Recent searches
Search options
There is an article going around that ESP32 chips have a backdoor. It's an undocumented software API. If you are writing code for the ESP32, you can run more commands. It doesn't allow anyone from the outside to just access what's going on in the chip. The use of the word "backdoor" was clickbait 
The talk where the researchers presented their findings is about undocumented commands found in the ESP32.
Nothing about the talk says that they found anything about backdoors, or any malicious commands.
https://reg.rootedcon.com/cfp/schedule/talk/5
They don't claim that there is a backdoor, they use many conditionals such as "would" and "could", and they say "maybe" but they didn't demonstrate any exploits.
They've shown that they found interesting undocumented functionality, and they are extrapolating that it could possibly be used somehow, but they don't really know if it's possible or not.
Then they make sure to promote their own security product to protect you. How nice of them.
There's too many time-wasters with very specific ideologies creating chaos and confusion out there, it's good to identify them.
@balloob agreed in principle. However, the fact that the chips are used as a base and this was not documented means we are very likely to see supply chain vulnerabilities.
@balloob Thank you for the heads up. This is still a very interesting development for makers and hackers.
@balloob That's what I was thinking too. Seems maybe I'm not nuts after all.
@balloob
Oh good to hear. I was literally just looking for you and the HA account on fedi yo make sure you knew of this. 