fubarx
@fubarx@lemmy.ml
- Comment on Yall guess who showed up in my dms 3 weeks ago:
Get your filthy mitts off her. That’s my future wife. As soon as my check clears, we’re getting married.
- Comment on The ESP32 "backdoor" that wasn't | Dark Mentor LLC 3 weeks ago:
I tried to offer a gentler backgrounder on this HCI business: lemmy.ml/comment/17160273
The opcodes that actually jumped out at me more than the undocumented ones were the ones that erases the flash.
But the conclusion stands. None of this is a ‘backdoor’ unless you can secretly access it from the wireless side and nothing in the presentation points to that. If I had to guess, the opcodes are for QA and tuning on the manufacturing line.
- Comment on Europe bets on RISC-V for homegrown supercomputing platform 3 weeks ago:
ARM is a UK-based company. If they hadn’t dropped out of EU, it’s possible they would have settled on an ARM-based supercomputer design.
Chalk it up to another WIN for Brexit!
- Comment on Undocumented 'Backdoor' Found In Chinese Bluetooth Chip Used By a Billion Devices. 3 weeks ago:
Pull up a chair and pour yourself a stiff beverage…
TLDR: Don’t Panic.
If you have a regular old processor (MCU) and want to give it wireless capability, you can buy a wireless chip and stick it next to the processor, then have the MCU talk to it through a wired connection (typically UART or SPI). Think of it as the old ATDT commands that had your PC control your old screeching modems.
To standardize this communication protocol, folks came up with the Host Controller Interface (HCI) so you didn’t have to reinvent that protocol for every new chip. This was handy for people on the MCU side, since they could write firmware that worked with any wireless chip out there, and could swap out for a cheaper/faster one with minimal change.
Fast forward to the era of integrated MCU+wireless, where you had a little ARM or other lightweight processor plus a little radio, and the processor could run programs in a high-level API that abstracted out the low level wireless stuff. Plus, you could use the same radio for multiple wireless protocols, like BLE, wifi, ANT, etc. Nordic and TI were early adopters of this method.
Typically, it was the vendor’s own processor talking to their own wireless module, but they still implemented the full HCI interface and let it be accessed externally. Why? So if your design needed an extra beefy processor and used the MCU+wireless chip as a simple communication module, this would still work. The teeny MCU could be used to run something extra in parallel, or it could just sit idle. A typical example could be a laptop or cell phone. The little MCU is too small for everything else, so you pair it with a big chip and the big chip drives the little chip through HCI.
Sure, it would be cheaper if you just went with a basic ‘dumb’ wireless chip, as folks from CSR, Broadcom, and Dialog kept pointing out. But the market demanded integrated chips so we could have $10 activity trackers, fancy overpriced lightbulbs, and Twerking Santas (www.amazon.com/twerking-santa-claus/s?k=twerking+…).
For integrated MCU+wireless chips, most vendors didn’t release the super low-level firmware that ran between them. There was no need. It was internal plumbing. They exposed SDKs so you could control the wireless chip, or high-level Bluetooth/wifi APIs so you could connect and talk to the outside world in a few lines of code. These SDKs were unique to each vendor (like Nordic’s nRF Connect library, or TI’s SimpleLink SDK).
Then along came Espressif out of Shanghai, China with a combo chip (ESP8266) that offered processor + wifi and was so cheap and easy to program that it took the hobbyist market by storm. Oh, god… so many LED light strips, perfect for Christmas and blinky EDM lightup outfits (hello, Adafruit: www.adafruit.com/category/65).
Fast forward and Espressif drops the ESP32. A bigger, faster Tensilica Xtensa processor, with built-in flash storage, plus wifi, Bluetooth, and BLE in one place. Plus lots of peripherals, busses, and IO pins. Also, running FreeRTOS and eventually Arduino SDKs, and MicroPython. All for less than $5! It took off like a rocket. So many products. Plus, you could run them as little webservers. Who doesn’l love a little webserver in their pocket?
It’s gone through a few variations, including swapping out the Tensilica with an open-source RISC-V MCU, but otherwise it’s a massive seller and the gateway drug for most IoT/Smarthome nerds.
So along come these Tarlogic researchers, looking to build a direct USB to bluetooth library. This way, you can drive the wireless from, say Linux, directly. There are already BLE to USB stacks, but this one is giving access at the HCI level, in a C library. Handy if you’re doing research or developing drivers, but not the sort of thing your typical DIY pereon needs.
