The ESP32 Bluetooth Backdoor That Wasn’t \ stacker news ~security

Recently there was a panicked scrambling after the announcement by [Tarlogic] of a ‘backdoor’ found in Espressif’s popular ESP32 MCUs. Specifically a backdoor on the Bluetooth side that would give a lot of control over the system to any attacker. As [Xeno Kovah] explains, much about these claims is exaggerated, and calling it a ‘backdoor’ is far beyond the scope of what was actually discovered.

To summarize the original findings, the researchers found a number of vendor-specific commands (VSCs) in the (publicly available) ESP32 ROM that can be sent via the host-controller interface (HCI) between the software and the Bluetooth PHY. They found that these VSCs could do things like writing and reading the firmware in the PHY, as well as send low-level packets.

0 sats \ 0 replies \ @kepford 10 Mar

After a while you get an eye for hype. The posts about this seemed a bit hyper to me and I've been waiting for more info. Thanks.

Also, the term "backdoor" is so abused. It's like the security version of Facism. It gets a lot of attention but at this point those in the know suspect it is being used incredibly inappropriately.