Post ArvTJsC4lUbhzZrZQ0 by not2b@sfba.social
(DIR) More posts by not2b@sfba.social
(DIR) Post #AruqqtGxsWLUgLu2Ay by hackaday@hackaday.social
2025-03-10T15:34:55Z
0 likes, 1 repeats
The ESP32 Bluetooth Backdoor That Wasn’thttps://hackaday.com/2025/03/10/the-esp32-bluetooth-backdoor-that-wasnt/
(DIR) Post #Arus7vp5kV8dT9YTey by futurebird@sauropods.win
2025-03-10T15:54:24Z
0 likes, 1 repeats
@hackaday This news really shocked me but with this context it makes a lot more sense. I was surprised that there could be a “backdoor” in such a well known chip. But I imagined that “backdoor” would mean I could make a device to wirelessly take over every set of speakers, earbuds and lightbulbs in range and maybe also steal their passwords or something too— but this is more like if you let me physically plug in I can mess with you using information that isn’t well known right?
(DIR) Post #ArusLvZrSWholH6ZQe by 0xF21D@infosec.exchange
2025-03-10T15:56:54Z
0 likes, 0 repeats
@futurebird @hackaday I think it goes right back to firmware security in IoT. Is the device using hte ESP32 itself secure? Does it have the ability to reprogram the ESP32?
(DIR) Post #Aruv4fS8SMrZgvx7sO by jeffrizzo@sfba.social
2025-03-10T16:27:23Z
0 likes, 0 repeats
@futurebird @hackaday As someone who participated in spreading the FUD around this on Saturday, it's a good reminder that a "good story" will travel much faster than the actual truth - and it's important to spread corrections once they're known.
(DIR) Post #ArvQmH9lFRzxesdFku by hackaday@hackaday.social
2025-03-10T22:22:35Z
0 likes, 0 repeats
@futurebird It's not yet borne out that the ESP32 is trivial to wirelessly compromise, at this stage
(DIR) Post #ArvTJsC4lUbhzZrZQ0 by not2b@sfba.social
2025-03-10T22:51:07Z
0 likes, 0 repeats
@futurebird @hackaday It appears to be a testing interface that should have been removed, not an intentional back door (which would have been hidden much better). Not sure if it is exploitable.