Author

Topic: Risk assesment of hardware-based exploits on the network (Read 210 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Nvidia refused to do what they asked, so I think we can expect to see cheap asian knock-offs soon, that are going to be much cheaper than original Nvidia.

But limited for 1 GPU generation, unless the company have talent to improve Nvidia hardware, firmware and driver.

RISC-V AI Chips are open source but they are working with Intel on some projects, so you know how the money flow goes Wink

I didn't know about it. Even so, AFAIK RISC-V is the only open source CPU that i know.
legendary
Activity: 2212
Merit: 7064
Unfortunately today processor is dominated by Intel, AMD and ARM, so there's nothing much regular user could do. While open source alternative such as RISC-V exist, it's not very competitive in terms of price and performance. The only good news is Bitcoin Core already support RISC-V architecture and few linux distro have guide to run itself on RISC-V.
Nvidia was recently hacked and it was interesting to hear request from hackers.
They asked Nvidia to release their code and everything else with FOSS license for all operating systems Linux, Mac and WiNd0ws, or they will release all schematics, blueprints, code, etc in public.
Nvidia refused to do what they asked, so I think we can expect to see cheap asian knock-offs soon, that are going to be much cheaper than original Nvidia.
RISC-V AI Chips are open source but they are working with Intel on some projects, so you know how the money flow goes Wink
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
Is there a way to get a list of which hardware is being used for nodes on the network and sort it on a list? I assume many people take extra steps to not leak this data so probably we can't get a good idea of what hardware is sustaining the network.
The IP addresses of nodes are more or less public. It may be possible to get some idea as to what kind of hardware is associated with a particular IP address by sending a particular request and seeing how the computer responds.

Quote
Once a big enough % is running under such hardware they would attack it
Probably not very high on the threat model to bitcoin. Nodes are not run in a vacuum. There are many security experts that monitor the bitcoin network, and they could warn bitcoin users if there is some kind of attack against bitcoin nodes.

Further, a node going offline does not necessarily harm the network. If a single node goes offline, it means the person who owns that node cannot use that node to validate transactions, but everyone else can continue to use their own node to validate transactions.
legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
Is there a way to get a list of which hardware is being used for nodes on the network and sort it on a list? I assume many people take extra steps to not leak this data so probably we can't get a good idea of what hardware is sustaining the network.

An exact list will be hard to come by, but I would assume that a good portion of current nodes is run on "standardized" setups like Umbrel or RaspiBlitz, especially given the recent influx of Lightning Network nodes. A subset of those folks will likely keep some of the standard settings around that come with the ready-made OS Image, at least when they first get started with running their node (e.g. Time Lock Delta, Min HTLC, fees on freshly opened channels...). Based on that you might at least make an educated guess on some of the nodes that are running the network. I doubt those numbers would be accurate enough to be meaningful though.
sr. member
Activity: 317
Merit: 448
Is there a way to get a list of which hardware is being used for nodes on the network and sort it on a list? I assume many people take extra steps to not leak this data so probably we can't get a good idea of what hardware is sustaining the network.

Exact hardware (CPU brand, CPU type, etc.)? I doubt it. But we do know some Bitcoin nodes run on VPS. It's indicated by Bitcoin node IP which is in IP range of certain VPS provider. Those VPS provider usually state their hardware specification, so you could get minimum number of node which use modern Intel/AMD CPU.

Yeah going by VPS it's not a good view. That's pretty much all compromised. Intel ME can achieve remote control via BMC/IPMI present on server chips. And I forgot to mention Raspberry Pi which a lot of people seem to use to run nodes also require propietary blobs to even start. From fsf website:

Quote
Boards based on the Broadcom VideoCore 4 family, such as the Raspberry Pi, require non-free software to startup, although signature checks are not enforced. A free proof-of-concept replacement firmware has been developed, but it is not in a usable state, and development has halted. Until the non-free startup program is fully freed, these boards are useless in the free world.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Is there a way to get a list of which hardware is being used for nodes on the network and sort it on a list? I assume many people take extra steps to not leak this data so probably we can't get a good idea of what hardware is sustaining the network.

Exact hardware (CPU brand, CPU type, etc.)? I doubt it. But we do know some Bitcoin nodes run on VPS. It's indicated by Bitcoin node IP which is in IP range of certain VPS provider. Those VPS provider usually state their hardware specification, so you could get minimum number of node which use modern Intel/AMD CPU.
sr. member
Activity: 317
Merit: 448
Is there a way to get a list of which hardware is being used for nodes on the network and sort it on a list? I assume many people take extra steps to not leak this data so probably we can't get a good idea of what hardware is sustaining the network.

My thesis is that the network could at some point become vulnerable to hardware-based exploits, as old hardware gets replaced by new computers which include exploits such as ME for Intel or PSP for AMD, increasingly more sophisticated and impossible to shut down. A main reason to not increase the blocksize that never got much discussion if any, was that the newer computers introduce these binary blobs which are basically at this point entire operating systems with full access to the machine at pre-BIOS status. In most cases, you can't shut it down except a few exceptions, so without knowing a list of which hardware is supporting the network, statistically probably most computers are compromised. An attacker would want the entire network to run on modern computers so it's all compromised by default, so the ever increasing blocksizes would aim in this direction. Once a big enough % is running under such hardware they would attack it. If folks running nodes aren't aware of this it's ought to happen in the future.
Jump to: