Bitmain, which manufactures the popular Antminer series of mining rigs, has released a new firmware update that patches a critical vulnerability. But not everyone is happy: One crypto developer claims that another bug exists, and he is leveraging Bitmain’s licensing practices as a negotiation tactic.
No Source Code, No Disclosure
James Hilliard, who discovered the unpatched bug, is refusing to disclose the additional vulnerability until Bitmain complies with the GPL software license. Bitmain’s firmware is currently closed source, but since it is built on GPL-licensed open source software, Bitmain is technically required to open source its firmware as well.
Bitmain, for its part, has acknowledged that the open source community discovered a vulnerability in its firmware, but the update doesn’t indicate that Bitmain has any immediate plans to make its firmware open source. Bitmain does, however, throw the community a bone: It claims that it has created a “special team” to pursue compliance with open source code.
It is not…