[TriEmbed] esp32 backdoor
Pete Soper
pete at soper.us
Sun Mar 9 12:32:32 CDT 2025
I stand corrected. This will teach Espressif to make their blobs so accessible and transparent. 😅
Pete
Mar 9, 2025 12:48:46 PM jonathan hunsberger <1101010 at gmail.com>:
> Looks like the company did originally call it a backdoor, but have since re-termed as a "hidden feature". That youtube showed a screenshot of this page https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ where the title said backdoor. The addendum at the bottom says "could facilitate supply chain attacks, the concealment of backdoors in the chipset, or the execution of more sophisticated attacks" but i think that guy on YouTube is right - this is going to be a lot of pain for a lot of tech teams of esp32-based products to do damage-control and education with their management and customers.
>
> On Sun, Mar 9, 2025 at 11:30 AM Pete Soper via TriEmbed <triembed at triembed.org> wrote:
>> Presumably this is a debunk. If not I can point to something thorough. TL;DR they mistook an unpublished SPI for a back door, "they being the click jockeys: the actual work never uses the term!
>> Pete
>> _______________________________________________
>> Triangle, NC Embedded Interest Group mailing list
>>
>> To post message: TriEmbed at triembed.org
>> List info: http://mail.triembed.org/mailman/listinfo/triembed_triembed.org
>> TriEmbed web site: https://TriEmbed.org
>> To unsubscribe, click link and send a blank message: mailto:unsubscribe-TriEmbed at bitser.net?subject=unsubscribe
>> Searchable email archive available at https://www.mail-archive.com/triembed@triembed.org/
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.triembed.org/pipermail/triembed_triembed.org/attachments/20250309/01455c1f/attachment-0001.htm>
More information about the TriEmbed
mailing list