Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

The ESP32 "backdoor" that wasn't | Dark Mentor LLC

⁨182⁩ ⁨likes⁩

Submitted ⁨⁨2⁩ ⁨months⁩ ago⁩ by ⁨megaman@discuss.tchncs.de⁩ to ⁨technology@lemmy.world⁩

https://darkmentor.com/blog/esp32_non-backdoor/

source

Comments

Sort:hotnewtop
  • SpaceNoodle@lemmy.world ⁨2⁩ ⁨months⁩ ago

    Finally, some technical details that were sorely lacking from yesterday’s article.

    Anyway, having direct unprivileged R/W access to platform memory is indeed a security hole, no matter the vendor.

    source
    • pelya@lemmy.world ⁨2⁩ ⁨months⁩ ago

      Anyway, having direct unprivileged R/W access to platform memory is indeed a security hole, no matter the vendor.

      It is not. ESP32 is an embedded chip with less than one megabyte of RAM. It cannot run apps or load websites with any malicious code, it only runs the firmware that you flash on it, nothing else, and of course your firmware has full access to every chip feature. If your firmware has a security hole, it’s not the chip’s fault.

      source
      • SpaceNoodle@lemmy.world ⁨2⁩ ⁨months⁩ ago

        Try reading the article next time.

        source
        • -> View More Comments
  • Godort@lemm.ee ⁨2⁩ ⁨months⁩ ago

    I mean, this doesn’t really change anything from a practical perspective. It just highlights that the verbage in the press release was alarmist.

    It’s still a security concern that most users will be unaware of.

    source
    • ozymandias117@lemmy.world ⁨2⁩ ⁨months⁩ ago

      Yes, in the sense that every device you own has these same commands

      The alarmist of the original was that this was somehow unique to the esp32

      If your device has Bluetooth, it has these commands

      source
  • TxzK@lemmy.zip ⁨2⁩ ⁨months⁩ ago

    But but it’s Chinese and Chinese tech bad

    source
  • embed_me@programming.dev ⁨2⁩ ⁨months⁩ ago

    Thanks. I was looking for an explanation like this

    source
  • Darkassassin07@lemmy.ca ⁨2⁩ ⁨months⁩ ago

    Potato, potato…

    Whether we call them ‘undocumented commands’ or a ‘backdoor’, the affect is more or less the same; a series of high-level commands not listed within the specs, preventing systems engineers/designers from planning around vulnerabilities and their potential for malicious use.

    source
    • futatorius@lemm.ee ⁨2⁩ ⁨months⁩ ago

      In that case, every stack that you use is riddled with those and we are all hosed. And yet somehow your computer, your phone and the internet keep on working most of the time.

      source
  • fubarx@lemmy.ml ⁨2⁩ ⁨months⁩ ago

    I tried to offer a gentler backgrounder on this HCI business: lemmy.ml/comment/17160273

    The opcodes that actually jumped out at me more than the undocumented ones were the ones that erases the flash.

    But the conclusion stands. None of this is a ‘backdoor’ unless you can secretly access it from the wireless side and nothing in the presentation points to that. If I had to guess, the opcodes are for QA and tuning on the manufacturing line.

    source