News Nvidia RTX LHR Unlocker Is Malware: From Hack to Hoax

[kal326]

I’m pretty sure decades ago the Register UK had a bit called Salmon Days about the IT work place. One of the lines in it was “If it sounds too good to be true, it’s probably a virus”

 

[digitalgriffin]

Not possible without new hardware variants since miners can just use older drivers without the additional crippled algorithms indefinitely.

Yes and no. If you are a home miner, you have to update because I can almost guarantee you'll need updates for AAA games. Thus it becomes a game of cat and mouse. But in all honesty, I don't believe NVIDIA cares enough to truly stop them.

There are ways to "force" LHR card owners to update their system. But I'm not going to discuss them lest I give some ideas away.

Any way, a few of us called it yesterday that this is likely a virus if it's "not open source and can be compiled locally."

 

[InvalidError]

Yes and no. If you are a home miner, you have to update because I can almost guarantee you'll need updates for AAA games.

LHR was allegedly deployed to make "homie GPUs" less appealing to crypto-miners - the sort running warehouses with thousands of cards and may never play any game in their working life. Crypto miners are perfectly fine running whatever old drivers will run the GPUs with whatever mining software they use fine.

 

[digitalgriffin]

LHR was allegedly deployed to make "homie GPUs" less appealing to crypto-miners - the sort running warehouses with thousands of cards and may never play any game in their working life. Crypto miners are perfectly fine running whatever old drivers will run the GPUs with whatever mining software they use fine.

I understand mining farms have their own driver engineers. But if NVIDIA did their job properly, there is nothing the mining engineers could have done to bypass protections because protection would have been built into firmware security. It just goes to show NVIDIA really didn't care.

 

[spongiemaster]

I understand mining farms have their own driver engineers. But if NVIDIA did their job properly, there is nothing the mining engineers could have done to bypass protections because protection would have been built into firmware security. It just goes to show NVIDIA really didn't care.

As far as anyone outside of the crypto industry knows, Nvidia's LHR still hasn't been completely defeated. Outside of mining multiple coins at once, the closest they have gotten is around 70%. For someone that didn't care, Nvidia seems to have done OK here.

 

[russell_john]

Hacking Nvidia's LHR mining performance limiter? Hack you, say hackers. The supposed unlocker turns out to be infested by malware.

Nvidia RTX LHR Unlocker Is Malware: From Hack to Hoax : Read more

Frankly I wouldn't be the least bit surprised is this was a Russian GRU sponsored operation. I expect to see more and more of this in the coming weeks as Russia gets cut off from the regulated banking world and will have to go to the unregulated Crypto Markets and skim off as much cash as they can get their hands on. No FDIC to protect your Cypto Wallets after they are drained of funds .....

 

[russell_john]

I understand mining farms have their own driver engineers. But if NVIDIA did their job properly, there is nothing the mining engineers could have done to bypass protections because protection would have been built into firmware security. It just goes to show NVIDIA really didn't care.

They could always flash new firmware so firmware is a non-starter too ..... It would have to be some sort of hardware lock built into the GPU die itself. Why would Nvidia spend a bunch of money redesigning their ICs when there really isn't anything in it for them but a loss in revenue? Would you work extra hours for your boss for free?

 

[TJ Hooker]

They could always flash new firmware so firmware is a non-starter too ..... It would have to be some sort of hardware lock built into the GPU die itself. Why would Nvidia spend a bunch of money redesigning their ICs when there really isn't anything in it for them but a loss in revenue? Would you work extra hours for your boss for free?

The "hardware lock" you refer to is already in place, has been since 10 series IIRC. Nvidia cards don't let you flash firmware unless it has a valid signature, so you can only flash FW that comes Nvidia/AIBs.

 

[digitalgriffin]

They could always flash new firmware so firmware is a non-starter too ..... It would have to be some sort of hardware lock built into the GPU die itself. Why would Nvidia spend a bunch of money redesigning their ICs when there really isn't anything in it for them but a loss in revenue? Would you work extra hours for your boss for free?

There's firmware, then there's firmware and then there's FIRMWARE. Some flash firmware, while reprogramable, cannot be overwritten unless you de-solder the chip from the mainboard itself, attach it to a SPI/I2C interface, then resolder it (if the io pins are on the bottom of the chip). Trust me I know these things. These are referred to as boot loader firmwares that handle the lowest level of system management during initialization.

When reprogramming certain mission critical firmware, the boot loader will do a calculation on the incoming code and then run it through a secret hash algorithm to come of up a obscenely long checksum #. If the uploaded 2nd level firmware doesn't have the proper package checksum #, then the package is rejected. The checksum changes with each firmware as the checksum is based ON the firmware code. Change the code, the checksum changes. So reusing old codes simply do not work. Only when the checksums match that the temp storage firmware be copied to operating firmware area.

TJ Hooker is quite correct. It's already in there.

 

[PiranhaTech]

It was hosted on Github, which did make it seem possibly okay. However, I checked the Github and there wasn't any source code or sources on it.

Github was used mostly as a host for a .zip file download.