This post refutes the claim that researchers found a "backdoor" in ESP32 Bluetooth chips. What the researchers highlight (vendor-specific HCI commands to read & write controller memory) is a common design pattern found in other Bluetooth chips from other vendors as well, such as Broadcom, Cypress, and Texas Instruments. Vendor-specific commands in Bluetooth effectively constitute a "private API", and a company's choice to not publicly document their private API does not constitute a "backdoor".
  • Darkassassin07@lemmy.caEnglish
    0·
    11 days ago

    Potato, potato…

    Whether we call them ‘undocumented commands’ or a ‘backdoor’, the affect is more or less the same; a series of high-level commands not listed within the specs, preventing systems engineers/designers from planning around vulnerabilities and their potential for malicious use.

    • ShadowRam@fedia.io
      0·
      11 days ago

      The dude that wrote this blog is a goof…

      defines backdoor as “relating to something that is done secretly

      effectively constitute a “private API”, and a company’s choice to not publicly document their private API

      Idiot thinks these are two different things…

      Are they are trying to argue that malicious intent is needed to define it as a back door?

      Moron…

      • FanBlade@lemmynsfw.comEnglish
        1·
        11 days ago

        You’re very smart. I didn’t realize that until you called someone a goof, idiot and moron, but now it’s very clear that you have far superior intelligence.