They found debugging commands that can be used to access the memory of the device over USB. This is as much a backdoor as any device that runs unsigned firmware
Unless you store secret files on your Bluetooth dongle, you shouldn’t have to worry about this.
It’s not even over USB by default. It’s an internal binary driver API. The USB part is a custom firmware for the ESP that exposes that api via USB that the people giving the talk wrote because it’s useful for pentesting / development of exploits for other Bluetooth devices.
TLDR:
They found debugging commands that can be used to access the memory of the device over USB. This is as much a backdoor as any device that runs unsigned firmware
Unless you store secret files on your Bluetooth dongle, you shouldn’t have to worry about this.
It’s not even over USB by default. It’s an internal binary driver API. The USB part is a custom firmware for the ESP that exposes that api via USB that the people giving the talk wrote because it’s useful for pentesting / development of exploits for other Bluetooth devices.
Thanks for the clarification because that headline sure is worrisome.