As part of their process, the researchers decide to dump the really low level ESP32 firmware and reverse engineer it.
A typical HCI implementation is a giant event loop that handles HCI opcodes and parameters. Host wants to talk to the outside world, it sets up some registers, configures the unique MAC address, then opens a channel and starts sending/receiving (hopefully without the modem screeching tones). There are typical packet encoders and decoders, multiple ISO/TCP layers, and the sort of thing that most people assume somebody else has gotten right.
For fancier implementations, there may be interrupt or DMA support. Sometimes, there’s a multi-tasking part under the hood so they can time-slice between wifi, bluetooth, and ble (aka Fusion or Coexistence support). Not that you should care. The internals of this stuff is usually nobody’s business and the vendors just include a binary blob as part of their SDK that handles things. The host systems just talk HCI. The wireless side talks HCI on the wired side, and wireless on the radio side. Everyone’s happy.
In the process of reverse engineering the low-level HCI blob, these researchers found a few extra undocumented HCI opcodes. They’re not sure what they’re for, but according to their presentation (documentcloud.org/…/25554812-2025-rootedcon-bluet…) if my super rusty Spanish holds up, it has to do with setting MAC addresses and handling low-level Link-Level Control Protocol communications (www.ellisys.com/technology/een_bt10.pdf).
Now in an of itself, this is no big deal. ESP32s already let you easily set your own temporary MAC address (randomnerdtutorials.com/get-change-esp32-esp8266-…), so there has to be a way to override the manufacturer one. And LLCP management is a totally geeky low-level thing that the MCU needs when handling wireless packets. There are perfectly good reasons why the opcodes would be there and why Espressif may not have documented them (for example, they could be used only during manufacturing QA).
So the original presentation is a teeny bit of an exaggeration. Yes, the opcodes exists. But are they nefarious? Should we stick all our ESP32s inside Faraday cages? Is this a secret plan for the CCP to remotely control our lights and plunge the world into chaos?
As I said before, ONLY if there’s a secret as-yet-undiscovered wireless handshake that gives remote wireless access to these (or really, pretty much any other published HCI opcode). That presentation most definitely doesn’t claim that.
To see if there is a REAL backdoor, you should wait for an analysis from fine professional wireless debugging vendors like Ellisys (starting models run $30K and up), Frontline, or Spanalytics.
Incidentally, Tarlogic, the group that put out that paper have their own BLE analyzer product (www.tarlogic.com/es/…/analizador-bluetooth-le/). They look to know their stuff, so they should know better than putting out clickbait-y hair-on-fire reports. But come on, who can resist a good CCP/backdoor headline? Will media run with this and blow it out of proportion? No way!
If you’ve read this far, you must safely be on your third drink or the edible’s just kicked in. Stop panicking, and wait until the pro sniffer and Bluetooth forum people give their opinions.
If it turns out there is an actual WIRELESS backdoor, then by all means, feel free to panic and toss out all your Smarthome plugs. Go ahead and revert to getting up and flicking on your light switch like a peasant. Have a sad, twerk-free Christmas.
But over a few undocumented HCI opcodes? Have another drink and relax.
Happy Sunday.
PS: controversy already up on wikipedia: en.m.wikipedia.org/wiki/ESP32
PPS: you may want to stock up on ESP32s for your light-up Christmas light project. Don’t be surprised if Espressif doesn’t get smacked with some hard tariffs or an outright ban, based on these ragebait headlines 🤷🏻♂️
- Comment on Undocumented 'Backdoor' Found In Chinese Bluetooth Chip Used By a Billion Devices. 3 weeks ago:
This sounds like there are some undocumented opcodes on the HCI side – the Host Computer Interface – not the wireless side. By itself, it’s not that big a deal. If someone can prove that there’s some sort of custom BLE packet that gives access to those HCI opcodes wirelessly, I’d be REALLY concerned.
But if it’s just on the host side, you can only get to it if you’ve cracked the box and have access to the wiring. If someone has that kind of access, they’re likely to be able to flash their own firmware and take over the whole device anyway.
Not sure this disclosure increases the risk any. I wouldn’t start panicking.
- Comment on Get Into Meshtastic On The Cheap With This Tiny Node Kit 3 weeks ago:
I live in an earthquake zone and have been taking CERT emergency training courses. Have been looking at these as part of a neighborhood emergency network.
