15·
11 days agoTarlogic has detected that ESP32 chips, which allow connectivity via WiFi or Bluetooth, have hidden commands not documented by the manufacturer. These commands would allow modifying the chips arbitrarily to unlock additional functionalities, infecting these chips with malicious code, and even carrying out attacks of identity theft of devices.
It’s not a backdoor, it’s a jailbreak. Sounds like they left the debug functionality enabled but just undocumented.
Edit: They’re undocumented HCI commands, that’s the protocol the host (aka CPU) uses to talk to the chip, not a remote device.
Surprised me to see replies defending it.