Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.misc > #26854

Re: undocumented backdoor found in ESP32

Show key headers only | View raw

[Multipart message — attachments visible in raw view] - view raw

On Sun, 9 Mar 2025, John McCue wrote:

> In comp.misc Salvador Mirzo <smirzo@example.com> wrote:
>> Undocumented "backdoor" found in Bluetooth chip used by a billion devices
>> Bill Toulas March 8, 2025 11:12 AM
>>
>> The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif
>> and used by over 1 billion units as of 2023 contains an undocumented
>> "backdoor" that could be leveraged for attacks.
>
> Looks like there is more than meets the eye:
>
> This refutes the claim that researchers found a "backdoor"
> https://darkmentor.com/blog/esp32_non-backdoor/
>
> <snip>
>
> YMMV

From the site:

'Vendor-specific commands in Bluetooth effectively constitute a “private 
API”, and a company’s choice to not publicly document their private API 
does not constitute a “backdoor”.'

Strange argument.

If I buy a system, with an undocumented API that let's other people into 
my system, without me wanting this, I would consider it a backdoor.

Back to comp.misc | Previous | Next — Previous in thread | Find similar

Thread

undocumented backdoor found in ESP32 Salvador Mirzo <smirzo@example.com> - 2025-03-08 21:23 -0300
  Re: undocumented backdoor found in ESP32 John McCue <jmccue@qball.jmcunx.com> - 2025-03-09 15:38 +0000
    Re: undocumented backdoor found in ESP32 not@telling.you.invalid (Computer Nerd Kev) - 2025-03-10 07:36 +1000
      Re: undocumented backdoor found in ESP32 Salvador Mirzo <smirzo@example.com> - 2025-03-10 03:30 -0300
    Re: undocumented backdoor found in ESP32 D <nospam@example.net> - 2025-03-09 22:37 +0100

csiph-web