIC devices won't be customized to go slower, such as having a Jalapeno go 3GH/s instead of 4.5GH/s just be tweaking it (though someone tell me if they have proof otherwise).
That said, if you've got one Single and suddenly it's not mining for your own account anymore, something tells me you might venture a look at what's going on.
full member
Activity: 196
Merit: 100
Another block in the wall
November 19, 2012, 06:44:24 AM
#20
.... won't be possible since A) the devices will never be idled and B) any variation in hashing rate will immediately draw my attention.

It's one thing to have a GPU in your system for multiple purposes that can be utilized without the owners consent...but to utilize a standalone device (outside your computer) that only does one thing without the owner's knowledge? Not very likely...

Will ASIC have it's own OS?

If not, then it's possible to own a machine with ASIC already attached.

legendary
Activity: 1064
Merit: 1001
November 18, 2012, 09:46:38 PM
#19
This argument is mildly pointless.

An ASIC botnet? Bitcoin ASICs can be used for nothing but mining, subverting a machine used for one purpose will be quickly detected and rectified. It's not like a computer which can and will be left on for long periods of time, while idle.

You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".

Precisely on point. The equipment purchased for my fund is something that will be monitored 24/7 to ensure overall stable revenue (after accounting for difficulty, etc). And ....

You're assuming regular folks won't one day be able to buy ASIC just as any plug-n-play devices at a reasonable price.

Shouldn't be too hard to code something to run only when idled or use x amount of resources.

.... won't be possible since A) the devices will never be idled and B) any variation in hashing rate will immediately draw my attention.

It's one thing to have a GPU in your system for multiple purposes that can be utilized without the owners consent...but to utilize a standalone device (outside your computer) that only does one thing without the owner's knowledge? Not very likely...
full member
Activity: 125
Merit: 100
November 18, 2012, 06:08:55 PM
#18
Time to stop feeding the troll guys.
full member
Activity: 196
Merit: 100
Another block in the wall
November 18, 2012, 03:36:08 PM
#17

You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".

You're assuming regular folks won't one day be able to buy ASIC just as any plug-n-play devices at a reasonable price.

Shouldn't be too hard to code something to run only when idled or use x amount of resources.

Those hashing powers are probably enough to create something we've never seen before in terms of how far some people will go.
hero member
Activity: 602
Merit: 500
November 18, 2012, 01:40:02 PM
#16
This argument is mildly pointless.

An ASIC botnet? Bitcoin ASICs can be used for nothing but mining, subverting a machine used for one purpose will be quickly detected and rectified. It's not like a computer which can and will be left on for long periods of time, while idle.

You have your miner up and running, you expect it to give X performance. As soon as it doesn't do that, you check why. This would be a terrible "botnet".
legendary
Activity: 1050
Merit: 1000
You are WRONG!
November 18, 2012, 01:36:48 PM
#15
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
too complex for me, me to stupid can't understand -> UNBREAKABLE!!!

your logic is failing.
You are picking a fight with the wrong person, and I shouldn't be the one to talk about comprehension when you failed to comprehend first grade English grammar.
LOL! U MAD?

i might not comprehend english grammar, but i seem to comprehend a bit more stuff then you do.

Quote
Which brings me to my question, are you kano? He is an idiot and has the same avatar. Spells the same way. I can only imagine it's you.
so every person you don't like, is teh same one? your logic is failing, dude. your logic is failing.
vip
Activity: 756
Merit: 503
November 18, 2012, 01:24:43 PM
#14
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
Of course, if you have a proof-of-concept way to hack Linux, please provide it to #linux on irc.freenode.net.
http://goo.gl/6ZByg
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
November 18, 2012, 01:14:45 PM
#13
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
too complex for me, me to stupid can't understand -> UNBREAKABLE!!!

your logic is failing.
You are picking a fight with the wrong person, and I shouldn't be the one to talk about comprehension when you failed to comprehend first grade English grammar.

Which brings me to my question, are you kano? He is an idiot and has the same avatar. Spells the same way. I can only imagine it's you.
legendary
Activity: 1050
Merit: 1000
You are WRONG!
November 18, 2012, 01:13:13 PM
#12
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
too complex for me, me to stupid can't understand -> UNBREAKABLE!!!

your logic is failing.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
November 18, 2012, 01:11:13 PM
#11
I can't confirm if it's hackable or not, just not that many people bother. With all the su/sudo things that need to be run...I just don't see it happening.
Of course, if you have a proof-of-concept way to hack Linux, please provide it to #linux on irc.freenode.net.
Pages:
Jump to: