Skip Navigation

azdle

@ azdle @news.idlestate.org

Posts
17
Comments
69
Joined
3 yr. ago

  • Undocumented "backdoor" found in Bluetooth chip used by a billion devices [ESP32]

    Jump

  • I don't think is is a backdoor. At the moment I wouldn't consider this article any more than FUD.

    It's unclear to me if the security company has actually said what the vuln is or not, but if it's what was presented in the slides linked in the article this is at worst something that can be "attacked" from a computer connected via USB (and I'm pretty sure it would also require special software already on the ESP32), where the attack is sending out possibly invalid bluetooth messages to try to attack other devices or flashing new firmware to the ESP itself. It's not a general "backdoor" in the ESP32 itself. At least that's the best interpretation I've been able to make. Happy to be corrected if anyone finds more info.

  • Undocumented "backdoor" found in Bluetooth chip used by a billion devices

    Jump

  • I mean, if it were a backdoor, the one thing you can be sure of is that the people who put it there wouldn't be calling it a backdoor, ever.

    Though, I think it's worth pointing out that the while the security company's blog calls whatever it is a "backdoor", "backdoor" (nor "puerta" (though, I have no idea if that would be translated literally or to something else)) doesn't appear in the the slides. So I'm going to lay that one at the marketing people trying to drum it up into something more impressive than it really is.

  • Undocumented "backdoor" found in Bluetooth chip used by a billion devices

    Jump

  • Huh, that is interesting. Though, that post doesn't seem to have any info about what the backdoor is either.

    Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices. [...] This discovery is part of the ongoing research carried out by the Innovation Department of Tarlogic on the Bluetooth standard. Thus, the company has also presented at RootedCON, the world’s largest Spanish-language cybersecurity conference, BluetoothUSB, a free tool that enables the development of tests for Bluetooth security audits regardless of the operating system of the devices. [Emphasis mine.]

    Maybe the presentation has nothing to do with the actual backdoor?

    Though, this part later might seem to imply they are related:

    In the course of the investigation, a backdoor was discovered in the ESP32 chip, [...] Tarlogic has detected that ESP32 chips [...] have hidden commands not documented by the manufacturer. These commands would allow modifying the chips arbitrarily to unlock additional functionalities, [...].

    Which, best I can work out, seems to be talking about the information on slide titled "COMANDOS OCULTOS" (page 39 / "41").

    If the "backdoor" is the couple of commands in red on that slide, I maintain what I said above. If it's not talking about that and there's another "backdoor" that they haven't described yet, well, then ¯(ツ)_/¯ we'll see what it is when they actually announce it.

    I fully acknowledge there may be something I'm missing. If there's a real vuln/backdoor here, I'm sure we'll hear more about it.

  • Undocumented "backdoor" found in Bluetooth chip used by a billion devices

    Jump

  • What is this article on about?

    Here's the actual presentation: https://www.documentcloud.org/documents/25554812-2025-rootedcon-bluetoothtools/

    I don't speak Spanish and only have the slides to go off of, but this doesn't sound like a "backdoor". This sounds like they found the commands for regulatory testing. To do emissions testing you need to be able to make the device transmit on command so that your testing house can verify you're within legal limits on everything.

    These are commands that can be given over USB. You know what else you can do over USB? Fucking anything, these chips have a JTAG USB device. (Now, if these are commands that can't be turned off, that would be kinda bad, I guess? But still not really a super big problem. And I don't see anything that implies that in the slides.)

    [Edit: It's not even that this is a "backdoor" in an internal peripheral interface. I think the "backdoor" is if you have software that exposes that interface somehow? Like you're running an example that blindly copies stuff from an external UART to this interface? Like I think that's it?]

    The tone I get from the slides is more "hey we found this cool tool for doing Bluetooth stuff that doesn't require writing embedded software". Which, cool. But that's sure not the point this article is trying to make.

  • What are some possible enjoyable morning activities to remedy the delayed circadian rhythm?

    Jump

  • Mine for a while has been playing Fall Guys. It's a game that's somewhat challenging to do well at, but there's no stakes, and it's a brightly colored game that's good ad giving you a quick "dopamine" hit without sucking you in. It also lets me look at lemmy a bit between rounds, but makes sure I don't get stuck here, forcing me to put it down when the next round starts.