Turns out SeedStudio sells these with a base that comes with a display and a bunch of grove connectors, as well as a cheap GPS module. Will have to think a bit more on what else may be needed (keyboard, display, battery, vibration, or other environmental sensors?)
It may be possible to build one of these for < $50USD and hopefully cheaper, then have each emergency sector in the city keep one as part of their emergency cache. Would be useful if cell networks and power go out.
- Comment on Downtown Doug Brown » The gooey rubber that’s slowly ruining old hard drives 4 weeks ago:
All that CGA-quality porn, gone like dust in the wind.
- Comment on Are there any non capitalistic technology companies still around? 4 weeks ago:
Traditionally, there have been a few classes of companies in the U.S: C Corp, S Corp, LLC (Limited Liability Company) aka partnerships, and Closed. Most companies in the U.S. are organized as one of these, with their responsibility toward shareholders, who want to see their money grow.
If you wanted to work for a company that didn’t necessarily have infinite growth as its mission, the only option was to find a Non-Profit, but they may not have the kind of funding to spend on legal visas.
In the last few years, two other types of companies have emerged. They’re similar, but legally different: B-corp (…m.wikipedia.org/…/B_Corporation_(certification)), and PBC or Public Benefit Corporation (en.m.wikipedia.org/wiki/Benefit_corporation).
These can be for-profit, but have to have a stated mission in their charter to provide a benefit of some sort to the public.
The links above point at some examples, but you may want to do your own research. Those companies may have the resources to pick up your visa, and may better align with the values you’re looking for.
Ideally, and when able, your best bet would be to start your own business and set it up just the way you want.
- Comment on Investors in farm equipment maker Deere reject anti-DEI resolution 4 weeks ago:
Many companies (including tech) started DEI policies in order to broaden their pool of candidates and make internal promotions more merit-based. The stated goal was to attract better candidates and make their services and products more in line with their customers. Made sense.
A few years later, many are capitulating to political pressures to drop those programs.
Thing is, the original problem still stands and these shareholders (who presumably mostly care about their investment) know this. That’s why they’re voting down these proposals. They could call Costco and Apple West Coast liberals, but not Deere. It’s just smart business.
- Comment on Exclusive: Microsoft is finally shutting down Skype in May 5 weeks ago:
Remember to break this news gently to your elderly parents.
- Comment on Swimming pool, blind dog 5 weeks ago:
I once saw pool fencing where the base was weighed down with water or sand, like those ‘children playing’ signs. Easy to move out of the way when not needed.
- Comment on Scientists move to Bluesky, transitioning away from X and Meta platforms 5 weeks ago:
Just to be clear… I’m a massive Fediverse fan, and have concerns about BSKY’s governance. But many communities streaming off Twitter seem to be heading toward BSKY because it’s a shallower on-ramp.
Mastodon people recognize this and are working to smooth down the friction points.
- Comment on Scientists move to Bluesky, transitioning away from X and Meta platforms 5 weeks ago:
What happens when their server expenses aren’t covered, or bad people move in and every message has to be moderated, or the site moderators ban you?
And getting a whole community moved over… oof.
I moved a private mailing list to a WhatsApp group, then they changed their privacy policies. It took two years to convince people on to Signal, and 2/3 of the people didn’t make the jump. And this was with a small group of people who knew each other IRL. Imagi e doing that for tens or hundreds of thousands worldwide.
This is why people are hesitant to get off Meta/Twitter. They’re not going to do it again.
- Comment on Scientists move to Bluesky, transitioning away from X and Meta platforms 5 weeks ago:
Your email server doesn’t also run the group email list and all the join/drop/approve/ban operations. And if you bring your own email domain name, you can go somewhere else and get no disruption. But if you sign up for me@hotmail.com and hotmail bans you, you’ll lose all your connections and conversation history.
The canonical list of operations on a social media platform far exceed that of an email service, a bulletin board, or a messaging service group. It’s apples and rocket ships.
Bluesky is offering simple one-stop answers to a lot of these concerns. Fediverse needs to answer all these, plus address the whole long-term financial sustainability question.
- Comment on Scientists move to Bluesky, transitioning away from X and Meta platforms 5 weeks ago:
The Fediverse experience starts with an unanswerable question: what server do you want to be on?
Most people will not have any way to answer that without knowing what the downstream impact will be. Mastodon people are working on smoothing that down, but it’s still a pretty fraught question. And if half a given community ends up on one server and half on another, they get fragmented and conversations and followers fizzle out.
