nixCraft 🐧Mar 8, 2025
Undocumented backdoor found in Bluetooth chip used by a billion devices https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/
Undocumented "backdoor" found in Bluetooth chip used by a billion devices

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.

BleepingComputer
Show threadSpaceLifeFormMar 8, 2025

@nixCraft

This is why I avoid Bluetooth in general. I do not trust it, so I never use it on a phone.

Show thread@infosec_jcp 🐈🃏 done differently

@SpaceLifeForm @nixCraft

The usbC->1/8" & AppleLightning->1/8" replacement dongle is useful as 1/8" wired connections _do_ eventually wear out. Good that it's on the dongle that's replaceable and not on the phone, right? ^_^

Mar 8, 2025 at 8:44pmWeb
Show threadSpaceLifeFormMar 8, 2025

@infosec_jcp @nixCraft

Sure, If you trust the dongle.

What is the intel inside?

Show thread@infosec_jcp 🐈🃏 done differentlyMar 8, 2025

@SpaceLifeForm @nixCraft

Good point! 💯

You would have to disect the dongle and find out per manufacturer to be sure.

I did this on a ton of gear I was studying from that eX-Googler run cite, Wish☣️DontShopThere☣️, during the pandemic.

All the sw is #malware on IOS, Android, Windows & MacOS, shockingly, not surprisingly.

All the HW for hard drives and such had some burned in malware either in a chip that was an eprom and/or the usb3 advertisement for a hard drive, upon inspection, was just some usb2 not usb3 even thumb drives in a case, basically, with Windows malware preinstalled. It was a fun investigation though. I found I could just browse the web site & get a link to d/l the sw without having to buy anything, also! 😅

#infosec

Show threadSpaceLifeFormMar 8, 2025

@infosec_jcp @nixCraft

This is what I call it:

#SiliconTurtles