Source Link Privacy.

Privacy test result

https://themarkup.org/blacklight?url=https%3A%2F%2Fwww.tarlogic.com%2Fnews%2Fbackdoor-esp32-chip-infect-ot-devices%2F&device=mobile&location=us-ca&force=false

Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices. Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls.

Update: The ESP32 “backdoor” that wasn’t.

  • mechoman444English
    2521 hours ago

    The Chinese adding back doors into their software/hardware.

    Say it ain’t so!

    • DekkiaEnglish
      712 hours ago

      It ain’t so.

      To use the “backdoor” an attacker needs to have full access to the esp32 powered device already.

      It’s like claiming that being able to leave your desk without locking your PC is a backdoor in your OS.

      • @[email protected]English
        28 hours ago

        Yes, this is about undocumented instructions found in the silicon but they are not executable unless the ESP32’s firmware uses them. Firmware cannot be edited to use them unless you have an existing vulnerability such as physical access or insecure OTA in existing firmware (as far as researchers know).

        It is good to question the “backdoor” allegations - maybe the instructions’ microcode was buggy and they didn’t want to release it.

    • NaibofTabrEnglish
      2220 hours ago

      Say it ain’t so
      Your bug is a heartbleeder
      Say it ain’t so
      My NIC is a bytetaker

    • Match!!English
      920 hours ago

      tech backdoors are only okay when us good guys require em

      • @YarHarSuperstarEnglish
        313 hours ago

        How about all tech backdoors are bad and we should aim to use and make software and hardware that is ethically produced and usable without selling out your privacy and security?

      • sunzu2
        1220 hours ago

        China ain’t our friend but neither is our own regime, I don’t get the normies only caring about privacy and security when chinaman do the thing

        Then they tuck their dicks because they got nothing to hide when domestic spook is doing the same

        pathetic and intellectually disingenuous

      • @A_Random_IdiotEnglish
        820 hours ago

        Where did anyone say anything remotely like that?

      • @FartEnglish
        719 hours ago

        Thats hot.