This post refutes the claim that researchers found a "backdoor" in ESP32 Bluetooth chips. What the researchers highlight (vendor-specific HCI commands to read & write controller memory) is a common design pattern found in other Bluetooth chips from other vendors as well, such as Broadcom, Cypress, and Texas Instruments. Vendor-specific commands in Bluetooth effectively constitute a "private API", and a company's choice to not publicly document their private API does not constitute a "backdoor".| Dark Mentor LLC
If you’ve been following the news this weekend, you’ll have seen articles about a vulnerability (alleged to be an intentional backdoor) in ESP32 microcontrollers. The news is somewhat overhyped (the attacks probably require physical access) but it provides an opportunity to look at what we did in CHERIoT to eliminate this class of attack by construction.| CHERIoT Platform