  • Asahi Linux Lead Developer Hector Martin Steps Down As Upstream Apple Silicon Maintainer

    Jump

  • There is currently a bill in the NY State Assembly to require background checks for the purchase of 3D printers

    Jump
    1. FOR PURPOSES OF THIS SECTION, "THREE-DIMENSIONAL PRINTER" MEANS A COMPUTER OR COMPUTER-DRIVEN MACHINE OR DEVICE CAPABLE OF PRODUCING A THREE-DIMENSIONAL OBJECT FROM A DIGITAL MODEL

    Well, that's a broad definition. I guess to whomever wrote that, a CNC mill is also a 3d printer.

  • Bathroom scale options?

    Jump

  • What do you create?

    Jump

  • Nothing near that impressive. I don't make the fancy sand, I just move electrons around with fancy sand that someone else made, aka programming.

  • What do you create?

    Jump

  • Nah, there's no real meaning to my username. It's just some random letters that are vaguely pronounceable.

  • What do you create?

    Jump

  • Yeah, this one. I just meant programming.

  • What do you create?

    Jump

  • I organize electrons in ways that make fancy sand organize more electrons.

  • Any recommendations for a low-cost, low-hassle printer?

    Jump

  • I'd personally look for a used Prusa i3 MK3[S[+]]. Part of that is personal bias, it's what I still print with (specifically the MK3S variant, I haven't bothered to upgrade it to +), but in all the years I've had it it's been an absolute workhorse and has very much thrived on the copious amount of neglect I've given it. The only things I've ever done to it are install firmware updates and occasionally smear some grease on the smooth rods with a finger. Still, every time I print with it, it just works.

    Prusa just announced a new printer so there might be a little wave of them being put up for sale.

    Edit: You mentioned that you want to print ASA, which AFAIK requires an enclosure. The MK3 is annoying to put in an enclosure because you have to move the power supply outside the enclosure. Though the printer that Prusa just announced is enclosed and is < $1000 (just) if that puts it in the "low-cost" category for you. https://www.prusa3d.com/product/prusa-core-one-kit-2/

  • Store making me feel like an outcast because of privacy concerns

    Jump

  • I asked nicely why do I need to give my phone number and I was told that to register me as a member so I can get the discount.

    I declined and said I don’t want to join and would like to just pay.

    I've just said "I don't have one" when asked this for awhile. This never seems the phase the cashiers, I'm guessing they know what that really means. Half the time I still get whatever discount, though I've never tried to sign up for a membership saying that.

    If it's an online form my phone number is just (local area code)555–5555. I've never had that not take, except for one case where it automatically enabled 2-factor auth and I had to create a new account.

  • Removed

    What is this community's view on self-medicating?

    Jump

  • [Question] When using the WiFi at a couple of nearby hospitals, I can't connect to my self hosted stuff.

    Jump

  • They may block IP addresses associated with consumer ISPs. Assuming that's the case, I would guess you're seeing that as an HSTS/TLS error because their network is trying to trick your browser into redirecting to/displaying an error page hosted by some part of their network.

  • Firefox added ad tracking and has already turned it on without asking you

    Jump

  • [edit: To be clear, I assume the part that OP is not sure if it's satire or not is "or switching to a more privacy-conscious browser such as Google Chrome."] The emphasis in

    Firefox is worse than Chrome

    is in the original. To me that clearly implies that they are of the opinion that in general Google & Chrome are worse on privacy than Mozilla & Firefox. The comment at the end is just tongue in cheek snark alluding to the fact that in this particular case google did better for privacy in Chrome than Mozilla in Firefox.

    or switching to a more privacy-conscious browser such as Google Chrome.

  • Firefox added ad tracking and has already turned it on without asking you

    Jump

  • Definitely satire, the context from earlier:

    1. Firefox is worse than Chrome in their implementation of ad snitching, because Chrome enables it only after user consent.

  • How programmers comment their code

    Jump

  • Unless you're working with people who are too smart, then sometimes the code only explains the how. Why did the log processor have thousands of lines about Hilbert Curves? I never could figure it out even after talking with the person that wrote it.

  • It's called attaining divinity

    Jump

  • C was originally created as a "high-level" language, being more abstract (aka high-level) than the other languages at the time. But now it's basically considered very slightly more abstract than machine code when compared to the much higher level high-level languages we have today.