Bluesky wants to tell people they’re not a single-node lock-in to avoid the Twitter effect, but it turns out that’s their key advantage.
The only thing that will guarantee they don’t end up like Twitter is if they revamp their corporate governance mechanisms, but they had to take VC money and haven’t come up with a long-term revenue model, so it’s not clear how they can avoid it.
- Comment on Egg prices at Costco be like... 5 weeks ago:
They said to get there early. Twice now, was there at opening. Lots of eggs, reasonably priced. This time, there was a limit on number per customer.
- Comment on How would he have 6 limbs otherwise? 5 weeks ago:
- Comment on Japan's births likely to fall under 700,000 for 1st time in 2024 4 months ago:
And they STILL won’t let immigrants get full citizanship rights. Guess the birth-rate hasn’t gone low enough.
- Comment on your mom falls significantly faster than g 4 months ago:
Please stop by the office and pick up your combo Nobel Prize in Physics and Chemistry.
- Comment on your mom falls significantly faster than g 4 months ago:
Because light-blue weighs less than blue.
- Comment on your mom falls significantly faster than g 4 months ago:
Depends on the color of the feather and the ball.
There’s a simple explanation.
- Comment on Singapore Approves 2,600-Mile Undersea Cable to Import Solar Energy from Australia 5 months ago:
The most reliable system (against natural causes, political, and financial strife, as well as future-proofing) would be local microgeneration.
This sounds like a huge boondoggle.
- Comment on Hyundai secures largest clean energy supply in Korea, enough to charge over 7 million EVs 5 months ago:
So… Hyundai Automotive signed a deal with Hyundai Electric to supply them with electricity.
🤔
- Comment on ChatGPT has literally devolved into "let me google that for you" 5 months ago:
It’s worked better for me when I throw complex tech questions at it, instead of wading through mountains of StackOverflow and Reddit 10-yo bilge.
You can’t trust 2/3 of what ChatGPT generates or returns, and still have to know what you’re doing. But it’s a lot easier than clicking on 100 search results and finding 99 of them irrelevant.
- Comment on Elon Musk Fans Are Losing So Much Money to Crypto Scams 5 months ago:
This is pretty sad.
I have a number of elderly relatives. The one thing I keep telling them is if they ever get approached, to contact their kids, or check with another family member before responding. So far, there haven’t been any problems.
But I heard an in-law’s parents in a different state lost a big chunk of money to one of these scams and may now lose their home.
- Comment on Some (Slightly Biased) Thoughts On The State Of Decentralized Social Media - TechDirt 5 months ago:
Totally agree.
Builders care about the nuts and bolts of a building. Most people just care about whether they can get a decent hot shower, how cold it gets inside at night, or whether the smoke alarm goes off every time they fry onions.
The killer feature of decentralization, I suspect, does not lie in a singular interaction with a user, but (as Mike notes) in harnessing the power of the distributed group to do something amazing.
- Comment on So Long WordPress. 5 months ago:
Not a WP dev. Just a (techie) user.
This whole thing seems so unnecessary. FOSS devs would love to get a fraction of the goodwill being squandered here.
- Comment on Why don't we just gather up all the ocean's trash and all the nonrecyclables, put them in a rocket, and launch it into the sun? 5 months ago:
And the one time the rocket goes kablooey on its way up, everyone down the flight path will get a shower of used hypodermic needles, disposable vapes, and old appliances.
- Comment on San Francisco to pay $212 million to end reliance on 5.25-inch floppy disks 5 months ago:
All the deserved ribbing aside, if you had to design a removable, R/W, high-capacity, environmentally tolerant, secure, fault-tolerant, mission critical storage system that could last 25 years, starting NOW…
What would you pick?
That’s a tough one, even if you design future hardware upgrades into the system.
- Comment on Inside the U.S. Government-Bought Tool That Can Track Phones at Abortion Clinics 5 months ago:
Apple and Google can fix the problem. Apps are required to ask for permission to access location information. Most of the time, it’s for tracking and analytics, not anything related to the app’s functionality. That’s the data that is leaking to these data brokers.
In those cases, if asked, user can say no, but apps keep haranguing you until you capitulate.
Instead, the OS could add a button that says: “Yes, but randomize.” After that, location data is returned as normal, but from totally random locations nearby. They could even spoof the data clustering algorithms and just pick some rando location and keep showing returns to them, or just trade the data from one random phone for another every N days.
You do this enough and the data will become polluted enough to become useless.