Groups | Search | Server Info | Keyboard shortcuts | Login | Register
| Message-ID | <67ce09c2@news.ausics.net> (permalink) |
|---|---|
| From | not@telling.you.invalid (Computer Nerd Kev) |
| Subject | Re: undocumented backdoor found in ESP32 |
| Newsgroups | comp.misc |
| References | <87ldtf9hmw.fsf@example.com> <vqkcla$q1ta$1@dont-email.me> |
| Date | 2025-03-10 07:36 +1000 |
| Organization | Ausics - https://newsgroups.ausics.net |
John McCue <jmccue@qball.jmcunx.com> wrote: > In comp.misc Salvador Mirzo <smirzo@example.com> wrote: >> Undocumented "backdoor" found in Bluetooth chip used by a billion devices >> Bill Toulas March 8, 2025 11:12 AM >> >> The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif >> and used by over 1 billion units as of 2023 contains an undocumented >> "backdoor" that could be leveraged for attacks. > > Looks like there is more than meets the eye: > > This refutes the claim that researchers found a "backdoor" > https://darkmentor.com/blog/esp32_non-backdoor/ Yes it's an odd definition of backdoor where the attacker must already have full control over the device via the HCI commands which are how bluetooth controllers are controlled by a host system. The "backdoor" is that the host system can give the bluetooth controller some extra debugging commands, but security over the device's behavior has already been lost by the time an attacker is able to send standard HCI commands anyway. Also the "C-based USB Bluetooth driver" by Tarlogic, which sounds like a cross-platform equivalent for what you can do on Linux with Wireshark, is beside the point because they found the undocumented HCI commands by reverse engineering the ESP32 ROM downloaded from GitHub, not by looking at USB communications. That seems to be just an ad for their product. This does demonstrate the case for open-source firmware on such devices as Bluetooth controllers, which would allow these details to be discovered without someone needing an incentive to invest in reverse-engineering the binary ROMs. It's a better ad for open-source firmware than for Tarlogic's USB Bluetooth driver. Except that nobody(?) does open-source Bluetooth controller firmwares to begin with. -- __ __ #_ < |\| |< _#
Back to comp.misc | Previous | Next — Previous in thread | Next in thread | Find similar
undocumented backdoor found in ESP32 Salvador Mirzo <smirzo@example.com> - 2025-03-08 21:23 -0300
Re: undocumented backdoor found in ESP32 John McCue <jmccue@qball.jmcunx.com> - 2025-03-09 15:38 +0000
Re: undocumented backdoor found in ESP32 not@telling.you.invalid (Computer Nerd Kev) - 2025-03-10 07:36 +1000
Re: undocumented backdoor found in ESP32 Salvador Mirzo <smirzo@example.com> - 2025-03-10 03:30 -0300
Re: undocumented backdoor found in ESP32 D <nospam@example.net> - 2025-03-09 22:37 +0100
csiph-web