JackTheMimic's avatar
JackTheMimic 4 months ago
Outside of the inflooenser yada yada. Are we saying that the Read-only containers that AWS hosts DOESN'T scan for malware? Because that would be a very big attack surface for them. If so, would not the contiguous bytes of a malware file not fit the fingerprint of the fuzzy hash digest they would check against? Meaning rightly or wrongly, they would assume the transaction being verified is a malware executable and kill the VM? Is that truly not an attack vector? I kind of don't even understand how that's not within the realm of possibility. Again I AM NOT SAYING THE MALWARE IS EXECUTABLE. Just that the fingerprint could read as such to the hypervisor watchdog.
↑ Parent

Replies (22)

JackTheMimic's avatar
JackTheMimic 4 months ago
Because 29% of BTC nodes are hosted on AWS. This signature detection would kill the VMs running Core on those servers. Meaning 29% of the network suddenly goes offline.
4 replies ↓
JackTheMimic's avatar
JackTheMimic 4 months ago
And my point was that it IS relevant to the point I was making. Which again, is not "malware activating due to blocks having packages embedded in them" My point is if you want to shut the airport down you don't hide the gun, you wave it around so everyone can see.
1 replies ↓
JackTheMimic's avatar
JackTheMimic 4 months ago
Absolutely. But there's ownership risk then there's intentional disruption. I mean if someone found an exploit to target node runners through their specific ISP *cough* Shinobi *cough* that would also be bad and tough to mitigate.
JackTheMimic's avatar
JackTheMimic 4 months ago
I am not talking existential. I am talking adoption progress.
JackTheMimic's avatar
JackTheMimic 4 months ago
For exchanges that use them for feerate, for economic nodes for transaction broadcast utility, for miners for gossip relay, kind of a lot of things.
JackTheMimic's avatar
JackTheMimic 4 months ago
It absolutely does. I have pulled their docs many times to show their guard dog service kills VMs if malware is signature identified. I feel like you may be thinking first order effects and not secondary and terceary effects. I swear I am not as dumb as I look, and I don't take Luke, Mechanic, Murch, Antoine, Voskiul, or any other dev or talking head at face value. I take what they say and check it for validity.
1 replies ↓
average_bitcoiner's avatar
average_bitcoiner average@primal.net 4 months ago
GuardDuty Malware Protection for S3 - Amazon GuardDuty
Learn how to use GuardDuty Malware Protection for S3 to detect if a newly uploaded file to your selected Amazon Simple Storage Service (Amazon S3) ...
 These docs? And we've gone over the whackamole with malware signatures. My previous company worked the red team for DoD. I promise you don't understand the cloud like you think you might. I also welcome all AWS bitcoin nodes failing. My sats remain safe.
1 replies ↓