Replies (21)

IntuitiveGuy☯️ intuitiveguy@nostrplebs.com 9 months ago

🥲

jb55 _@jb55.com 9 months ago

yikes

Logen logen@btcforplebs.com 9 months ago

Bye bye blockstream Jade

2 replies ↓

npub1j5er...2kek 9 months ago

While things like Bluetooth or USB are typically safe, still better to avoid them. That's why I use my Jade in stateless mode, no BT version of the firmware, and via QR.

2 replies ↓

YODL yodl@nostr.land 9 months ago

In total, they found 29 undocumented commands, collectively characterized as a "backdoor," that could be used for memory manipulation (read/write RAM and Flash), MAC address spoofing (device impersonation), and LMP/LLCP packet injection. Espressif has not publicly documented these commands, so either they weren't meant to be accessible, or they were left in by mistake.

𝕞𝕪𝕡𝕒𝕥𝕙𝕥𝕠𝕗𝕚𝕣𝕖 mypathtofire@iris.to 9 months ago

Blockstream Jade now not safe?

npub1ah3a...l76e 9 months ago

Lol

Rich Nost richnost@nostrplebs.com 9 months ago

Stateless Jade is the wtg if you can't build a SeedSigner

1 replies ↓

Logen logen@btcforplebs.com 9 months ago

True. I forgot about stateless

choss choss@nostrplebs.com 9 months ago

Wild times we livin in

btcmaniak btcmaniak@maximacitadel.org 9 months ago

Eita porra!

semisol

Backdoor found in ESP32 chips that allow arbitrary memory access and more remotely via Bluetooth

BleepingComputer

Undocumented commands found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands th...

View quoted note →

1 replies ↓

j̶a̶r̶e̶d̶ jdncrypt@nostrplebs.com 9 months ago

"The researchers warned that ESP32 is one of the world's most widely used chips for Wi-Fi + Bluetooth connectivity in IoT (Internet of Things) devices, so the risk of any backdoor in them is significant."

semisol

Backdoor found in ESP32 chips that allow arbitrary memory access and more remotely via Bluetooth

BleepingComputer

Undocumented commands found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands th...

View quoted note →

paulo paulo@primal.net 9 months ago

Who else uses that chip?

High Heel King hhking@blitzwalletapp.com 9 months ago

Safest way for sure

CarlSaganBitcoiner carlsaganbitcoiner@plebs.place 9 months ago

Backdoor found in ESP32 chips that allow arbitrary memory access and more remotely via Bluetooth

BleepingComputer

Undocumented commands found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands th...

Aida aida@anarcho.capital 9 months ago

Remember everyone, that the S in IoT stands for Security.

semisol

Backdoor found in ESP32 chips that allow arbitrary memory access and more remotely via Bluetooth

BleepingComputer

Undocumented commands found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands th...

View quoted note →

1 replies ↓

𝐭𝐢𝐠𝐞𝐫 9 months ago

' mistake '

Hazey hazey@iris.to 9 months ago

This has "intelligence" agency written all over it, and given the 2014 WikiLeaks revelations, guaranteed to be supply chain attacked into most consumer products.

1 replies ↓

Aida aida@anarcho.capital 9 months ago

Aida

Remember everyone, that the S in IoT stands for Security. View quoted note →

View quoted note →

Hazey hazey@iris.to 9 months ago

Lolz https://web.archive.org/web/20220126220259/https://www.reddit.com/r/esp32/comments/sdhnrf/is_esp32_open_source_and_free_hadware_i_ask/

Hazey hazey@iris.to 9 months ago

It can be safely assumed that most peoprietary chips have backdoors used by terrorist "intelligence" agencies such as the NSA and CIA, this one just happened to be discovered.

semisol

Backdoor found in ESP32 chips that allow arbitrary memory access and more remotely via Bluetooth

BleepingComputer

Undocumented commands found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands th...

View quoted note →

1 replies ↓